Windows Analysis Report
5BL9UfLKF4.exe

Overview

General Information

Sample name:	5BL9UfLKF4.exe (renamed file extension from none to exe, renamed because original name is a hash value)
Original sample name:	80bd6fa12fe9aacd8d3b4f1c93564874ba67a0bb3093cedf100decb6279173d0
Analysis ID:	1541140
MD5:	68b4368ad5d5125699f132bd7332ad5e
SHA1:	d88a3c0285199eb07354697cc7345df3feec4965
SHA256:	80bd6fa12fe9aacd8d3b4f1c93564874ba67a0bb3093cedf100decb6279173d0
Infos:

Detection

Score:	5
Range:	0 - 100
Whitelisted:	false
Confidence:	40%

Signatures

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)

Contains functionality to dynamically determine API calls

Contains functionality to query locales information (e.g. system language)

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Detected potential crypto function

Extensive use of GetProcAddress (often used to hide API calls)

Found large amount of non-executed APIs

Found potential string decryption / allocating functions

PE file contains sections with non-standard names

Tries to resolve domain names, but no domain seems valid (expired dropper behavior)

Classification

Signatures

Tries to resolve domain names, but no domain seems valid (expired dropper behavior)

Source: unknown

DNS traffic detected: query: test.local replaycode: Name error (3)

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_00000001400E96E0 WSASetLastError,recv,

0_2_00000001400E96E0

Source: global traffic

DNS traffic detected: DNS query: test.local

Source: 5BL9UfLKF4.exe	String found in binary or memory: http://www.openssl.org/support/faq.html
Source: 5BL9UfLKF4.exe	String found in binary or memory: http://www.openssl.org/support/faq.html.

Detected potential crypto function

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140178120	0_2_0000000140178120
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140008684	0_2_0000000140008684
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140014F93	0_2_0000000140014F93
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140001002	0_2_0000000140001002
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400810AC	0_2_00000001400810AC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400011E6	0_2_00000001400011E6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140139AA0	0_2_0000000140139AA0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140015E4C	0_2_0000000140015E4C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007792F	0_2_000000014007792F
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001000E	0_2_000000014001000E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A406D	0_2_00000001400A406D
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003C06C	0_2_000000014003C06C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014016C080	0_2_000000014016C080
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014C080	0_2_000000014014C080
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AC074	0_2_00000001400AC074
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007C08E	0_2_000000014007C08E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C80B2	0_2_00000001400C80B2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401680D0	0_2_00000001401680D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005011C	0_2_000000014005011C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014006812E	0_2_000000014006812E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140074150	0_2_0000000140074150
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140064186	0_2_0000000140064186
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401481A0	0_2_00000001401481A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401441A2	0_2_00000001401441A2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400841B6	0_2_00000001400841B6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002C1D8	0_2_000000014002C1D8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140004260	0_2_0000000140004260
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140094292	0_2_0000000140094292
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400282AE	0_2_00000001400282AE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400082EA	0_2_00000001400082EA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B432E	0_2_00000001400B432E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005C346	0_2_000000014005C346
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140040368	0_2_0000000140040368
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003C36A	0_2_000000014003C36A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014C3E0	0_2_000000014014C3E0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400683FA	0_2_00000001400683FA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140144401	0_2_0000000140144401
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140074420	0_2_0000000140074420
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140050429	0_2_0000000140050429
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003C444	0_2_000000014003C444
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001C454	0_2_000000014001C454
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007C494	0_2_000000014007C494
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400804BA	0_2_00000001400804BA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400984D6	0_2_00000001400984D6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140144500	0_2_0000000140144500
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401604F0	0_2_00000001401604F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140038536	0_2_0000000140038536
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014C5B0	0_2_000000014014C5B0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401385B0	0_2_00000001401385B0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000C5C4	0_2_000000014000C5C4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400F05E0	0_2_00000001400F05E0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400905F6	0_2_00000001400905F6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140154660	0_2_0000000140154660
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003065A	0_2_000000014003065A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140084698	0_2_0000000140084698
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400206B1	0_2_00000001400206B1
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401446D7	0_2_00000001401446D7
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003C6D2	0_2_000000014003C6D2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014C6D0	0_2_000000014014C6D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400206E8	0_2_00000001400206E8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B06EE	0_2_00000001400B06EE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A8711	0_2_00000001400A8711
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140044786	0_2_0000000140044786
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400D47E0	0_2_00000001400D47E0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400287D8	0_2_00000001400287D8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015C800	0_2_000000014015C800
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401888D0	0_2_00000001401888D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140094900	0_2_0000000140094900
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140034924	0_2_0000000140034924
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140064962	0_2_0000000140064962
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400BC994	0_2_00000001400BC994
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A49B8	0_2_00000001400A49B8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400309C4	0_2_00000001400309C4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400889D0	0_2_00000001400889D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400689D4	0_2_00000001400689D4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C4A18	0_2_00000001400C4A18
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140070A30	0_2_0000000140070A30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140160A30	0_2_0000000140160A30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000CA42	0_2_000000014000CA42
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140144A51	0_2_0000000140144A51
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014CA80	0_2_000000014014CA80
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009CA7E	0_2_000000014009CA7E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005CA82	0_2_000000014005CA82
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140150AD0	0_2_0000000140150AD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140020B08	0_2_0000000140020B08
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140074B80	0_2_0000000140074B80
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140198C00	0_2_0000000140198C00
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140070BF0	0_2_0000000140070BF0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140014CA0	0_2_0000000140014CA0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140088CA8	0_2_0000000140088CA8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004CCC4	0_2_000000014004CCC4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002CCD0	0_2_000000014002CCD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140018CD2	0_2_0000000140018CD2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140144CD0	0_2_0000000140144CD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C0D8A	0_2_00000001400C0D8A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009CD98	0_2_000000014009CD98
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014CDB0	0_2_000000014014CDB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140008DE8	0_2_0000000140008DE8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401A8E1C	0_2_00000001401A8E1C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140054E2C	0_2_0000000140054E2C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140068E2A	0_2_0000000140068E2A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140028E44	0_2_0000000140028E44
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140148E50	0_2_0000000140148E50
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140160E80	0_2_0000000140160E80
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140154EC0	0_2_0000000140154EC0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140038ECE	0_2_0000000140038ECE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FCEE0	0_2_00000001400FCEE0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140024EE8	0_2_0000000140024EE8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140084EFC	0_2_0000000140084EFC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000CF34	0_2_000000014000CF34
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140098F40	0_2_0000000140098F40
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140048F74	0_2_0000000140048F74
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401C8FBC	0_2_00000001401C8FBC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140010FB4	0_2_0000000140010FB4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140068FCC	0_2_0000000140068FCC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004CFEA	0_2_000000014004CFEA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A500E	0_2_00000001400A500E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003D01C	0_2_000000014003D01C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014900B	0_2_000000014014900B
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400DD060	0_2_00000001400DD060
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B9064	0_2_00000001400B9064
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400950A0	0_2_00000001400950A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401850C0	0_2_00000001401850C0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007D0B4	0_2_000000014007D0B4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007D0BE	0_2_000000014007D0BE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014D0D0	0_2_000000014014D0D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140075100	0_2_0000000140075100
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008D0F4	0_2_000000014008D0F4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140135120	0_2_0000000140135120
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005D10C	0_2_000000014005D10C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FD120	0_2_00000001400FD120
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FD114	0_2_00000001400FD114
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FD12F	0_2_00000001400FD12F
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140055140	0_2_0000000140055140
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FD132	0_2_00000001400FD132
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C514B	0_2_00000001400C514B
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140065150	0_2_0000000140065150
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140089166	0_2_0000000140089166
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015D170	0_2_000000014015D170
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A91AC	0_2_00000001400A91AC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B91A2	0_2_00000001400B91A2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015D1C0	0_2_000000014015D1C0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401B51F0	0_2_00000001401B51F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401AD220	0_2_00000001401AD220
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002925E	0_2_000000014002925E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140149296	0_2_0000000140149296
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015D290	0_2_000000014015D290
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015D2E0	0_2_000000014015D2E0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400152D1	0_2_00000001400152D1
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007D2E4	0_2_000000014007D2E4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015D300	0_2_000000014015D300
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002D312	0_2_000000014002D312
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140145330	0_2_0000000140145330
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140045358	0_2_0000000140045358
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401493A0	0_2_00000001401493A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014D3A0	0_2_000000014014D3A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401353C0	0_2_00000001401353C0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400613BE	0_2_00000001400613BE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140131400	0_2_0000000140131400
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140085410	0_2_0000000140085410
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003541E	0_2_000000014003541E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000D42E	0_2_000000014000D42E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140195430	0_2_0000000140195430
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004D44C	0_2_000000014004D44C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140015453	0_2_0000000140015453
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140005460	0_2_0000000140005460
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401C5480	0_2_00000001401C5480
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140055488	0_2_0000000140055488
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B1488	0_2_00000001400B1488
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401914D0	0_2_00000001401914D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140021546	0_2_0000000140021546
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140145560	0_2_0000000140145560
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A5580	0_2_00000001400A5580
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140185590	0_2_0000000140185590
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400695D6	0_2_00000001400695D6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401495D0	0_2_00000001401495D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400915E2	0_2_00000001400915E2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008D5FA	0_2_000000014008D5FA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401355F0	0_2_00000001401355F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140139620	0_2_0000000140139620
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140181640	0_2_0000000140181640
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014D660	0_2_000000014014D660
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140015677	0_2_0000000140015677
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400796A0	0_2_00000001400796A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140161690	0_2_0000000140161690
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400016B8	0_2_00000001400016B8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401956D0	0_2_00000001401956D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C16F0	0_2_00000001400C16F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400156EC	0_2_00000001400156EC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400416FB	0_2_00000001400416FB
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003D722	0_2_000000014003D722
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140075760	0_2_0000000140075760
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001977A	0_2_000000014001977A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400F97C0	0_2_00000001400F97C0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401497D0	0_2_00000001401497D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400057EA	0_2_00000001400057EA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400897FA	0_2_00000001400897FA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401497F0	0_2_00000001401497F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003582A	0_2_000000014003582A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140001836	0_2_0000000140001836
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140145830	0_2_0000000140145830
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C5874	0_2_00000001400C5874
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400118DC	0_2_00000001400118DC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009192E	0_2_000000014009192E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140009926	0_2_0000000140009926
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140035943	0_2_0000000140035943
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004D944	0_2_000000014004D944
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AD9AA	0_2_00000001400AD9AA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003D9AE	0_2_000000014003D9AE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400659B6	0_2_00000001400659B6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A99DA	0_2_00000001400A99DA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007D9D4	0_2_000000014007D9D4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002D9DC	0_2_000000014002D9DC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140195A30	0_2_0000000140195A30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140089A38	0_2_0000000140089A38
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140159A80	0_2_0000000140159A80
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014DA80	0_2_000000014014DA80
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140185A70	0_2_0000000140185A70
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140079A8A	0_2_0000000140079A8A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400E5AA0	0_2_00000001400E5AA0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140031A96	0_2_0000000140031A96
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140139AC0	0_2_0000000140139AC0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140145AB0	0_2_0000000140145AB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003DADE	0_2_000000014003DADE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140041B66	0_2_0000000140041B66
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401A5BB0	0_2_00000001401A5BB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140069BC6	0_2_0000000140069BC6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140181BD0	0_2_0000000140181BD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B5C00	0_2_00000001400B5C00
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014DBF0	0_2_000000014014DBF0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A1C20	0_2_00000001400A1C20
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004DC3A	0_2_000000014004DC3A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002DC5C	0_2_000000014002DC5C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003DC8C	0_2_000000014003DC8C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140145C90	0_2_0000000140145C90
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140165D30	0_2_0000000140165D30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140101D60	0_2_0000000140101D60
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A5D72	0_2_00000001400A5D72
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140079DE4	0_2_0000000140079DE4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140141E00	0_2_0000000140141E00
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400DDE30	0_2_00000001400DDE30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140025E3C	0_2_0000000140025E3C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140101E60	0_2_0000000140101E60
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140039E60	0_2_0000000140039E60
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009DE90	0_2_000000014009DE90
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014DEA0	0_2_000000014014DEA0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140089E92	0_2_0000000140089E92
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005DEC2	0_2_000000014005DEC2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140009EE0	0_2_0000000140009EE0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B9EEA	0_2_00000001400B9EEA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400ADF2C	0_2_00000001400ADF2C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C1F86	0_2_00000001400C1F86
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140141F90	0_2_0000000140141F90
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140185FC0	0_2_0000000140185FC0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A9FB6	0_2_00000001400A9FB6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C5FE0	0_2_00000001400C5FE0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015DFD0	0_2_000000014015DFD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140082020	0_2_0000000140082020
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014E030	0_2_000000014014E030
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401A6054	0_2_00000001401A6054
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004E0DC	0_2_000000014004E0DC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014006A14E	0_2_000000014006A14E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B6190	0_2_00000001400B6190
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014619E	0_2_000000014014619E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140012192	0_2_0000000140012192
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400621C2	0_2_00000001400621C2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B21C2	0_2_00000001400B21C2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400661DC	0_2_00000001400661DC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401861F0	0_2_00000001401861F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140076230	0_2_0000000140076230
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008A27E	0_2_000000014008A27E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014012A2D0	0_2_000000014012A2D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400562E3	0_2_00000001400562E3
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140146300	0_2_0000000140146300
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003A2F6	0_2_000000014003A2F6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AA2FE	0_2_00000001400AA2FE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008E308	0_2_000000014008E308
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009231A	0_2_000000014009231A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014E340	0_2_000000014014E340
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A6338	0_2_00000001400A6338
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C63E8	0_2_00000001400C63E8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005A418	0_2_000000014005A418
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007A41A	0_2_000000014007A41A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140032432	0_2_0000000140032432
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140136430	0_2_0000000140136430
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401BE458	0_2_00000001401BE458
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400BA46B	0_2_00000001400BA46B
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140152480	0_2_0000000140152480
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400924DA	0_2_00000001400924DA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014E520	0_2_000000014014E520
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AE539	0_2_00000001400AE539
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401A6554	0_2_00000001401A6554
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140012554	0_2_0000000140012554
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400865BC	0_2_00000001400865BC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400565C8	0_2_00000001400565C8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001E5CA	0_2_000000014001E5CA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000E5D6	0_2_000000014000E5D6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401465D0	0_2_00000001401465D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002E5EE	0_2_000000014002E5EE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401465F0	0_2_00000001401465F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014016A620	0_2_000000014016A620
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140046625	0_2_0000000140046625
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140182650	0_2_0000000140182650
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003E65C	0_2_000000014003E65C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140186680	0_2_0000000140186680
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A668E	0_2_00000001400A668E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014010E6A0	0_2_000000014010E6A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400226C3	0_2_00000001400226C3
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400226EE	0_2_00000001400226EE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400966F8	0_2_00000001400966F8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014017A720	0_2_000000014017A720
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A2705	0_2_00000001400A2705
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014006A71C	0_2_000000014006A71C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005E728	0_2_000000014005E728
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140102780	0_2_0000000140102780
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400E27F0	0_2_00000001400E27F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014018A800	0_2_000000014018A800
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014E840	0_2_000000014014E840
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C685E	0_2_00000001400C685E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140006860	0_2_0000000140006860
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B2864	0_2_00000001400B2864
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004A8DA	0_2_000000014004A8DA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B68E6	0_2_00000001400B68E6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AE8F6	0_2_00000001400AE8F6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140196960	0_2_0000000140196960
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140076950	0_2_0000000140076950
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002E960	0_2_000000014002E960
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009A96C	0_2_000000014009A96C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140022985	0_2_0000000140022985
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014A9C0	0_2_000000014014A9C0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400869E2	0_2_00000001400869E2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001EA0C	0_2_000000014001EA0C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140142A20	0_2_0000000140142A20
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009EA97	0_2_000000014009EA97
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140182AB0	0_2_0000000140182AB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014EAB0	0_2_000000014014EAB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B6AB8	0_2_00000001400B6AB8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014013EAB0	0_2_000000014013EAB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140192AD0	0_2_0000000140192AD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140022ADE	0_2_0000000140022ADE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FAB20	0_2_00000001400FAB20
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008EB30	0_2_000000014008EB30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401BEB6C	0_2_00000001401BEB6C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014017AB70	0_2_000000014017AB70
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004AB8E	0_2_000000014004AB8E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140036B9E	0_2_0000000140036B9E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140142BCC	0_2_0000000140142BCC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005AC10	0_2_000000014005AC10
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400BEC16	0_2_00000001400BEC16
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000EC68	0_2_000000014000EC68
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140076CAC	0_2_0000000140076CAC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140066CD8	0_2_0000000140066CD8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140032CE4	0_2_0000000140032CE4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400F6D00	0_2_00000001400F6D00
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140092CFE	0_2_0000000140092CFE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140046D02	0_2_0000000140046D02
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400BAD14	0_2_00000001400BAD14
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000AD27	0_2_000000014000AD27
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000AD28	0_2_000000014000AD28
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007AD60	0_2_000000014007AD60
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004AD7F	0_2_000000014004AD7F
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140026D7A	0_2_0000000140026D7A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140142E1B	0_2_0000000140142E1B
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014012AE10	0_2_000000014012AE10
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A2E68	0_2_00000001400A2E68
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140002E70	0_2_0000000140002E70
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014EEA0	0_2_000000014014EEA0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C6E98	0_2_00000001400C6E98
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140072ED0	0_2_0000000140072ED0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001EECE	0_2_000000014001EECE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401A2ECC	0_2_00000001401A2ECC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140142F20	0_2_0000000140142F20
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140182F10	0_2_0000000140182F10
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AAF2E	0_2_00000001400AAF2E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140096F58	0_2_0000000140096F58
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008AF64	0_2_000000014008AF64
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140052F90	0_2_0000000140052F90
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140082FA9	0_2_0000000140082FA9
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140176FC0	0_2_0000000140176FC0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140102FE0	0_2_0000000140102FE0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014AFD0	0_2_000000014014AFD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014006AFF6	0_2_000000014006AFF6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005B022	0_2_000000014005B022
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014F060	0_2_000000014014F060
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140103060	0_2_0000000140103060
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004B052	0_2_000000014004B052
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401C7080	0_2_00000001401C7080
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000F06C	0_2_000000014000F06C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014F090	0_2_000000014014F090
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400630B2	0_2_00000001400630B2

Found potential string decryption / allocating functions

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400D0B80 appears 34 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400E91A0 appears 220 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400D0C10 appears 43 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001401057C0 appears 37 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400D3AD0 appears 42 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400D1D60 appears 508 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400FDC20 appears 818 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400D08A0 appears 112 times

Source: classification engine

Classification label: clean5.winEXE@1/0@21/0

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_0000000140178120 LoadLibraryW,LoadLibraryW,LoadLibraryW,GetProcAddress,GetProcAddress,NetStatisticsGet,NetStatisticsGet,FreeLibrary,GetProcAddress,GetProcAddress,GetProcAddress,FreeLibrary,LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,FreeLibrary,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateToolhelp32Snapshot,GetTickCount,Heap32ListFirst,Heap32First,Heap32Next,GetTickCount,Heap32ListNext,GetTickCount,GetTickCount,Process32First,GetTickCount,GetTickCount,GetTickCount,GetTickCount,GetTickCount,CloseHandle,FreeLibrary,GlobalMemoryStatus,GetCurrentProcessId,

0_2_0000000140178120

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Mutant created: \Sessions\1\BaseNamedObjects\P

Source: 5BL9UfLKF4.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: 5BL9UfLKF4.exe	String found in binary or memory: id-cmc-addExtensions
Source: 5BL9UfLKF4.exe	String found in binary or memory: set-addPolicy

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: zlib1.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: wkscli.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: rasadhlp.dll	Jump to behavior

Source: 5BL9UfLKF4.exe

Static PE information: Virtual size of .text is bigger than: 0x100000

Source: 5BL9UfLKF4.exe

Static PE information: Image base 0x140000000 > 0x60000000

Source: 5BL9UfLKF4.exe

Static file information: File size 2883072 > 1048576

Source: 5BL9UfLKF4.exe

Static PE information: Raw size of .text is bigger than: 0x100000 < 0x24b400

Contains functionality to dynamically determine API calls

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

PE file contains sections with non-standard names

Source: 5BL9UfLKF4.exe

Static PE information: section name: _RDATA

Extensive use of GetProcAddress (often used to hide API calls)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

Found large amount of non-executed APIs

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

API coverage: 7.3 %

Source: 5BL9UfLKF4.exe, 00000000.00000002.3305920105.000000000048D000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Process information queried: ProcessInformation

Jump to behavior

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_000000014011E160 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

0_2_000000014011E160

Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

Contains functionality to dynamically determine API calls

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_00000001400C5FE0 GetSystemFirmwareTable,GetProcessHeap,HeapAlloc,GetSystemFirmwareTable,GetProcessHeap,HeapFree,

0_2_00000001400C5FE0

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014011E160 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_000000014011E160
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014011E150 SetUnhandledExceptionFilter,	0_2_000000014011E150
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401AE734 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_00000001401AE734

Contains functionality to query locales information (e.g. system language)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: EnumSystemLocalesW,GetUserDefaultLCID,ProcessCodePage,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,	0_2_00000001401C1400
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: EnumSystemLocalesW,	0_2_00000001401C1700
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: EnumSystemLocalesW,	0_2_00000001401C1A1C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	0_2_00000001401C1CA4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: GetLocaleInfoW,	0_2_00000001401CF040

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_0000000140174420 GetSystemTime,SystemTimeToFileTime,

0_2_0000000140174420

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_0000000140076A24 GetUserNameW,

0_2_0000000140076A24

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

⊘No contacted IP infos

Contacted Domains

Name	IP	Active
test.local	unknown	unknown

Tries to resolve domain names, but no domain seems valid (expired dropper behavior)

Source: unknown

DNS traffic detected: query: test.local replaycode: Name error (3)

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_00000001400E96E0 WSASetLastError,recv,

0_2_00000001400E96E0

Source: global traffic

DNS traffic detected: DNS query: test.local

Source: 5BL9UfLKF4.exe	String found in binary or memory: http://www.openssl.org/support/faq.html
Source: 5BL9UfLKF4.exe	String found in binary or memory: http://www.openssl.org/support/faq.html.

Detected potential crypto function

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140178120	0_2_0000000140178120
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140008684	0_2_0000000140008684
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140014F93	0_2_0000000140014F93
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140001002	0_2_0000000140001002
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400810AC	0_2_00000001400810AC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400011E6	0_2_00000001400011E6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140139AA0	0_2_0000000140139AA0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140015E4C	0_2_0000000140015E4C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007792F	0_2_000000014007792F
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001000E	0_2_000000014001000E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A406D	0_2_00000001400A406D
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003C06C	0_2_000000014003C06C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014016C080	0_2_000000014016C080
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014C080	0_2_000000014014C080
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AC074	0_2_00000001400AC074
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007C08E	0_2_000000014007C08E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C80B2	0_2_00000001400C80B2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401680D0	0_2_00000001401680D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005011C	0_2_000000014005011C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014006812E	0_2_000000014006812E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140074150	0_2_0000000140074150
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140064186	0_2_0000000140064186
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401481A0	0_2_00000001401481A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401441A2	0_2_00000001401441A2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400841B6	0_2_00000001400841B6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002C1D8	0_2_000000014002C1D8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140004260	0_2_0000000140004260
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140094292	0_2_0000000140094292
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400282AE	0_2_00000001400282AE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400082EA	0_2_00000001400082EA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B432E	0_2_00000001400B432E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005C346	0_2_000000014005C346
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140040368	0_2_0000000140040368
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003C36A	0_2_000000014003C36A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014C3E0	0_2_000000014014C3E0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400683FA	0_2_00000001400683FA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140144401	0_2_0000000140144401
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140074420	0_2_0000000140074420
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140050429	0_2_0000000140050429
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003C444	0_2_000000014003C444
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001C454	0_2_000000014001C454
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007C494	0_2_000000014007C494
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400804BA	0_2_00000001400804BA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400984D6	0_2_00000001400984D6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140144500	0_2_0000000140144500
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401604F0	0_2_00000001401604F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140038536	0_2_0000000140038536
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014C5B0	0_2_000000014014C5B0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401385B0	0_2_00000001401385B0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000C5C4	0_2_000000014000C5C4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400F05E0	0_2_00000001400F05E0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400905F6	0_2_00000001400905F6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140154660	0_2_0000000140154660
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003065A	0_2_000000014003065A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140084698	0_2_0000000140084698
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400206B1	0_2_00000001400206B1
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401446D7	0_2_00000001401446D7
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003C6D2	0_2_000000014003C6D2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014C6D0	0_2_000000014014C6D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400206E8	0_2_00000001400206E8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B06EE	0_2_00000001400B06EE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A8711	0_2_00000001400A8711
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140044786	0_2_0000000140044786
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400D47E0	0_2_00000001400D47E0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400287D8	0_2_00000001400287D8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015C800	0_2_000000014015C800
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401888D0	0_2_00000001401888D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140094900	0_2_0000000140094900
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140034924	0_2_0000000140034924
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140064962	0_2_0000000140064962
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400BC994	0_2_00000001400BC994
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A49B8	0_2_00000001400A49B8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400309C4	0_2_00000001400309C4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400889D0	0_2_00000001400889D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400689D4	0_2_00000001400689D4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C4A18	0_2_00000001400C4A18
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140070A30	0_2_0000000140070A30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140160A30	0_2_0000000140160A30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000CA42	0_2_000000014000CA42
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140144A51	0_2_0000000140144A51
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014CA80	0_2_000000014014CA80
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009CA7E	0_2_000000014009CA7E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005CA82	0_2_000000014005CA82
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140150AD0	0_2_0000000140150AD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140020B08	0_2_0000000140020B08
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140074B80	0_2_0000000140074B80
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140198C00	0_2_0000000140198C00
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140070BF0	0_2_0000000140070BF0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140014CA0	0_2_0000000140014CA0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140088CA8	0_2_0000000140088CA8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004CCC4	0_2_000000014004CCC4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002CCD0	0_2_000000014002CCD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140018CD2	0_2_0000000140018CD2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140144CD0	0_2_0000000140144CD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C0D8A	0_2_00000001400C0D8A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009CD98	0_2_000000014009CD98
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014CDB0	0_2_000000014014CDB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140008DE8	0_2_0000000140008DE8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401A8E1C	0_2_00000001401A8E1C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140054E2C	0_2_0000000140054E2C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140068E2A	0_2_0000000140068E2A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140028E44	0_2_0000000140028E44
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140148E50	0_2_0000000140148E50
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140160E80	0_2_0000000140160E80
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140154EC0	0_2_0000000140154EC0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140038ECE	0_2_0000000140038ECE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FCEE0	0_2_00000001400FCEE0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140024EE8	0_2_0000000140024EE8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140084EFC	0_2_0000000140084EFC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000CF34	0_2_000000014000CF34
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140098F40	0_2_0000000140098F40
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140048F74	0_2_0000000140048F74
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401C8FBC	0_2_00000001401C8FBC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140010FB4	0_2_0000000140010FB4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140068FCC	0_2_0000000140068FCC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004CFEA	0_2_000000014004CFEA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A500E	0_2_00000001400A500E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003D01C	0_2_000000014003D01C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014900B	0_2_000000014014900B
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400DD060	0_2_00000001400DD060
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B9064	0_2_00000001400B9064
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400950A0	0_2_00000001400950A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401850C0	0_2_00000001401850C0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007D0B4	0_2_000000014007D0B4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007D0BE	0_2_000000014007D0BE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014D0D0	0_2_000000014014D0D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140075100	0_2_0000000140075100
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008D0F4	0_2_000000014008D0F4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140135120	0_2_0000000140135120
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005D10C	0_2_000000014005D10C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FD120	0_2_00000001400FD120
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FD114	0_2_00000001400FD114
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FD12F	0_2_00000001400FD12F
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140055140	0_2_0000000140055140
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FD132	0_2_00000001400FD132
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C514B	0_2_00000001400C514B
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140065150	0_2_0000000140065150
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140089166	0_2_0000000140089166
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015D170	0_2_000000014015D170
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A91AC	0_2_00000001400A91AC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B91A2	0_2_00000001400B91A2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015D1C0	0_2_000000014015D1C0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401B51F0	0_2_00000001401B51F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401AD220	0_2_00000001401AD220
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002925E	0_2_000000014002925E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140149296	0_2_0000000140149296
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015D290	0_2_000000014015D290
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015D2E0	0_2_000000014015D2E0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400152D1	0_2_00000001400152D1
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007D2E4	0_2_000000014007D2E4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015D300	0_2_000000014015D300
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002D312	0_2_000000014002D312
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140145330	0_2_0000000140145330
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140045358	0_2_0000000140045358
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401493A0	0_2_00000001401493A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014D3A0	0_2_000000014014D3A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401353C0	0_2_00000001401353C0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400613BE	0_2_00000001400613BE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140131400	0_2_0000000140131400
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140085410	0_2_0000000140085410
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003541E	0_2_000000014003541E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000D42E	0_2_000000014000D42E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140195430	0_2_0000000140195430
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004D44C	0_2_000000014004D44C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140015453	0_2_0000000140015453
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140005460	0_2_0000000140005460
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401C5480	0_2_00000001401C5480
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140055488	0_2_0000000140055488
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B1488	0_2_00000001400B1488
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401914D0	0_2_00000001401914D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140021546	0_2_0000000140021546
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140145560	0_2_0000000140145560
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A5580	0_2_00000001400A5580
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140185590	0_2_0000000140185590
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400695D6	0_2_00000001400695D6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401495D0	0_2_00000001401495D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400915E2	0_2_00000001400915E2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008D5FA	0_2_000000014008D5FA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401355F0	0_2_00000001401355F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140139620	0_2_0000000140139620
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140181640	0_2_0000000140181640
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014D660	0_2_000000014014D660
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140015677	0_2_0000000140015677
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400796A0	0_2_00000001400796A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140161690	0_2_0000000140161690
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400016B8	0_2_00000001400016B8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401956D0	0_2_00000001401956D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C16F0	0_2_00000001400C16F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400156EC	0_2_00000001400156EC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400416FB	0_2_00000001400416FB
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003D722	0_2_000000014003D722
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140075760	0_2_0000000140075760
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001977A	0_2_000000014001977A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400F97C0	0_2_00000001400F97C0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401497D0	0_2_00000001401497D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400057EA	0_2_00000001400057EA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400897FA	0_2_00000001400897FA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401497F0	0_2_00000001401497F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003582A	0_2_000000014003582A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140001836	0_2_0000000140001836
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140145830	0_2_0000000140145830
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C5874	0_2_00000001400C5874
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400118DC	0_2_00000001400118DC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009192E	0_2_000000014009192E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140009926	0_2_0000000140009926
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140035943	0_2_0000000140035943
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004D944	0_2_000000014004D944
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AD9AA	0_2_00000001400AD9AA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003D9AE	0_2_000000014003D9AE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400659B6	0_2_00000001400659B6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A99DA	0_2_00000001400A99DA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007D9D4	0_2_000000014007D9D4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002D9DC	0_2_000000014002D9DC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140195A30	0_2_0000000140195A30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140089A38	0_2_0000000140089A38
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140159A80	0_2_0000000140159A80
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014DA80	0_2_000000014014DA80
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140185A70	0_2_0000000140185A70
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140079A8A	0_2_0000000140079A8A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400E5AA0	0_2_00000001400E5AA0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140031A96	0_2_0000000140031A96
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140139AC0	0_2_0000000140139AC0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140145AB0	0_2_0000000140145AB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003DADE	0_2_000000014003DADE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140041B66	0_2_0000000140041B66
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401A5BB0	0_2_00000001401A5BB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140069BC6	0_2_0000000140069BC6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140181BD0	0_2_0000000140181BD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B5C00	0_2_00000001400B5C00
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014DBF0	0_2_000000014014DBF0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A1C20	0_2_00000001400A1C20
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004DC3A	0_2_000000014004DC3A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002DC5C	0_2_000000014002DC5C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003DC8C	0_2_000000014003DC8C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140145C90	0_2_0000000140145C90
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140165D30	0_2_0000000140165D30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140101D60	0_2_0000000140101D60
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A5D72	0_2_00000001400A5D72
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140079DE4	0_2_0000000140079DE4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140141E00	0_2_0000000140141E00
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400DDE30	0_2_00000001400DDE30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140025E3C	0_2_0000000140025E3C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140101E60	0_2_0000000140101E60
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140039E60	0_2_0000000140039E60
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009DE90	0_2_000000014009DE90
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014DEA0	0_2_000000014014DEA0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140089E92	0_2_0000000140089E92
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005DEC2	0_2_000000014005DEC2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140009EE0	0_2_0000000140009EE0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B9EEA	0_2_00000001400B9EEA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400ADF2C	0_2_00000001400ADF2C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C1F86	0_2_00000001400C1F86
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140141F90	0_2_0000000140141F90
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140185FC0	0_2_0000000140185FC0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A9FB6	0_2_00000001400A9FB6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C5FE0	0_2_00000001400C5FE0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014015DFD0	0_2_000000014015DFD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140082020	0_2_0000000140082020
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014E030	0_2_000000014014E030
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401A6054	0_2_00000001401A6054
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004E0DC	0_2_000000014004E0DC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014006A14E	0_2_000000014006A14E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B6190	0_2_00000001400B6190
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014619E	0_2_000000014014619E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140012192	0_2_0000000140012192
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400621C2	0_2_00000001400621C2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B21C2	0_2_00000001400B21C2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400661DC	0_2_00000001400661DC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401861F0	0_2_00000001401861F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140076230	0_2_0000000140076230
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008A27E	0_2_000000014008A27E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014012A2D0	0_2_000000014012A2D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400562E3	0_2_00000001400562E3
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140146300	0_2_0000000140146300
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003A2F6	0_2_000000014003A2F6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AA2FE	0_2_00000001400AA2FE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008E308	0_2_000000014008E308
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009231A	0_2_000000014009231A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014E340	0_2_000000014014E340
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A6338	0_2_00000001400A6338
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C63E8	0_2_00000001400C63E8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005A418	0_2_000000014005A418
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007A41A	0_2_000000014007A41A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140032432	0_2_0000000140032432
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140136430	0_2_0000000140136430
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401BE458	0_2_00000001401BE458
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400BA46B	0_2_00000001400BA46B
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140152480	0_2_0000000140152480
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400924DA	0_2_00000001400924DA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014E520	0_2_000000014014E520
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AE539	0_2_00000001400AE539
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401A6554	0_2_00000001401A6554
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140012554	0_2_0000000140012554
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400865BC	0_2_00000001400865BC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400565C8	0_2_00000001400565C8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001E5CA	0_2_000000014001E5CA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000E5D6	0_2_000000014000E5D6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401465D0	0_2_00000001401465D0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002E5EE	0_2_000000014002E5EE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401465F0	0_2_00000001401465F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014016A620	0_2_000000014016A620
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140046625	0_2_0000000140046625
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140182650	0_2_0000000140182650
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014003E65C	0_2_000000014003E65C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140186680	0_2_0000000140186680
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A668E	0_2_00000001400A668E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014010E6A0	0_2_000000014010E6A0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400226C3	0_2_00000001400226C3
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400226EE	0_2_00000001400226EE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400966F8	0_2_00000001400966F8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014017A720	0_2_000000014017A720
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A2705	0_2_00000001400A2705
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014006A71C	0_2_000000014006A71C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005E728	0_2_000000014005E728
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140102780	0_2_0000000140102780
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400E27F0	0_2_00000001400E27F0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014018A800	0_2_000000014018A800
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014E840	0_2_000000014014E840
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C685E	0_2_00000001400C685E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140006860	0_2_0000000140006860
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B2864	0_2_00000001400B2864
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004A8DA	0_2_000000014004A8DA
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B68E6	0_2_00000001400B68E6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AE8F6	0_2_00000001400AE8F6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140196960	0_2_0000000140196960
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140076950	0_2_0000000140076950
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014002E960	0_2_000000014002E960
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009A96C	0_2_000000014009A96C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140022985	0_2_0000000140022985
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014A9C0	0_2_000000014014A9C0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400869E2	0_2_00000001400869E2
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001EA0C	0_2_000000014001EA0C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140142A20	0_2_0000000140142A20
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014009EA97	0_2_000000014009EA97
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140182AB0	0_2_0000000140182AB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014EAB0	0_2_000000014014EAB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400B6AB8	0_2_00000001400B6AB8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014013EAB0	0_2_000000014013EAB0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140192AD0	0_2_0000000140192AD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140022ADE	0_2_0000000140022ADE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400FAB20	0_2_00000001400FAB20
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008EB30	0_2_000000014008EB30
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401BEB6C	0_2_00000001401BEB6C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014017AB70	0_2_000000014017AB70
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004AB8E	0_2_000000014004AB8E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140036B9E	0_2_0000000140036B9E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140142BCC	0_2_0000000140142BCC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005AC10	0_2_000000014005AC10
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400BEC16	0_2_00000001400BEC16
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000EC68	0_2_000000014000EC68
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140076CAC	0_2_0000000140076CAC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140066CD8	0_2_0000000140066CD8
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140032CE4	0_2_0000000140032CE4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400F6D00	0_2_00000001400F6D00
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140092CFE	0_2_0000000140092CFE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140046D02	0_2_0000000140046D02
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400BAD14	0_2_00000001400BAD14
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000AD27	0_2_000000014000AD27
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000AD28	0_2_000000014000AD28
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014007AD60	0_2_000000014007AD60
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004AD7F	0_2_000000014004AD7F
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140026D7A	0_2_0000000140026D7A
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140142E1B	0_2_0000000140142E1B
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014012AE10	0_2_000000014012AE10
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400A2E68	0_2_00000001400A2E68
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140002E70	0_2_0000000140002E70
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014EEA0	0_2_000000014014EEA0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400C6E98	0_2_00000001400C6E98
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140072ED0	0_2_0000000140072ED0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014001EECE	0_2_000000014001EECE
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401A2ECC	0_2_00000001401A2ECC
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140142F20	0_2_0000000140142F20
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140182F10	0_2_0000000140182F10
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400AAF2E	0_2_00000001400AAF2E
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140096F58	0_2_0000000140096F58
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014008AF64	0_2_000000014008AF64
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140052F90	0_2_0000000140052F90
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140082FA9	0_2_0000000140082FA9
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140176FC0	0_2_0000000140176FC0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140102FE0	0_2_0000000140102FE0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014AFD0	0_2_000000014014AFD0
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014006AFF6	0_2_000000014006AFF6
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014005B022	0_2_000000014005B022
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014F060	0_2_000000014014F060
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_0000000140103060	0_2_0000000140103060
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014004B052	0_2_000000014004B052
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401C7080	0_2_00000001401C7080
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014000F06C	0_2_000000014000F06C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014014F090	0_2_000000014014F090
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001400630B2	0_2_00000001400630B2

Found potential string decryption / allocating functions

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400D0B80 appears 34 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400E91A0 appears 220 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400D0C10 appears 43 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001401057C0 appears 37 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400D3AD0 appears 42 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400D1D60 appears 508 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400FDC20 appears 818 times
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: String function: 00000001400D08A0 appears 112 times

Source: classification engine

Classification label: clean5.winEXE@1/0@21/0

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Mutant created: \Sessions\1\BaseNamedObjects\P

Source: 5BL9UfLKF4.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: 5BL9UfLKF4.exe	String found in binary or memory: id-cmc-addExtensions
Source: 5BL9UfLKF4.exe	String found in binary or memory: set-addPolicy

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: zlib1.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: wkscli.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Section loaded: rasadhlp.dll	Jump to behavior

Source: 5BL9UfLKF4.exe

Static PE information: Virtual size of .text is bigger than: 0x100000

Source: 5BL9UfLKF4.exe

Static PE information: Image base 0x140000000 > 0x60000000

Source: 5BL9UfLKF4.exe

Static file information: File size 2883072 > 1048576

Source: 5BL9UfLKF4.exe

Static PE information: Raw size of .text is bigger than: 0x100000 < 0x24b400

Contains functionality to dynamically determine API calls

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

PE file contains sections with non-standard names

Source: 5BL9UfLKF4.exe

Static PE information: section name: _RDATA

Extensive use of GetProcAddress (often used to hide API calls)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

Found large amount of non-executed APIs

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

API coverage: 7.3 %

Source: 5BL9UfLKF4.exe, 00000000.00000002.3305920105.000000000048D000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Process information queried: ProcessInformation

Jump to behavior

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_000000014011E160 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

0_2_000000014011E160

Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

Contains functionality to dynamically determine API calls

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

0_2_0000000140178120

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_00000001400C5FE0 GetSystemFirmwareTable,GetProcessHeap,HeapAlloc,GetSystemFirmwareTable,GetProcessHeap,HeapFree,

0_2_00000001400C5FE0

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014011E160 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_000000014011E160
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_000000014011E150 SetUnhandledExceptionFilter,	0_2_000000014011E150
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: 0_2_00000001401AE734 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_00000001401AE734

Contains functionality to query locales information (e.g. system language)

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: EnumSystemLocalesW,GetUserDefaultLCID,ProcessCodePage,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,	0_2_00000001401C1400
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: EnumSystemLocalesW,	0_2_00000001401C1700
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: EnumSystemLocalesW,	0_2_00000001401C1A1C
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	0_2_00000001401C1CA4
Source: C:\Users\user\Desktop\5BL9UfLKF4.exe	Code function: GetLocaleInfoW,	0_2_00000001401CF040

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_0000000140174420 GetSystemTime,SystemTimeToFileTime,

0_2_0000000140174420

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Code function: 0_2_0000000140076A24 GetUserNameW,

0_2_0000000140076A24

Source: C:\Users\user\Desktop\5BL9UfLKF4.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

ID:	1541140
Product:	CloudBasic
Start time:	14:00:09
Start date:	24.10.2024
Sample:	5BL9UfLKF4
Cookbook:	default.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	68b4368ad5d5125699f132bd7332ad5e
SHA1:	d88a3c0285199eb07354697cc7345df3feec4965
SHA256:	80bd6fa12fe9aacd8d3b4f1c93564874ba67a0bb3093cedf100decb6279173d0
Filetype:	Win64 Executable GUI (202006/5) 91.80%

Windows Analysis Report
5BL9UfLKF4.exe

Overview

General Information

Detection

Signatures

Classification

Signatures

Networking

System Summary

Data Obfuscation

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

Language, Device and Operating System Detection

Screenshots

Behavior Graph

Network Map

Contacted Domains

Windows Analysis Report 5BL9UfLKF4.exe

Overview

General Information

Detection

Signatures

Classification

Signatures

Networking

System Summary

Data Obfuscation

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

Language, Device and Operating System Detection

Screenshots

Behavior Graph

Network Map

Contacted Domains

Windows Analysis Report
5BL9UfLKF4.exe