Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1541692
MD5:31c4dc3c764474d495340d6aa688e639
SHA1:208a17ba8dbf1cab0a603b2a175e115c1e5d6a72
SHA256:6a159a3587508bfb504d2a7cf6fd993361316102d416182b10d5516232383d09
Tags:exeuser-Bitsight
Infos:

Detection

LummaC
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Detected unpacking (changes PE section rights)
Found malware configuration
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected LummaC Stealer
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Hides threads from debuggers
LummaC encrypted strings found
Machine Learning detection for sample
PE file contains section with special chars
Sample uses string decryption to hide its real strings
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Checks for debuggers (devices)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Detected potential crypto function
Entry point lies outside standard sections
Found inlined nop instructions (likely shell or obfuscated code)
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains an invalid checksum
PE file contains sections with non-standard names
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 2168 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 31C4DC3C764474D495340D6AA688E639)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Lumma Stealer, LummaC2 StealerLumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.lumma

Malware Configuration

Threatname: LummaC

{"C2 url": ["mobbipenju.store", "spirittunek.store", "dissapoiznw.store", "studennotediw.store", "clearancek.site", "eaglepawnoy.store", "licendfilteo.site", "bathdoomgaz.store"], "Build id": "4SD0y4--legendaryy"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
decrypted.memstrJoeSecurity_LummaCStealer_2Yara detected LummaC StealerJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T02:18:10.632721+020020564771Domain Observed Used for C2 Detected192.168.2.6572651.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T02:18:10.396103+020020564711Domain Observed Used for C2 Detected192.168.2.6552661.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T02:18:10.475022+020020564811Domain Observed Used for C2 Detected192.168.2.6518481.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T02:18:10.454165+020020564831Domain Observed Used for C2 Detected192.168.2.6519661.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T02:18:10.695357+020020564731Domain Observed Used for C2 Detected192.168.2.6550381.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T02:18:10.438410+020020564851Domain Observed Used for C2 Detected192.168.2.6596601.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T02:18:10.648981+020020564751Domain Observed Used for C2 Detected192.168.2.6565531.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T02:18:10.497719+020020564791Domain Observed Used for C2 Detected192.168.2.6645331.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T02:18:12.338781+020028586661Domain Observed Used for C2 Detected192.168.2.649711104.102.49.254443TCP

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: file.exeAvira: detected
    Found malware configuration
    Source: file.exe.2168.0.memstrminMalware Configuration Extractor: LummaC {"C2 url": ["mobbipenju.store", "spirittunek.store", "dissapoiznw.store", "studennotediw.store", "clearancek.site", "eaglepawnoy.store", "licendfilteo.site", "bathdoomgaz.store"], "Build id": "4SD0y4--legendaryy"}
    Multi AV Scanner detection for domain / URL
    Source: bathdoomgaz.storeVirustotal: Detection: 20%Perma Link
    Source: spirittunek.storeVirustotal: Detection: 21%Perma Link
    Source: eaglepawnoy.storeVirustotal: Detection: 20%Perma Link
    Multi AV Scanner detection for submitted file
    Source: file.exeReversingLabs: Detection: 39%
    AI detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
    Machine Learning detection for sample
    Source: file.exeJoe Sandbox ML: detected
    Sample uses string decryption to hide its real strings
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: clearancek.site
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: licendfilteo.site
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: spirittunek.store
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: bathdoomgaz.store
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: studennotediw.store
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: dissapoiznw.store
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: eaglepawnoy.store
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: mobbipenju.store
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: clearancek.site
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: lid=%s&j=%s&ver=4.0
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: TeslaBrowser/5.5
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: - Screen Resoluton:
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: - Physical Installed Memory:
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: Workgroup: -
    Source: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: 4SD0y4--legendaryy
    Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
    Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:49711 version: TLS 1.2
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]0_2_00B050FA
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]0_2_00ACD110
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]0_2_00ACD110
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [edi+edx*8], C274D4CAh0_2_00B063B8
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [ebx+edx*8], 53F09CFAh0_2_00B099D0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [esi+edx*8], 27BAF212h0_2_00B0695B
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+04h]0_2_00ACFCA0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [ebp-10h]0_2_00AD0EEC
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp ecx0_2_00B06094
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+20h]0_2_00AD6F91
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then dec ebx0_2_00AFF030
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov ecx, dword ptr [edx]0_2_00AC1000
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [esi+edx*8], F3285E74h0_2_00B04040
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+0Ch]0_2_00AED1E1
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+04h]0_2_00AD42FC
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [eax], dx0_2_00AE2260
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [esi], ax0_2_00AE2260
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+30h]0_2_00AF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+30h]0_2_00AF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+30h]0_2_00AF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov byte ptr [edi], al0_2_00AF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+30h]0_2_00AF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+14h]0_2_00AF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov ebp, eax0_2_00ACA300
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [edi+edx*8], C274D4CAh0_2_00B064B8
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [ebp-14h]0_2_00AEE40C
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov dword ptr [esp], 00000000h0_2_00ADB410
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+0Ch]0_2_00AEC470
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx eax, word ptr [esi+ecx]0_2_00B01440
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [eax], cx0_2_00ADD457
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx ebx, byte ptr [ecx+esi+25h]0_2_00AC8590
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [edi+edx*8], 7789B0CBh0_2_00B07520
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+04h]0_2_00AD6536
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [eax], cx0_2_00AE9510
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [ebp-14h]0_2_00AEE66A
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx ebx, byte ptr [edx]0_2_00AFB650
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [ebp-14h]0_2_00AED7AF
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+08h]0_2_00B067EF
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx ecx, word ptr [edi+eax]0_2_00B07710
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]0_2_00B05700
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [eax], dx0_2_00AE28E9
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx edx, byte ptr [esi+edi]0_2_00AC49A0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [ebx+edx*8], 62429966h0_2_00B03920
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp word ptr [ecx+eax+02h], 0000h0_2_00ADD961
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp eax0_2_00AD1ACD
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp eax0_2_00AD1A3C
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [esi+edx*8], F3285E74h0_2_00B04A40
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx edx, byte ptr [esi+ebx]0_2_00AC5A50
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov ebx, dword ptr [edi+04h]0_2_00AF0B80
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+40h]0_2_00AD1BEE
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+04h]0_2_00AD3BE2
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+000006B8h]0_2_00ADDB6F
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [esi+edx*8], F8FD61B8h0_2_00ADDB6F
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [ebx+edx*8], 53F09CFAh0_2_00B09B60
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp eax0_2_00AEAC91
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [edx], ax0_2_00AEAC91
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]0_2_00B09CE0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [ebp+edx*8+00h], 9ECF05EBh0_2_00B09CE0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [esi+edx*8], C85F7986h0_2_00AECCD0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]0_2_00AECCD0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [edi+edx*8], C85F7986h0_2_00AECCD0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [ebx+edx*8], A70A987Fh0_2_00AFFC20
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp word ptr [ebp+edi+02h], 0000h0_2_00AE7C00
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp word ptr [eax+esi+02h], 0000h0_2_00AEEC48
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]0_2_00B08D8A
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [ebp-14h]0_2_00AEDD29
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov dword ptr [esp+1Ch], 5E46585Eh0_2_00AEFD10
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx edi, byte ptr [ecx+esi]0_2_00AC6EA0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp byte ptr [ebx], 00000000h0_2_00AD6EBF
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx ecx, word ptr [ebp+00h]0_2_00ACBEB0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+40h]0_2_00AD1E93
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov edi, ecx0_2_00AD4E2A
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [eax], cx0_2_00AE7E60
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]0_2_00AE5E70
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx ebx, word ptr [ecx]0_2_00AEAE57
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+20h]0_2_00AD6F91
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp ecx0_2_00B05FD6
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [edi+edx*8], F3285E74h0_2_00B07FC0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]0_2_00B07FC0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [edx], 0000h0_2_00ADFFDF
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp ecx0_2_00AC8FD0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp eax0_2_00AE9F62
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]0_2_00AFFF70

    Networking

    barindex
    Suricata IDS alerts for network traffic
    Source: Network trafficSuricata IDS: 2056475 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (spirittunek .store) : 192.168.2.6:56553 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056481 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (dissapoiznw .store) : 192.168.2.6:51848 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056483 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (eaglepawnoy .store) : 192.168.2.6:51966 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056485 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (mobbipenju .store) : 192.168.2.6:59660 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056471 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (clearancek .site) : 192.168.2.6:55266 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056477 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (bathdoomgaz .store) : 192.168.2.6:57265 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056473 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (licendfilteo .site) : 192.168.2.6:55038 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056479 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (studennotediw .store) : 192.168.2.6:64533 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2858666 - Severity 1 - ETPRO MALWARE Win32/Lumma Stealer Steam Profile Lookup : 192.168.2.6:49711 -> 104.102.49.254:443
    C2 URLs / IPs found in malware configuration
    Source: Malware configuration extractorURLs: mobbipenju.store
    Source: Malware configuration extractorURLs: spirittunek.store
    Source: Malware configuration extractorURLs: dissapoiznw.store
    Source: Malware configuration extractorURLs: studennotediw.store
    Source: Malware configuration extractorURLs: clearancek.site
    Source: Malware configuration extractorURLs: eaglepawnoy.store
    Source: Malware configuration extractorURLs: licendfilteo.site
    Source: Malware configuration extractorURLs: bathdoomgaz.store
    Source: Joe Sandbox ViewIP Address: 104.102.49.254 104.102.49.254
    Source: Joe Sandbox ViewASN Name: AKAMAI-ASUS AKAMAI-ASUS
    Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
    Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; equals www.youtube.com (Youtube)
    Source: global trafficDNS traffic detected: DNS query: clearancek.site
    Source: global trafficDNS traffic detected: DNS query: mobbipenju.store
    Source: global trafficDNS traffic detected: DNS query: eaglepawnoy.store
    Source: global trafficDNS traffic detected: DNS query: dissapoiznw.store
    Source: global trafficDNS traffic detected: DNS query: studennotediw.store
    Source: global trafficDNS traffic detected: DNS query: bathdoomgaz.store
    Source: global trafficDNS traffic detected: DNS query: spirittunek.store
    Source: global trafficDNS traffic detected: DNS query: licendfilteo.site
    Source: global trafficDNS traffic detected: DNS query: steamcommunity.com
    Source: global trafficDNS traffic detected: DNS query: sergei-esenin.com
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.1:27060
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211360977.0000000001372000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/account/cookiepreferences/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211360977.0000000001372000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/privacy_agreement/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211360977.0000000001372000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/subscriber_agreement/
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.valvesoftware.com/legal.htm
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.steampowered.com/
    Source: file.exe, 00000000.00000002.2211125821.00000000012D9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://avatars.cloudflare.s
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://avatars.cloudflare.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8d
    Source: file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://avatars.cloudflare.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg
    Source: file.exe, 00000000.00000003.2192560687.00000000012DE000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211125821.00000000012DE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bathdoomgaz.store:443/api
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://broadcast.st.dl.eccdnx.com
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://checkout.steampowered.com/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.st
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=ljhW-PbGuX
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&am
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/promo/summer2
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css?v=bZKSp7oNwVPK
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=engli
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1&
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/profilev2.css?v=gNE3gksLVEVa&l=en
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211125821.00000000012D9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.gif
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=W9BX
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=b
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bOP7RorZq4_W&
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bOP7RorZq4_W&l=englis
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/modalContent.js?v=UuGFpt56D9L4&l=
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=engli
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/profile.js?v=KkhJqW2NGKiM&l=engli
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/promo/sticker
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/promo/stickers.js?v=GfA42_x2_aub&
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&
    Source: file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&amp
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpE
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/webui/clientcom.js?v=qYlgdgWOD4Ng&amp
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=engl
    Source: file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Ff_1prscqzeu&
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=wJD9maDpDcV
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&amp
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/en/
    Source: file.exe, 00000000.00000003.2192560687.00000000012DE000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211125821.00000000012DE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://licendfilteo.site:443/apii
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.steampowered.com/
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://lv.queniujq.cn
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://medal.tv
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://player.vimeo.com
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net/recaptcha/;
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://s.ytimg.com;
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/5
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/M
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/api
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/api5
    Source: file.exe, 00000000.00000003.2192560687.0000000001318000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211246324.0000000001318000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/apip
    Source: file.exe, 00000000.00000003.2192560687.00000000012DE000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211125821.00000000012DE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com:443/apiVn
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sketchfab.com
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steam.tv/
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast-test.akamaized.net
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast.akamaized.net
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcastchat.akamaized.net
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com
    Source: file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/?subsection=broadcasts
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/discussions/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/market/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/my/wishlist/
    Source: file.exe, 00000000.00000002.2211125821.00000000012F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012F3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/badges
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/inventory/
    Source: file.exe, 00000000.00000002.2211125821.00000000012F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012F3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900jA5Y
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/workshop/
    Source: file.exe, 00000000.00000003.2192560687.00000000012DE000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211125821.00000000012DE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com:443/profiles/765611997243319005n
    Source: file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/;
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/about/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/explore/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211360977.0000000001372000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/legal/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/mobile
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/news/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/points/shop/
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/privacy_agreement/
    Source: file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/stats/
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/steam_refunds/
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/subscriber_agreement/
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
    Source: file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/recaptcha/
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.cn/recaptcha/
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/recaptcha/
    Source: file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com
    Source: file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
    Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
    Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:49711 version: TLS 1.2

    System Summary

    barindex
    PE file contains section with special chars
    Source: file.exeStatic PE information: section name:
    Source: file.exeStatic PE information: section name: .rsrc
    Source: file.exeStatic PE information: section name: .idata
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AD02280_2_00AD0228
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD0_2_00C9A0FD
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B0A0D00_2_00B0A0D0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AD20300_2_00AD2030
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AC10000_2_00AC1000
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9F01D0_2_00C9F01D
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B040400_2_00B04040
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00ACE1A00_2_00ACE1A0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AC71F00_2_00AC71F0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AC51600_2_00AC5160
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AC12F70_2_00AC12F7
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AF82D00_2_00AF82D0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AF12D00_2_00AF12D0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00ACB3A00_2_00ACB3A0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AC13A30_2_00AC13A3
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AF23E00_2_00AF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C8E35A0_2_00C8E35A
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00ACA3000_2_00ACA300
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AD44870_2_00AD4487
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AD049B0_2_00AD049B
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AF64F00_2_00AF64F0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C934A10_2_00C934A1
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C984B90_2_00C984B9
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AEC4700_2_00AEC470
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AC35B00_2_00AC35B0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AC85900_2_00AC8590
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00ADC5F00_2_00ADC5F0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9D5BF0_2_00C9D5BF
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B086F00_2_00B086F0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AFF6200_2_00AFF620
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B086520_2_00B08652
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AC164F0_2_00AC164F
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AFE8A00_2_00AFE8A0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AFB8C00_2_00AFB8C0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9187E0_2_00C9187E
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AF18600_2_00AF1860
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C2A81E0_2_00C2A81E
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00ACA8500_2_00ACA850
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C7F9CC0_2_00C7F9CC
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C969C40_2_00C969C4
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B089A00_2_00B089A0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AE098B0_2_00AE098B
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B07AB00_2_00B07AB0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B08A800_2_00B08A80
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B04A400_2_00B04A40
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AC7BF00_2_00AC7BF0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9BB400_2_00C9BB40
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00ADDB6F0_2_00ADDB6F
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B06CBF0_2_00B06CBF
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C90C900_2_00C90C90
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AECCD00_2_00AECCD0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B08C020_2_00B08C02
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C8ADF70_2_00C8ADF7
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AEDD290_2_00AEDD29
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AEFD100_2_00AEFD10
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AE8D620_2_00AE8D62
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AD6EBF0_2_00AD6EBF
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00ACBEB00_2_00ACBEB0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AD4E2A0_2_00AD4E2A
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B08E700_2_00B08E70
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AEAE570_2_00AEAE57
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C94F860_2_00C94F86
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C87FAE0_2_00C87FAE
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B07FC00_2_00B07FC0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AC8FD00_2_00AC8FD0
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00ACAF100_2_00ACAF10
    Source: C:\Users\user\Desktop\file.exeCode function: String function: 00ACCAA0 appears 48 times
    Source: C:\Users\user\Desktop\file.exeCode function: String function: 00ADD300 appears 152 times
    Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
    Source: file.exeStatic PE information: Section: ZLIB complexity 0.9995552289603961
    Source: classification engineClassification label: mal100.troj.evad.winEXE@1/0@10/1
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00AF8220 CoCreateInstance,0_2_00AF8220
    Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: file.exeReversingLabs: Detection: 39%
    Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\file.exeJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: winhttp.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: webio.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: winnsi.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: schannel.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: mskeyprotect.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ntasn1.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ncrypt.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ncryptsslp.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: msasn1.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: cryptsp.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: rsaenh.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: cryptbase.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: gpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: dpapi.dllJump to behavior
    Source: file.exeStatic file information: File size 2996224 > 1048576
    Source: file.exeStatic PE information: Raw size of tgoperjb is bigger than: 0x100000 < 0x2b2200

    Data Obfuscation

    barindex
    Detected unpacking (changes PE section rights)
    Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 0.2.file.exe.ac0000.0.unpack :EW;.rsrc :W;.idata :W;tgoperjb:EW;kunybgfa:EW;.taggant:EW; vs :ER;.rsrc :W;.idata :W;tgoperjb:EW;kunybgfa:EW;.taggant:EW;
    Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
    Source: file.exeStatic PE information: real checksum: 0x2ded73 should be: 0x2de2e6
    Source: file.exeStatic PE information: section name:
    Source: file.exeStatic PE information: section name: .rsrc
    Source: file.exeStatic PE information: section name: .idata
    Source: file.exeStatic PE information: section name: tgoperjb
    Source: file.exeStatic PE information: section name: kunybgfa
    Source: file.exeStatic PE information: section name: .taggant
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 2A15691Eh; mov dword ptr [esp], esp0_2_00C9A119
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 33163F4Dh; mov dword ptr [esp], ebp0_2_00C9A126
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ebp; mov dword ptr [esp], edx0_2_00C9A1A9
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push esi; mov dword ptr [esp], ebx0_2_00C9A218
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 6046E0FBh; mov dword ptr [esp], eax0_2_00C9A2EB
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ebx; mov dword ptr [esp], edi0_2_00C9A313
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ebx; mov dword ptr [esp], ecx0_2_00C9A3C2
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ebx; mov dword ptr [esp], edi0_2_00C9A456
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 163A9742h; mov dword ptr [esp], edi0_2_00C9A46B
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 4BD30412h; mov dword ptr [esp], ebp0_2_00C9A488
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push edi; mov dword ptr [esp], ebp0_2_00C9A4AA
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 0A0B65BEh; mov dword ptr [esp], edx0_2_00C9A5BC
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 3D5EAAA2h; mov dword ptr [esp], ecx0_2_00C9A61E
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push eax; mov dword ptr [esp], edi0_2_00C9A672
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ebp; mov dword ptr [esp], 77F7A9A0h0_2_00C9A6F7
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 3B452823h; mov dword ptr [esp], eax0_2_00C9A804
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ebp; mov dword ptr [esp], ecx0_2_00C9A815
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push eax; mov dword ptr [esp], 72C70DE9h0_2_00C9A833
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 24C66CD3h; mov dword ptr [esp], edx0_2_00C9A85F
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 6528CA58h; mov dword ptr [esp], eax0_2_00C9A872
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push edi; mov dword ptr [esp], edx0_2_00C9A8AD
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ecx; mov dword ptr [esp], 08F071B0h0_2_00C9A976
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ecx; mov dword ptr [esp], esi0_2_00C9AA63
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push edi; mov dword ptr [esp], esi0_2_00C9AB01
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ebp; mov dword ptr [esp], 3FF76300h0_2_00C9AB64
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ebx; mov dword ptr [esp], 789CA874h0_2_00C9ABA1
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 68F747C2h; mov dword ptr [esp], edx0_2_00C9AC7D
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push edi; mov dword ptr [esp], ecx0_2_00C9ACBA
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ebx; mov dword ptr [esp], ecx0_2_00C9AD0E
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push ebp; mov dword ptr [esp], ebx0_2_00C9AD57
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C9A0FD push 675C1587h; mov dword ptr [esp], edi0_2_00C9AE22
    Source: file.exeStatic PE information: section name: entropy: 7.977275252454008

    Boot Survival

    barindex
    Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonClassJump to behavior
    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior

    Malware Analysis System Evasion

    barindex
    Tries to detect sandboxes / dynamic malware analysis system (registry check)
    Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
    Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
    Tries to detect virtualization through RDTSC time measurements
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: B243DB second address: B23C90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D58FF7B6Dh 0x00000009 popad 0x0000000a push eax 0x0000000b jmp 00007F6D58FF7B77h 0x00000010 nop 0x00000011 jmp 00007F6D58FF7B75h 0x00000016 push dword ptr [ebp+122D15B1h] 0x0000001c jmp 00007F6D58FF7B6Bh 0x00000021 call dword ptr [ebp+122D1CF9h] 0x00000027 pushad 0x00000028 sub dword ptr [ebp+122D1CB6h], eax 0x0000002e xor eax, eax 0x00000030 jno 00007F6D58FF7B67h 0x00000036 mov edx, dword ptr [esp+28h] 0x0000003a jmp 00007F6D58FF7B76h 0x0000003f add dword ptr [ebp+122D1CB6h], edi 0x00000045 mov dword ptr [ebp+122D2CB0h], eax 0x0000004b mov dword ptr [ebp+122D288Eh], esi 0x00000051 mov esi, 0000003Ch 0x00000056 clc 0x00000057 add esi, dword ptr [esp+24h] 0x0000005b pushad 0x0000005c mov bx, si 0x0000005f mov ecx, ebx 0x00000061 popad 0x00000062 lodsw 0x00000064 mov dword ptr [ebp+122D2B55h], ecx 0x0000006a add eax, dword ptr [esp+24h] 0x0000006e jmp 00007F6D58FF7B76h 0x00000073 mov ebx, dword ptr [esp+24h] 0x00000077 pushad 0x00000078 jnl 00007F6D58FF7B6Ch 0x0000007e mov dx, 616Bh 0x00000082 popad 0x00000083 nop 0x00000084 pushad 0x00000085 jmp 00007F6D58FF7B6Bh 0x0000008a push eax 0x0000008b jmp 00007F6D58FF7B6Fh 0x00000090 pop eax 0x00000091 popad 0x00000092 push eax 0x00000093 push eax 0x00000094 push edx 0x00000095 jmp 00007F6D58FF7B72h 0x0000009a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA5F93 second address: CA5FA6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F6D592C716Ch 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA5FA6 second address: CA5FAA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA4EA3 second address: CA4EBB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C7172h 0x00000007 push eax 0x00000008 push edx 0x00000009 push esi 0x0000000a pop esi 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA51ED second address: CA51F3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA51F3 second address: CA520D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F6D592C7172h 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA53A2 second address: CA53BE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F6D58FF7B70h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA8CE5 second address: CA8CEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA8CEC second address: CA8D27 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D58FF7B71h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d pushad 0x0000000e jc 00007F6D58FF7B68h 0x00000014 push edi 0x00000015 jns 00007F6D58FF7B66h 0x0000001b pop edi 0x0000001c popad 0x0000001d mov eax, dword ptr [eax] 0x0000001f push eax 0x00000020 push edx 0x00000021 push edi 0x00000022 jmp 00007F6D58FF7B6Ah 0x00000027 pop edi 0x00000028 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA8DAA second address: CA8DAE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA8DAE second address: CA8E13 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D58FF7B74h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F6D58FF7B70h 0x0000000e popad 0x0000000f push eax 0x00000010 jc 00007F6D58FF7B75h 0x00000016 jmp 00007F6D58FF7B6Fh 0x0000001b nop 0x0000001c push ecx 0x0000001d stc 0x0000001e pop edx 0x0000001f mov dword ptr [ebp+122D2924h], ecx 0x00000025 push 00000000h 0x00000027 or dx, 7DCBh 0x0000002c and ecx, 429E64A2h 0x00000032 push 9EF991F7h 0x00000037 push eax 0x00000038 push edx 0x00000039 push edi 0x0000003a jg 00007F6D58FF7B66h 0x00000040 pop edi 0x00000041 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA8E13 second address: CA8E5C instructions: 0x00000000 rdtsc 0x00000002 ja 00007F6D592C7168h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a add dword ptr [esp], 61066E89h 0x00000011 push 00000000h 0x00000013 push edi 0x00000014 call 00007F6D592C7168h 0x00000019 pop edi 0x0000001a mov dword ptr [esp+04h], edi 0x0000001e add dword ptr [esp+04h], 00000014h 0x00000026 inc edi 0x00000027 push edi 0x00000028 ret 0x00000029 pop edi 0x0000002a ret 0x0000002b push 00000003h 0x0000002d clc 0x0000002e push 00000000h 0x00000030 mov edi, 010B3392h 0x00000035 push 00000003h 0x00000037 sbb cx, 8992h 0x0000003c push CCD0FD21h 0x00000041 pushad 0x00000042 pushad 0x00000043 push eax 0x00000044 push edx 0x00000045 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA8E5C second address: CA8EC5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push esi 0x00000008 jnp 00007F6D58FF7B66h 0x0000000e pop esi 0x0000000f popad 0x00000010 xor dword ptr [esp], 0CD0FD21h 0x00000017 jns 00007F6D58FF7B6Ch 0x0000001d sub esi, 42EF8F1Ah 0x00000023 lea ebx, dword ptr [ebp+12458BF9h] 0x00000029 push 00000000h 0x0000002b push esi 0x0000002c call 00007F6D58FF7B68h 0x00000031 pop esi 0x00000032 mov dword ptr [esp+04h], esi 0x00000036 add dword ptr [esp+04h], 0000001Dh 0x0000003e inc esi 0x0000003f push esi 0x00000040 ret 0x00000041 pop esi 0x00000042 ret 0x00000043 xor ecx, dword ptr [ebp+122D2E3Ch] 0x00000049 xchg eax, ebx 0x0000004a push edx 0x0000004b jnc 00007F6D58FF7B68h 0x00000051 pop edx 0x00000052 push eax 0x00000053 push ecx 0x00000054 push eax 0x00000055 push edx 0x00000056 jg 00007F6D58FF7B66h 0x0000005c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CA91D7 second address: CA91DD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CBAE2C second address: CBAE32 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC7701 second address: CC7705 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC7858 second address: CC7867 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jmp 00007F6D58FF7B6Ah 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC7B48 second address: CC7B4C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC7B4C second address: CC7B83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 js 00007F6D58FF7B72h 0x0000000e jmp 00007F6D58FF7B6Ah 0x00000013 push esi 0x00000014 pop esi 0x00000015 jne 00007F6D58FF7B68h 0x0000001b push eax 0x0000001c push edx 0x0000001d jmp 00007F6D58FF7B71h 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC7B83 second address: CC7B87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC7B87 second address: CC7B8B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC8647 second address: CC864B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC864B second address: CC8688 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 push ecx 0x0000000a jbe 00007F6D58FF7B72h 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F6D58FF7B79h 0x00000017 jo 00007F6D58FF7B66h 0x0000001d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C92FE7 second address: C92FFB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jl 00007F6D592C716Eh 0x0000000c jnc 00007F6D592C7166h 0x00000012 push edi 0x00000013 pop edi 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC87D3 second address: CC87DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F6D58FF7B66h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC87DD second address: CC87EC instructions: 0x00000000 rdtsc 0x00000002 jne 00007F6D592C7166h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pushad 0x0000000c push esi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC8E76 second address: CC8E7B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC8E7B second address: CC8EB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F6D592C7166h 0x0000000a jnp 00007F6D592C7166h 0x00000010 push eax 0x00000011 pop eax 0x00000012 popad 0x00000013 jo 00007F6D592C716Eh 0x00000019 jne 00007F6D592C7166h 0x0000001f pushad 0x00000020 popad 0x00000021 pop edx 0x00000022 pop eax 0x00000023 push edi 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007F6D592C716Dh 0x0000002b pushad 0x0000002c popad 0x0000002d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CC9011 second address: CC9046 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 jmp 00007F6D58FF7B77h 0x0000000c jmp 00007F6D58FF7B6Dh 0x00000011 jg 00007F6D58FF7B6Eh 0x00000017 push ecx 0x00000018 pop ecx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCC340 second address: CCC347 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCB1B3 second address: CCB1B7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCB1B7 second address: CCB1D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F6D592C7174h 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCC9D1 second address: CCCA1F instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jg 00007F6D58FF7B66h 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jmp 00007F6D58FF7B6Dh 0x00000012 mov eax, dword ptr [esp+04h] 0x00000016 jmp 00007F6D58FF7B74h 0x0000001b mov eax, dword ptr [eax] 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007F6D58FF7B78h 0x00000024 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCCA1F second address: CCCA54 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F6D592C7175h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp+04h], eax 0x0000000e push ecx 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F6D592C7175h 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCCBBA second address: CCCBBE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCCBBE second address: CCCBD0 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F6D592C7166h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jg 00007F6D592C7166h 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCCBD0 second address: CCCBFC instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jmp 00007F6D58FF7B76h 0x00000014 ja 00007F6D58FF7B66h 0x0000001a popad 0x0000001b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CCCBFC second address: CCCC16 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6D592C7176h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C88C8E second address: C88C94 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C88C94 second address: C88C98 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C88C98 second address: C88C9C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C88C9C second address: C88CA2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C88CA2 second address: C88CBA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push esi 0x00000008 pop esi 0x00000009 jmp 00007F6D58FF7B6Eh 0x0000000e popad 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C88CBA second address: C88CC3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C88CC3 second address: C88CD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c push edi 0x0000000d pop edi 0x0000000e ja 00007F6D58FF7B66h 0x00000014 popad 0x00000015 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD51FF second address: CD520D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pushad 0x00000006 jno 00007F6D592C7166h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD56AA second address: CD56DB instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 js 00007F6D58FF7B66h 0x00000009 pushad 0x0000000a popad 0x0000000b pop ebx 0x0000000c jmp 00007F6D58FF7B78h 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 jg 00007F6D58FF7B66h 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD56DB second address: CD56E1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD56E1 second address: CD56E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD56E8 second address: CD56F1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push ebx 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD56F1 second address: CD56FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ebx 0x00000006 push eax 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD59E6 second address: CD59F2 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F6D592C716Eh 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD6708 second address: CD671D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D58FF7B6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD671D second address: CD6722 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD696D second address: CD6977 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD6977 second address: CD697B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD6BC1 second address: CD6BC7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD6BC7 second address: CD6BDB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD74CF second address: CD74D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD77B8 second address: CD7809 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 popad 0x00000006 nop 0x00000007 push 00000000h 0x00000009 push eax 0x0000000a call 00007F6D592C7168h 0x0000000f pop eax 0x00000010 mov dword ptr [esp+04h], eax 0x00000014 add dword ptr [esp+04h], 0000001Dh 0x0000001c inc eax 0x0000001d push eax 0x0000001e ret 0x0000001f pop eax 0x00000020 ret 0x00000021 jmp 00007F6D592C716Eh 0x00000026 push eax 0x00000027 pushad 0x00000028 push eax 0x00000029 push edx 0x0000002a jmp 00007F6D592C7173h 0x0000002f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD7CED second address: CD7CF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD967E second address: CD9682 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD9F5B second address: CD9F66 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F6D58FF7B66h 0x0000000a popad 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD9F66 second address: CD9F7B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jc 00007F6D592C7166h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CD9F7B second address: CD9F81 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDCE7C second address: CDCEDB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C716Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a pushad 0x0000000b jbe 00007F6D592C7169h 0x00000011 xor ah, 00000032h 0x00000014 jmp 00007F6D592C716Ah 0x00000019 popad 0x0000001a push 00000000h 0x0000001c push edx 0x0000001d clc 0x0000001e pop esi 0x0000001f push 00000000h 0x00000021 push 00000000h 0x00000023 push eax 0x00000024 call 00007F6D592C7168h 0x00000029 pop eax 0x0000002a mov dword ptr [esp+04h], eax 0x0000002e add dword ptr [esp+04h], 0000001Dh 0x00000036 inc eax 0x00000037 push eax 0x00000038 ret 0x00000039 pop eax 0x0000003a ret 0x0000003b movzx edi, cx 0x0000003e push eax 0x0000003f pushad 0x00000040 jnp 00007F6D592C716Ch 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDCEDB second address: CDCEE2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE4F93 second address: CE4FFE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D592C716Bh 0x00000009 popad 0x0000000a pop edi 0x0000000b nop 0x0000000c add dword ptr [ebp+122D277Fh], edi 0x00000012 push 00000000h 0x00000014 jbe 00007F6D592C7172h 0x0000001a push 00000000h 0x0000001c push 00000000h 0x0000001e push edx 0x0000001f call 00007F6D592C7168h 0x00000024 pop edx 0x00000025 mov dword ptr [esp+04h], edx 0x00000029 add dword ptr [esp+04h], 00000017h 0x00000031 inc edx 0x00000032 push edx 0x00000033 ret 0x00000034 pop edx 0x00000035 ret 0x00000036 mov edi, dword ptr [ebp+122D2D1Ch] 0x0000003c mov dword ptr [ebp+122D58C1h], ebx 0x00000042 xchg eax, esi 0x00000043 pushad 0x00000044 jne 00007F6D592C716Ch 0x0000004a push eax 0x0000004b push edx 0x0000004c pushad 0x0000004d popad 0x0000004e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE4FFE second address: CE500C instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE00EE second address: CE00F5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE11B4 second address: CE11B9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE32D8 second address: CE32DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE500C second address: CE5010 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE00F5 second address: CE010E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F6D592C716Fh 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE5010 second address: CE501A instructions: 0x00000000 rdtsc 0x00000002 jp 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE8287 second address: CE828E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop ecx 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE63A1 second address: CE63A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE63A5 second address: CE63A9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE63A9 second address: CE63AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE63AF second address: CE63B4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE8A95 second address: CE8A99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE63B4 second address: CE63D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b jmp 00007F6D592C7176h 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE9985 second address: CE9989 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE63D9 second address: CE63DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE9989 second address: CE998F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE998F second address: CE9995 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE64C0 second address: CE64E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F6D58FF7B66h 0x0000000a popad 0x0000000b push edx 0x0000000c jng 00007F6D58FF7B66h 0x00000012 pop edx 0x00000013 popad 0x00000014 push eax 0x00000015 jg 00007F6D58FF7B74h 0x0000001b push eax 0x0000001c push edx 0x0000001d jno 00007F6D58FF7B66h 0x00000023 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE9995 second address: CE9A1D instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push 00000000h 0x0000000b push eax 0x0000000c call 00007F6D592C7168h 0x00000011 pop eax 0x00000012 mov dword ptr [esp+04h], eax 0x00000016 add dword ptr [esp+04h], 0000001Dh 0x0000001e inc eax 0x0000001f push eax 0x00000020 ret 0x00000021 pop eax 0x00000022 ret 0x00000023 mov dword ptr [ebp+12460A78h], ebx 0x00000029 push 00000000h 0x0000002b push 00000000h 0x0000002d push edx 0x0000002e call 00007F6D592C7168h 0x00000033 pop edx 0x00000034 mov dword ptr [esp+04h], edx 0x00000038 add dword ptr [esp+04h], 0000001Ah 0x00000040 inc edx 0x00000041 push edx 0x00000042 ret 0x00000043 pop edx 0x00000044 ret 0x00000045 push 00000000h 0x00000047 call 00007F6D592C7173h 0x0000004c call 00007F6D592C716Eh 0x00000051 mov edi, 6179BEA7h 0x00000056 pop edi 0x00000057 pop edi 0x00000058 push eax 0x00000059 pushad 0x0000005a push eax 0x0000005b push edx 0x0000005c push ecx 0x0000005d pop ecx 0x0000005e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CED95E second address: CED96F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6D58FF7B6Dh 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CEA984 second address: CEA99F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F6D592C7174h 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE9B1F second address: CE9B25 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CEDBB9 second address: CEDBCC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C716Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE9B25 second address: CE9B2F instructions: 0x00000000 rdtsc 0x00000002 jp 00007F6D58FF7B6Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CEDBCC second address: CEDBE3 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jnp 00007F6D592C7166h 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push ebx 0x00000010 ja 00007F6D592C7166h 0x00000016 pop ebx 0x00000017 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CE9BD9 second address: CE9BE8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6D58FF7B6Bh 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF0A62 second address: CF0A68 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CEFC00 second address: CEFC04 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF0A68 second address: CF0A6D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF0A6D second address: CF0A73 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CEFC04 second address: CEFC20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F6D592C716Ah 0x0000000b popad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push edi 0x00000010 jnl 00007F6D592C7166h 0x00000016 pop edi 0x00000017 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF3054 second address: CF305E instructions: 0x00000000 rdtsc 0x00000002 jng 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF9EB4 second address: CF9EC0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F6D592C7166h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF95CC second address: CF95EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D58FF7B76h 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF95EB second address: CF95EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF95EF second address: CF95F3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF95F3 second address: CF95F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF9912 second address: CF9916 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF9916 second address: CF9952 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007F6D592C7173h 0x0000000d pushad 0x0000000e push esi 0x0000000f pop esi 0x00000010 jmp 00007F6D592C7176h 0x00000015 jc 00007F6D592C7166h 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CF9A97 second address: CF9AA5 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push esi 0x0000000d pop esi 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFE672 second address: CFE676 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CFE676 second address: CFE67C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D04511 second address: D04516 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C8A88B second address: C8A891 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0315A second address: D03180 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jng 00007F6D592C7181h 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D03180 second address: D03188 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D038D7 second address: D038DC instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D038DC second address: D038E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push edx 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D038E7 second address: D038ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D038ED second address: D038F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D03A38 second address: D03A43 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F6D592C7166h 0x0000000a popad 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D03BB0 second address: D03BB8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D03D1B second address: D03D25 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F6D592C7166h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D03D25 second address: D03D31 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F6D58FF7B6Eh 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D03E9C second address: D03EB3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 push edx 0x00000006 pop edx 0x00000007 pop edi 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c jmp 00007F6D592C716Bh 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D03EB3 second address: D03EC3 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jnp 00007F6D58FF7B66h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D03EC3 second address: D03EC7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D04081 second address: D04087 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D04087 second address: D0408D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0408D second address: D040A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D58FF7B71h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0421B second address: D0421F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D04377 second address: D0437B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0437B second address: D04381 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D04381 second address: D0438B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 push edi 0x00000008 pop edi 0x00000009 pop edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C99BC5 second address: C99BC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C99BC9 second address: C99C09 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D58FF7B6Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a jp 00007F6D58FF7B98h 0x00000010 push ecx 0x00000011 jmp 00007F6D58FF7B6Ch 0x00000016 pop ecx 0x00000017 push eax 0x00000018 push edx 0x00000019 jmp 00007F6D58FF7B6Bh 0x0000001e jmp 00007F6D58FF7B6Dh 0x00000023 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C99C09 second address: C99C0D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0AAE4 second address: D0AB02 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F6D58FF7B72h 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0AB02 second address: D0AB22 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jmp 00007F6D592C7175h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0AB22 second address: D0AB28 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0CE51 second address: D0CE55 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0CE55 second address: D0CE84 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jo 00007F6D58FF7B6Eh 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e jnp 00007F6D58FF7B66h 0x00000014 jmp 00007F6D58FF7B72h 0x00000019 popad 0x0000001a push eax 0x0000001b push edx 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f popad 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0CE84 second address: D0CE88 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0CE88 second address: D0CE8C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0CE8C second address: D0CE92 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D0CE92 second address: D0CE97 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D12861 second address: D12865 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D115DB second address: D1160F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D58FF7B70h 0x00000009 jmp 00007F6D58FF7B6Dh 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007F6D58FF7B6Ch 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1160F second address: D11613 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D11613 second address: D1161D instructions: 0x00000000 rdtsc 0x00000002 jg 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D125AD second address: D125CD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C7177h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D125CD second address: D125EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D58FF7B6Ah 0x00000009 pop esi 0x0000000a pushad 0x0000000b jne 00007F6D58FF7B66h 0x00000011 jp 00007F6D58FF7B66h 0x00000017 popad 0x00000018 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D17DDD second address: D17DE1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D17DE1 second address: D17DE5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D17DE5 second address: D17DFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F6D592C716Fh 0x0000000c push esi 0x0000000d pop esi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D17DFF second address: D17E25 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 pushad 0x00000007 pushad 0x00000008 jmp 00007F6D58FF7B76h 0x0000000d ja 00007F6D58FF7B66h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D17E25 second address: D17E39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jg 00007F6D592C7166h 0x0000000c jo 00007F6D592C7166h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D17E39 second address: D17E3F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D180CC second address: D180D8 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F6D592C7166h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D180D8 second address: D180E0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D180E0 second address: D180E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D180E4 second address: D18107 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D58FF7B6Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F6D58FF7B6Dh 0x00000012 push edx 0x00000013 push ebx 0x00000014 pop ebx 0x00000015 pop edx 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D18107 second address: D18113 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F6D592C7166h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D183F7 second address: D1841F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jne 00007F6D58FF7B66h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007F6D58FF7B79h 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D18561 second address: D18567 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D18D7B second address: D18D81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D18D81 second address: D18D86 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D18D86 second address: D18D93 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jc 00007F6D58FF7B66h 0x00000009 push edx 0x0000000a pop edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D18D93 second address: D18D99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D18D99 second address: D18DA1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D191D0 second address: D191D6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1CEFF second address: D1CF1C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6D58FF7B73h 0x00000009 jnc 00007F6D58FF7B66h 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1CF1C second address: D1CF3B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C7176h 0x00000007 push edi 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1CF3B second address: D1CF55 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c jmp 00007F6D58FF7B6Bh 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1CF55 second address: D1CF87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007F6D592C716Eh 0x0000000b popad 0x0000000c pushad 0x0000000d jnc 00007F6D592C7166h 0x00000013 jmp 00007F6D592C7174h 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1CF87 second address: D1CF91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ebx 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDE54D second address: CDE563 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C716Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push esi 0x0000000c pop esi 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDE563 second address: CDE5FD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 add dword ptr [esp], 25C27A4Bh 0x0000000e push 00000000h 0x00000010 push ebx 0x00000011 call 00007F6D58FF7B68h 0x00000016 pop ebx 0x00000017 mov dword ptr [esp+04h], ebx 0x0000001b add dword ptr [esp+04h], 0000001Ah 0x00000023 inc ebx 0x00000024 push ebx 0x00000025 ret 0x00000026 pop ebx 0x00000027 ret 0x00000028 mov dword ptr [ebp+124835D6h], edx 0x0000002e call 00007F6D58FF7B69h 0x00000033 pushad 0x00000034 pushad 0x00000035 jp 00007F6D58FF7B66h 0x0000003b pushad 0x0000003c popad 0x0000003d popad 0x0000003e jmp 00007F6D58FF7B70h 0x00000043 popad 0x00000044 push eax 0x00000045 push ecx 0x00000046 jnp 00007F6D58FF7B75h 0x0000004c pop ecx 0x0000004d mov eax, dword ptr [esp+04h] 0x00000051 push ecx 0x00000052 jp 00007F6D58FF7B68h 0x00000058 pushad 0x00000059 popad 0x0000005a pop ecx 0x0000005b mov eax, dword ptr [eax] 0x0000005d push eax 0x0000005e push edx 0x0000005f push eax 0x00000060 push edx 0x00000061 jmp 00007F6D58FF7B73h 0x00000066 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDE5FD second address: CDE603 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDE603 second address: CDE608 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDE77B second address: CDE77F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDE85D second address: CDE896 instructions: 0x00000000 rdtsc 0x00000002 js 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edi 0x0000000b push eax 0x0000000c jg 00007F6D58FF7B6Ah 0x00000012 mov eax, dword ptr [esp+04h] 0x00000016 jmp 00007F6D58FF7B77h 0x0000001b mov eax, dword ptr [eax] 0x0000001d push eax 0x0000001e push edx 0x0000001f push esi 0x00000020 push ecx 0x00000021 pop ecx 0x00000022 pop esi 0x00000023 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDE896 second address: CDE8A7 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp+04h], eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDE8A7 second address: CDE8B5 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEE30 second address: CDEE35 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEFA9 second address: CDEFAD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEFAD second address: CDEFBA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b push esi 0x0000000c pop esi 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEFBA second address: CDEFBE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEFBE second address: CDEFC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDF226 second address: CDF23E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b jg 00007F6D58FF7B66h 0x00000011 js 00007F6D58FF7B66h 0x00000017 popad 0x00000018 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDF23E second address: CDF270 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jne 00007F6D592C7166h 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 ja 00007F6D592C7174h 0x00000016 mov eax, dword ptr [eax] 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007F6D592C716Ah 0x0000001f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDF358 second address: CDF3C2 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F6D58FF7B6Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F6D58FF7B6Bh 0x00000011 pop edx 0x00000012 nop 0x00000013 push 00000000h 0x00000015 push ebp 0x00000016 call 00007F6D58FF7B68h 0x0000001b pop ebp 0x0000001c mov dword ptr [esp+04h], ebp 0x00000020 add dword ptr [esp+04h], 00000019h 0x00000028 inc ebp 0x00000029 push ebp 0x0000002a ret 0x0000002b pop ebp 0x0000002c ret 0x0000002d pushad 0x0000002e jmp 00007F6D58FF7B6Eh 0x00000033 xor dword ptr [ebp+122D2557h], eax 0x00000039 popad 0x0000003a lea eax, dword ptr [ebp+1248DC44h] 0x00000040 mov dword ptr [ebp+1247F6A1h], ecx 0x00000046 nop 0x00000047 push eax 0x00000048 push edx 0x00000049 pushad 0x0000004a pushad 0x0000004b popad 0x0000004c push eax 0x0000004d push edx 0x0000004e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDF3C2 second address: CDF3C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDF3C7 second address: CDF3E0 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F6D58FF7B68h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e jnc 00007F6D58FF7B66h 0x00000014 push ecx 0x00000015 pop ecx 0x00000016 popad 0x00000017 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDF3E0 second address: CDF3E5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDF3E5 second address: CBEF18 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a xor dh, FFFFFF82h 0x0000000d call dword ptr [ebp+122D289Dh] 0x00000013 jo 00007F6D58FF7B7Fh 0x00000019 pushad 0x0000001a jnc 00007F6D58FF7B66h 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1D1BE second address: D1D1CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jo 00007F6D592C7166h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1D1CA second address: D1D1DA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F6D58FF7B66h 0x0000000a jp 00007F6D58FF7B66h 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1D328 second address: D1D332 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F6D592C7166h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1D8DB second address: D1D8E0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1D8E0 second address: D1D90C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 jmp 00007F6D592C716Fh 0x0000000b jmp 00007F6D592C7170h 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 push ebx 0x00000014 pop ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1D90C second address: D1D910 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1DA74 second address: D1DA85 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop esi 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1DA85 second address: D1DA89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D1DA89 second address: D1DAA3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C7174h 0x00000007 push edi 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D20677 second address: D2067B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D201C8 second address: D20220 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C716Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F6D592C7170h 0x0000000e jmp 00007F6D592C7177h 0x00000013 popad 0x00000014 push ecx 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F6D592C7175h 0x0000001c jnl 00007F6D592C7166h 0x00000022 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D20220 second address: D20224 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2036F second address: D2038A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jmp 00007F6D592C7170h 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2038A second address: D2038E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2038E second address: D20394 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D237E8 second address: D23810 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jo 00007F6D58FF7B66h 0x0000000d jmp 00007F6D58FF7B78h 0x00000012 pushad 0x00000013 popad 0x00000014 popad 0x00000015 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D23810 second address: D2381B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnp 00007F6D592C7166h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2381B second address: D23838 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 pushad 0x00000008 jmp 00007F6D58FF7B73h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D23838 second address: D2385C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007F6D592C7177h 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2385C second address: D23862 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C913C3 second address: C913D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F6D592C716Ah 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D23142 second address: D23147 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D28A6F second address: D28A74 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D28A74 second address: D28A8A instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push esi 0x0000000b pushad 0x0000000c popad 0x0000000d pop esi 0x0000000e push edx 0x0000000f jg 00007F6D58FF7B66h 0x00000015 pop edx 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C8DD8D second address: C8DD9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jno 00007F6D592C7166h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C8DD9B second address: C8DDAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D58FF7B6Eh 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D27CBC second address: D27CCE instructions: 0x00000000 rdtsc 0x00000002 jne 00007F6D592C716Ch 0x00000008 jns 00007F6D592C7166h 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D27CCE second address: D27CD2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D27E21 second address: D27E32 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 js 00007F6D592C7166h 0x0000000b pop edi 0x0000000c pushad 0x0000000d push edx 0x0000000e pop edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D27FDE second address: D27FF1 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F6D58FF7B6Eh 0x00000008 push edi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D28139 second address: D2813D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2813D second address: D28145 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D28145 second address: D2814A instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2814A second address: D28155 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D28155 second address: D28159 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D28159 second address: D2815F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D282A3 second address: D282C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F6D592C7166h 0x0000000a push eax 0x0000000b pop eax 0x0000000c push edi 0x0000000d pop edi 0x0000000e popad 0x0000000f push edx 0x00000010 jmp 00007F6D592C7175h 0x00000015 pop edx 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2844F second address: D2848E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 jnc 00007F6D58FF7B92h 0x0000000d pop ecx 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2848E second address: D2849D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D592C716Bh 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2849D second address: D284CA instructions: 0x00000000 rdtsc 0x00000002 jo 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jns 00007F6D58FF7B68h 0x00000010 pushad 0x00000011 jmp 00007F6D58FF7B78h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2EA4B second address: D2EA51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2D29C second address: D2D2A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2D2A1 second address: D2D2C0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C7177h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2D879 second address: D2D894 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D58FF7B77h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2D894 second address: D2D89E instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F6D592C7166h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEC61 second address: CDEC6B instructions: 0x00000000 rdtsc 0x00000002 jng 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEC6B second address: CDEC84 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jp 00007F6D592C7166h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f jl 00007F6D592C7174h 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: CDEC84 second address: CDECFA instructions: 0x00000000 rdtsc 0x00000002 jg 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push ebx 0x0000000e call 00007F6D58FF7B68h 0x00000013 pop ebx 0x00000014 mov dword ptr [esp+04h], ebx 0x00000018 add dword ptr [esp+04h], 0000001Bh 0x00000020 inc ebx 0x00000021 push ebx 0x00000022 ret 0x00000023 pop ebx 0x00000024 ret 0x00000025 or di, 527Fh 0x0000002a pushad 0x0000002b or edx, dword ptr [ebp+122D2BF0h] 0x00000031 popad 0x00000032 mov ebx, dword ptr [ebp+1248DC83h] 0x00000038 clc 0x00000039 add eax, ebx 0x0000003b push 00000000h 0x0000003d push edi 0x0000003e call 00007F6D58FF7B68h 0x00000043 pop edi 0x00000044 mov dword ptr [esp+04h], edi 0x00000048 add dword ptr [esp+04h], 00000017h 0x00000050 inc edi 0x00000051 push edi 0x00000052 ret 0x00000053 pop edi 0x00000054 ret 0x00000055 movsx ecx, bx 0x00000058 push eax 0x00000059 push eax 0x0000005a push edx 0x0000005b jmp 00007F6D58FF7B6Dh 0x00000060 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2DCDB second address: D2DCE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F6D592C7166h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2DCE5 second address: D2DCFB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D58FF7B72h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2DCFB second address: D2DD04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D2DD04 second address: D2DD0A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D32189 second address: D3219B instructions: 0x00000000 rdtsc 0x00000002 je 00007F6D592C7166h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push edx 0x0000000f pop edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D3219B second address: D3219F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D32317 second address: D32366 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C716Dh 0x00000007 jmp 00007F6D592C7178h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f jne 00007F6D592C7166h 0x00000015 jmp 00007F6D592C7177h 0x0000001a jc 00007F6D592C7166h 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D32366 second address: D32374 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 jng 00007F6D58FF7B66h 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D32374 second address: D3238E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F6D592C716Ch 0x0000000b je 00007F6D592C716Eh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D327D5 second address: D327D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D327D9 second address: D327DD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38553 second address: D38559 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38559 second address: D3855F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D3855F second address: D38580 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F6D58FF7B70h 0x00000008 jnp 00007F6D58FF7B66h 0x0000000e pushad 0x0000000f popad 0x00000010 popad 0x00000011 push eax 0x00000012 pushad 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D386BD second address: D386C2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38AE3 second address: D38AE8 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38AE8 second address: D38B14 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop esi 0x00000007 jmp 00007F6D592C716Ch 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F6D592C7173h 0x00000017 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38B14 second address: D38B1F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38B1F second address: D38B26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38B26 second address: D38B5C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F6D58FF7B75h 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c jmp 00007F6D58FF7B75h 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38EE2 second address: D38EE6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38EE6 second address: D38EEC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38EEC second address: D38EF1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38EF1 second address: D38F1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007F6D58FF7B79h 0x0000000d pop eax 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D38F1A second address: D38F37 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C7173h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D397DA second address: D397F5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D58FF7B77h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D39A9B second address: D39AA1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D3A311 second address: D3A315 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D3A315 second address: D3A31F instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D3A31F second address: D3A323 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D400A9 second address: D400AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D400AD second address: D400DE instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 jp 00007F6D58FF7B66h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push edi 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007F6D58FF7B77h 0x00000014 pop edi 0x00000015 pop edx 0x00000016 push eax 0x00000017 push eax 0x00000018 push edx 0x00000019 jnl 00007F6D58FF7B66h 0x0000001f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D434AE second address: D434C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D592C7173h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D434C5 second address: D434CE instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4365B second address: D4365F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4365F second address: D43665 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D43925 second address: D43929 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D43929 second address: D43931 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D43931 second address: D43936 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D43C00 second address: D43C59 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push esi 0x0000000a pop esi 0x0000000b jmp 00007F6D58FF7B71h 0x00000010 popad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 push ecx 0x00000016 pop ecx 0x00000017 jmp 00007F6D58FF7B74h 0x0000001c pushad 0x0000001d popad 0x0000001e popad 0x0000001f pushad 0x00000020 jmp 00007F6D58FF7B71h 0x00000025 jmp 00007F6D58FF7B6Ch 0x0000002a popad 0x0000002b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D43C59 second address: D43C72 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jnc 00007F6D592C7166h 0x00000009 pop edi 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d jmp 00007F6D592C716Ah 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D43E08 second address: D43E27 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F6D58FF7B78h 0x00000008 push edi 0x00000009 pop edi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D43F87 second address: D43F91 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F6D592C7166h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D43F91 second address: D43F97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D440F5 second address: D44100 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D44100 second address: D44104 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D44104 second address: D44108 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4D0CD second address: D4D0D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4D0D3 second address: D4D0DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4D0DB second address: D4D0E6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4D0E6 second address: D4D0F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F6D592C7166h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4D0F0 second address: D4D0F4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4B909 second address: D4B90D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4B90D second address: D4B929 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jg 00007F6D58FF7B6Ch 0x0000000c pop edi 0x0000000d push edi 0x0000000e jc 00007F6D58FF7B72h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4B929 second address: D4B945 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F6D592C7166h 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F6D592C716Eh 0x00000011 push ebx 0x00000012 pop ebx 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4B945 second address: D4B94B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4BBA4 second address: D4BBAA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4BD22 second address: D4BD26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4BEBD second address: D4BEC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F6D592C7166h 0x0000000a popad 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4BEC8 second address: D4BEE8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F6D58FF7B6Ch 0x00000009 jmp 00007F6D58FF7B70h 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4BEE8 second address: D4BEF3 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D4C833 second address: D4C839 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D53F21 second address: D53F27 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D53F27 second address: D53F43 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D58FF7B78h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D53ABD second address: D53ADE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D592C7176h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D53ADE second address: D53AE4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5559B second address: D555A5 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F6D592C7166h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D578F0 second address: D57904 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jmp 00007F6D58FF7B6Ch 0x00000008 pop esi 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D57904 second address: D5790A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5790A second address: D5790E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5790E second address: D5792B instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007F6D592C716Eh 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D5792B second address: D57934 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D63D22 second address: D63D36 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 jmp 00007F6D592C716Ah 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D63D36 second address: D63D4E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D58FF7B74h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D68C78 second address: D68C93 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C7177h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D68998 second address: D689B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 jmp 00007F6D58FF7B76h 0x0000000a push ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D791F1 second address: D791F5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D8212A second address: D82141 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F6D58FF7B6Eh 0x00000008 pushad 0x00000009 popad 0x0000000a jng 00007F6D58FF7B66h 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push edi 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D82141 second address: D82147 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D82147 second address: D8214B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D82537 second address: D8253D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D8253D second address: D82542 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D85652 second address: D85668 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007F6D592C7170h 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D85668 second address: D8566D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D8832E second address: D88332 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D88332 second address: D8835F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 pop eax 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007F6D58FF7B74h 0x00000010 jc 00007F6D58FF7B66h 0x00000016 popad 0x00000017 popad 0x00000018 pushad 0x00000019 pushad 0x0000001a pushad 0x0000001b popad 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D8835F second address: D88365 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D97FA3 second address: D97FA9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D97FA9 second address: D97FB5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnc 00007F6D592C7166h 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D97FB5 second address: D97FD1 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 jmp 00007F6D58FF7B6Fh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push esi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D97FD1 second address: D97FE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F6D592C716Fh 0x00000009 pop esi 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D97E51 second address: D97E55 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D93D61 second address: D93D6D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop ebx 0x00000008 push eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: D93D6D second address: D93D73 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: C9651B second address: C9652B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007F6D592C7166h 0x0000000a jne 00007F6D592C7166h 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DBC5EA second address: DBC5EE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DBC5EE second address: DBC611 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esi 0x00000009 jmp 00007F6D592C7175h 0x0000000e pop esi 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DBC611 second address: DBC615 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DBC615 second address: DBC61F instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F6D592C7166h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC03A7 second address: DC03B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 push ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC03B2 second address: DC03B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC03B8 second address: DC03D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jnl 00007F6D58FF7B7Ah 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC03D7 second address: DC03FF instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jmp 00007F6D592C7174h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edi 0x0000000b push eax 0x0000000c push edx 0x0000000d jl 00007F6D592C7166h 0x00000013 jno 00007F6D592C7166h 0x00000019 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC06C1 second address: DC06D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jmp 00007F6D58FF7B6Ah 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC0853 second address: DC0857 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC0857 second address: DC086B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D58FF7B6Ah 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC086B second address: DC086F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC086F second address: DC0873 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC0873 second address: DC087D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC087D second address: DC0887 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007F6D58FF7B66h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC0B4A second address: DC0B50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC0B50 second address: DC0B54 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC0F81 second address: DC0FA3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C7176h 0x00000007 push esi 0x00000008 pop esi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop esi 0x0000000c push eax 0x0000000d push edx 0x0000000e push ecx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC0FA3 second address: DC0FAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC0FAC second address: DC0FC4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F6D592C7172h 0x00000007 push esi 0x00000008 pop esi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC571D second address: DC573A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 mov dword ptr [ebp+122D1EC7h], eax 0x0000000e push 00000004h 0x00000010 mov dh, EEh 0x00000012 push 49E77EB3h 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC573A second address: DC573E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC573E second address: DC5748 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F6D58FF7B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC5A96 second address: DC5A9B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC706B second address: DC7071 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DC7071 second address: DC707F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F6D592C7166h 0x0000000a popad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5290D89 second address: 5290D8F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Tries to evade debugger and weak emulator (self modifying code)
    Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: B23CEC instructions caused by: Self-modifying code
    Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: CCADE1 instructions caused by: Self-modifying code
    Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: D5CA54 instructions caused by: Self-modifying code
    Source: C:\Users\user\Desktop\file.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDescJump to behavior
    Source: C:\Users\user\Desktop\file.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersionJump to behavior
    Source: C:\Users\user\Desktop\file.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersionJump to behavior
    Source: C:\Users\user\Desktop\file.exe TID: 5088Thread sleep time: -30000s >= -30000sJump to behavior
    Source: file.exe, file.exe, 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
    Source: file.exe, 00000000.00000002.2210825197.000000000129E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW V0
    Source: file.exe, 00000000.00000002.2211125821.00000000012F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001318000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211246324.0000000001318000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: file.exe, 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
    Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
    Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

    Anti Debugging

    barindex
    Hides threads from debuggers
    Source: C:\Users\user\Desktop\file.exeThread information set: HideFromDebuggerJump to behavior
    Tries to detect sandboxes and other dynamic analysis tools (window names)
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: regmonclass
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: gbdyllo
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: procmon_window_class
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: ollydbg
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: filemonclass
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
    Source: C:\Users\user\Desktop\file.exeFile opened: NTICE
    Source: C:\Users\user\Desktop\file.exeFile opened: SICE
    Source: C:\Users\user\Desktop\file.exeFile opened: SIWVID
    Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
    Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
    Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B05BB0 LdrInitializeThunk,0_2_00B05BB0

    HIPS / PFW / Operating System Protection Evasion

    barindex
    LummaC encrypted strings found
    Source: file.exeString found in binary or memory: licendfilteo.site
    Source: file.exeString found in binary or memory: clearancek.site
    Source: file.exeString found in binary or memory: bathdoomgaz.store
    Source: file.exeString found in binary or memory: spirittunek.store
    Source: file.exeString found in binary or memory: dissapoiznw.store
    Source: file.exeString found in binary or memory: studennotediw.store
    Source: file.exeString found in binary or memory: mobbipenju.store
    Source: file.exeString found in binary or memory: eaglepawnoy.store
    Source: file.exe, file.exe, 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: 1:5Program Manager
    Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

    Stealing of Sensitive Information

    barindex
    Yara detected LummaC Stealer
    Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR

    Remote Access Functionality

    barindex
    Yara detected LummaC Stealer
    Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
    PowerShell    		1
    DLL Side-Loading    		1
    Process Injection    		24
    Virtualization/Sandbox Evasion    		OS Credential Dumping631
    Security Software Discovery    		Remote Services1
    Archive Collected Data    		11
    Encrypted Channel    		Exfiltration Over Other Network MediumAbuse Accessibility Features
    CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
    DLL Side-Loading    		1
    Process Injection    		LSASS Memory24
    Virtualization/Sandbox Evasion    		Remote Desktop ProtocolData from Removable Media1
    Ingress Tool Transfer    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)11
    Deobfuscate/Decode Files or Information    		Security Account Manager2
    Process Discovery    		SMB/Windows Admin SharesData from Network Shared Drive2
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook4
    Obfuscated Files or Information    		NTDS23
    System Information Discovery    		Distributed Component Object ModelInput Capture113
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script12
    Software Packing    		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
    DLL Side-Loading    		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    file.exe39%ReversingLabsWin32.Infostealer.Tinba
    file.exe100%AviraTR/Crypt.TPM.Gen
    file.exe100%Joe Sandbox ML

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    SourceDetectionScannerLabelLink
    steamcommunity.com0%VirustotalBrowse
    bathdoomgaz.store21%VirustotalBrowse
    spirittunek.store22%VirustotalBrowse
    eaglepawnoy.store21%VirustotalBrowse

    URLs

    SourceDetectionScannerLabelLink
    https://player.vimeo.com0%URL Reputationsafe
    https://store.steampowered.com/subscriber_agreement/0%URL Reputationsafe
    https://www.gstatic.cn/recaptcha/0%URL Reputationsafe
    http://www.valvesoftware.com/legal.htm0%URL Reputationsafe
    https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback0%URL Reputationsafe
    https://steam.tv/0%URL Reputationsafe
    http://store.steampowered.com/privacy_agreement/0%URL Reputationsafe
    https://store.steampowered.com/points/shop/0%URL Reputationsafe
    https://lv.queniujq.cn0%URL Reputationsafe
    https://store.steampowered.com/privacy_agreement/0%URL Reputationsafe
    https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png0%URL Reputationsafe
    https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=9620160%URL Reputationsafe
    https://checkout.steampowered.com/0%URL Reputationsafe
    https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png0%URL Reputationsafe
    https://store.steampowered.com/;0%URL Reputationsafe
    https://store.steampowered.com/about/0%URL Reputationsafe
    https://help.steampowered.com/en/0%URL Reputationsafe
    https://store.steampowered.com/news/0%URL Reputationsafe
    http://store.steampowered.com/subscriber_agreement/0%URL Reputationsafe
    https://recaptcha.net/recaptcha/;0%URL Reputationsafe
    https://store.steampowered.com/stats/0%URL Reputationsafe
    https://medal.tv0%URL Reputationsafe
    https://broadcast.st.dl.eccdnx.com0%URL Reputationsafe
    https://store.steampowered.com/steam_refunds/0%URL Reputationsafe
    https://login.steampowered.com/0%URL Reputationsafe
    https://store.steampowered.com/legal/0%URL Reputationsafe
    https://recaptcha.net0%URL Reputationsafe
    https://store.steampowered.com/0%URL Reputationsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    steamcommunity.com
    		104.102.49.254
    		truetrueunknown
    eaglepawnoy.store
    		unknown
    		unknowntrueunknown
    bathdoomgaz.store
    		unknown
    		unknowntrueunknown
    spirittunek.store
    		unknown
    		unknowntrueunknown
    licendfilteo.site
    		unknown
    		unknowntrue
      		unknown
      studennotediw.store
      		unknown
      		unknowntrue
        		unknown
        mobbipenju.store
        		unknown
        		unknowntrue
          		unknown
          sergei-esenin.com
          		unknown
          		unknownfalse
            		unknown
            clearancek.site
            		unknown
            		unknowntrue
              		unknown
              dissapoiznw.store
              		unknown
              		unknowntrue
                		unknown

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                studennotediw.storetrue
                  		unknown
                  dissapoiznw.storetrue
                    		unknown
                    https://steamcommunity.com/profiles/76561199724331900true
                      		unknown
                      eaglepawnoy.storetrue
                        		unknown
                        bathdoomgaz.storetrue
                          		unknown
                          clearancek.sitetrue
                            		unknown
                            spirittunek.storetrue
                              		unknown
                              licendfilteo.sitetrue
                                		unknown

                                URLs from Memory and Binaries

                                NameSourceMaliciousAntivirus DetectionReputation
                                https://player.vimeo.comfile.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                • URL Reputation: safe
                                		unknown
                                https://bathdoomgaz.store:443/apifile.exe, 00000000.00000003.2192560687.00000000012DE000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211125821.00000000012DE000.00000004.00000020.00020000.00000000.sdmptrue
                                  		unknown
                                  https://steamcommunity.com/?subsection=broadcastsfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                    		unknown
                                    https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=wJD9maDpDcVfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                      		unknown
                                      https://sergei-esenin.com/file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                        		unknown
                                        https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bOP7RorZq4_W&amp;file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                          		unknown
                                          https://store.steampowered.com/subscriber_agreement/file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://www.gstatic.cn/recaptcha/file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://community.cloudflare.steamstatic.com/public/javascript/modalContent.js?v=UuGFpt56D9L4&amp;l=file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                            		unknown
                                            https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&amp;l=englifile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		unknown
                                              https://community.cloudflare.steamstatic.com/public/javascript/promo/stickers.js?v=GfA42_x2_aub&amp;file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                		unknown
                                                https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		unknown
                                                  http://www.valvesoftware.com/legal.htmfile.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://community.cloudflare.steamstatic.com/public/css/promo/summer2file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		unknown
                                                    https://licendfilteo.site:443/apiifile.exe, 00000000.00000003.2192560687.00000000012DE000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211125821.00000000012DE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      		unknown
                                                      https://sergei-esenin.com:443/apiVnfile.exe, 00000000.00000003.2192560687.00000000012DE000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211125821.00000000012DE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        		unknown
                                                        https://www.youtube.comfile.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          		unknown
                                                          https://www.google.comfile.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		unknown
                                                            https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedbackfile.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            • URL Reputation: safe
                                                            		unknown
                                                            https://s.ytimg.com;file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		unknown
                                                              https://steam.tv/file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              • URL Reputation: safe
                                                              		unknown
                                                              https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=W9BXfile.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                		unknown
                                                                https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&amp;file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  		unknown
                                                                  http://store.steampowered.com/privacy_agreement/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211360977.0000000001372000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  • URL Reputation: safe
                                                                  		unknown
                                                                  https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    		unknown
                                                                    https://store.steampowered.com/points/shop/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    • URL Reputation: safe
                                                                    		unknown
                                                                    https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css?v=bZKSp7oNwVPKfile.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      		unknown
                                                                      https://community.cloudflare.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&ampfile.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        		unknown
                                                                        https://community.cloudflare.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1&amp;file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		unknown
                                                                          https://sketchfab.comfile.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		unknown
                                                                            https://lv.queniujq.cnfile.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            • URL Reputation: safe
                                                                            		unknown
                                                                            https://steamcommunity.com/profiles/76561199724331900/inventory/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              		unknown
                                                                              https://www.youtube.com/file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                		unknown
                                                                                https://store.steampowered.com/privacy_agreement/file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                • URL Reputation: safe
                                                                                		unknown
                                                                                https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		unknown
                                                                                  https://community.cloudflare.steamstatic.com/public/javascript/webui/clientcom.js?v=qYlgdgWOD4Ng&ampfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    		unknown
                                                                                    https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.pngfile.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    • URL Reputation: safe
                                                                                    		unknown
                                                                                    https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    • URL Reputation: safe
                                                                                    		unknown
                                                                                    https://www.google.com/recaptcha/file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		unknown
                                                                                      https://checkout.steampowered.com/file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      • URL Reputation: safe
                                                                                      		unknown
                                                                                      https://community.cloudflare.steamstatic.com/public/javascript/promo/stickerfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        		unknown
                                                                                        https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28bfile.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          		unknown
                                                                                          https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.pngfile.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          • URL Reputation: safe
                                                                                          		unknown
                                                                                          https://sergei-esenin.com/apipfile.exe, 00000000.00000003.2192560687.0000000001318000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211246324.0000000001318000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		unknown
                                                                                            https://sergei-esenin.com/Mfile.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              		unknown
                                                                                              https://store.steampowered.com/;file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              • URL Reputation: safe
                                                                                              		unknown
                                                                                              https://community.cloudflare.steamstatic.com/public/javascript/profile.js?v=KkhJqW2NGKiM&amp;l=englifile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                		unknown
                                                                                                https://store.steampowered.com/about/file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                • URL Reputation: safe
                                                                                                		unknown
                                                                                                https://community.cloudflare.steamstatic.com/file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  		unknown
                                                                                                  https://steamcommunity.com/my/wishlist/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    		unknown
                                                                                                    https://community.cloudflare.stfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      		unknown
                                                                                                      https://avatars.cloudflare.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        		unknown
                                                                                                        https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          		unknown
                                                                                                          https://help.steampowered.com/en/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          • URL Reputation: safe
                                                                                                          		unknown
                                                                                                          https://steamcommunity.com/market/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            		unknown
                                                                                                            https://store.steampowered.com/news/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            • URL Reputation: safe
                                                                                                            		unknown
                                                                                                            https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bfile.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              		unknown
                                                                                                              https://sergei-esenin.com/5file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                		unknown
                                                                                                                http://store.steampowered.com/subscriber_agreement/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211360977.0000000001372000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                • URL Reputation: safe
                                                                                                                		unknown
                                                                                                                https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  		unknown
                                                                                                                  https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.orgfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    		unknown
                                                                                                                    https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=ljhW-PbGuXfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      		unknown
                                                                                                                      https://recaptcha.net/recaptcha/;file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      • URL Reputation: safe
                                                                                                                      		unknown
                                                                                                                      https://steamcommunity.com/discussions/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        		unknown
                                                                                                                        https://store.steampowered.com/stats/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        • URL Reputation: safe
                                                                                                                        		unknown
                                                                                                                        https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bOP7RorZq4_W&amp;l=englisfile.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          		unknown
                                                                                                                          https://medal.tvfile.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          • URL Reputation: safe
                                                                                                                          		unknown
                                                                                                                          https://broadcast.st.dl.eccdnx.comfile.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          • URL Reputation: safe
                                                                                                                          		unknown
                                                                                                                          https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&ampfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            		unknown
                                                                                                                            https://store.steampowered.com/steam_refunds/file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            • URL Reputation: safe
                                                                                                                            		unknown
                                                                                                                            https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.giffile.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211125821.00000000012D9000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              		unknown
                                                                                                                              https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?vfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                		unknown
                                                                                                                                https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.pfile.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		unknown
                                                                                                                                  https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    		unknown
                                                                                                                                    https://steamcommunity.com/profiles/76561199724331900jA5Yfile.exe, 00000000.00000002.2211125821.00000000012F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012F3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      		unknown
                                                                                                                                      https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        		unknown
                                                                                                                                        https://steamcommunity.com/workshop/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          		unknown
                                                                                                                                          https://login.steampowered.com/file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          • URL Reputation: safe
                                                                                                                                          		unknown
                                                                                                                                          https://store.steampowered.com/legal/file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2210825197.00000000012D5000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211360977.0000000001372000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          • URL Reputation: safe
                                                                                                                                          		unknown
                                                                                                                                          https://sergei-esenin.com/api5file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            		unknown
                                                                                                                                            https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&amp;l=englfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              		unknown
                                                                                                                                              https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&amp;l=file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                		unknown
                                                                                                                                                https://community.cloudflare.steamstatic.com/public/css/skin_1/profilev2.css?v=gNE3gksLVEVa&amp;l=enfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  		unknown
                                                                                                                                                  https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&amp;l=english&amfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    		unknown
                                                                                                                                                    https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&amp;l=englifile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      		unknown
                                                                                                                                                      https://recaptcha.netfile.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                      		unknown
                                                                                                                                                      https://steamcommunity.com:443/profiles/765611997243319005nfile.exe, 00000000.00000003.2192560687.00000000012DE000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211125821.00000000012DE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        		unknown
                                                                                                                                                        https://store.steampowered.com/file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        • URL Reputation: safe
                                                                                                                                                        		unknown
                                                                                                                                                        https://steamcommunity.comfile.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          		unknown
                                                                                                                                                          https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Ff_1prscqzeu&amp;file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            		unknown
                                                                                                                                                            http://127.0.0.1:27060file.exe, 00000000.00000003.2192810225.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2211288798.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                              		unknown
                                                                                                                                                              https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1file.exe, 00000000.00000002.2211341731.000000000135A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.0000000001327000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192534115.0000000001363000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192560687.00000000012D8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2192709992.0000000001359000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                		unknown

                                                                                                                                                                World Map of Contacted IPs

                                                                                                                                                                • No. of IPs < 25%
                                                                                                                                                                • 25% < No. of IPs < 50%
                                                                                                                                                                • 50% < No. of IPs < 75%
                                                                                                                                                                • 75% < No. of IPs

                                                                                                                                                                Public IPs

                                                                                                                                                                IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                104.102.49.254
                                                                                                                                                                		steamcommunity.comUnited States
                                                                                                                                                                		16625AKAMAI-ASUStrue

                                                                                                                                                                General Information

                                                                                                                                                                Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                Analysis ID:1541692
                                                                                                                                                                Start date and time:2024-10-25 02:17:10 +02:00
                                                                                                                                                                Joe Sandbox product:CloudBasic
                                                                                                                                                                Overall analysis duration:0h 4m 53s
                                                                                                                                                                Hypervisor based Inspection enabled:false
                                                                                                                                                                Report type:full
                                                                                                                                                                Cookbook file name:default.jbs
                                                                                                                                                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                Number of analysed new started processes analysed:6
                                                                                                                                                                Number of new started drivers analysed:0
                                                                                                                                                                Number of existing processes analysed:0
                                                                                                                                                                Number of existing drivers analysed:0
                                                                                                                                                                Number of injected processes analysed:0
                                                                                                                                                                Technologies:
                                                                                                                                                                • HCA enabled
                                                                                                                                                                • EGA enabled
                                                                                                                                                                • AMSI enabled
                                                                                                                                                                Analysis Mode:default
                                                                                                                                                                Analysis stop reason:Timeout
                                                                                                                                                                Sample name:file.exe
                                                                                                                                                                Detection:MAL
                                                                                                                                                                Classification:mal100.troj.evad.winEXE@1/0@10/1
                                                                                                                                                                EGA Information:
                                                                                                                                                                • Successful, ratio: 100%
                                                                                                                                                                HCA Information:Failed
                                                                                                                                                                Cookbook Comments:
                                                                                                                                                                • Found application associated with file extension: .exe

                                                                                                                                                                Warnings

                                                                                                                                                                • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                • Excluded domains from analysis (whitelisted): client.wns.windows.com, ocsp.digicert.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, dns.msftncsi.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                • Report size getting too big, too many NtQueryValueKey calls found.

                                                                                                                                                                Simulations

                                                                                                                                                                Behavior and APIs

                                                                                                                                                                TimeTypeDescription
                                                                                                                                                                20:18:09API Interceptor1x Sleep call for process: file.exe modified

                                                                                                                                                                Joe Sandbox View / Context

                                                                                                                                                                IPs

                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                104.102.49.254http://gtm-cn-j4g3qqvf603.steamproxy1.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                • www.valvesoftware.com/legal.htm

                                                                                                                                                                Domains

                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                steamcommunity.comfile.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254

                                                                                                                                                                ASNs

                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                AKAMAI-ASUShttp://toungeassociates-sharepoint.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                • 23.38.98.114
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                la.bot.sh4.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                • 104.108.130.154
                                                                                                                                                                la.bot.mipsel.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                • 23.209.51.130
                                                                                                                                                                phish_alert_sp2_2.0.0.0 (1).emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                • 2.19.126.160
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                http://boulos-sharepoint.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                • 23.38.98.114

                                                                                                                                                                JA3 Fingerprints

                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                a0e9f5d64349fb13191bc781f81f42e1file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                msvcp110.dllGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                Setup.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                Loader.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                SecuriteInfo.com.Other.Malware-gen.26961.24680.xlsxGet hashmaliciousUnknownBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254
                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                • 104.102.49.254

                                                                                                                                                                Dropped Files

                                                                                                                                                                No context

                                                                                                                                                                Created / dropped Files

                                                                                                                                                                No created / dropped files found

                                                                                                                                                                Static File Info

                                                                                                                                                                General

                                                                                                                                                                File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                Entropy (8bit):6.523024589346763
                                                                                                                                                                TrID:
                                                                                                                                                                • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                File name:file.exe
                                                                                                                                                                File size:2'996'224 bytes
                                                                                                                                                                MD5:31c4dc3c764474d495340d6aa688e639
                                                                                                                                                                SHA1:208a17ba8dbf1cab0a603b2a175e115c1e5d6a72
                                                                                                                                                                SHA256:6a159a3587508bfb504d2a7cf6fd993361316102d416182b10d5516232383d09
                                                                                                                                                                SHA512:8dc2ac5420864e3bd4462bae00a04b654fcd724adfe5927323fdc67676bf9b540203e7cdac2f298d0f3a6dcfdbea49d08cb7c4a0cb3070419508d051e7c14dc1
                                                                                                                                                                SSDEEP:49152:QlMbLpD5gfQExCxXZO3qLN1vYzCeLjH5:qMdufrSdfvYzhLjH
                                                                                                                                                                TLSH:A8D539D2B64A61CFE4AF12788527CD82999E43BD4F1149C3A86D64BB7DF3CC811B6C24
                                                                                                                                                                File Content Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...J..f.............................@1...........@..........................p1.....s.-...@.................................W...k..

                                                                                                                                                                File Icon

                                                                                                                                                                Icon Hash:00928e8e8686b000

                                                                                                                                                                Static PE Info

                                                                                                                                                                General

                                                                                                                                                                Entrypoint:0x714000
                                                                                                                                                                Entrypoint Section:.taggant
                                                                                                                                                                Digitally signed:false
                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                Subsystem:windows gui
                                                                                                                                                                Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                Time Stamp:0x66FFF14A [Fri Oct 4 13:44:42 2024 UTC]
                                                                                                                                                                TLS Callbacks:
                                                                                                                                                                CLR (.Net) Version:
                                                                                                                                                                OS Version Major:6
                                                                                                                                                                OS Version Minor:0
                                                                                                                                                                File Version Major:6
                                                                                                                                                                File Version Minor:0
                                                                                                                                                                Subsystem Version Major:6
                                                                                                                                                                Subsystem Version Minor:0
                                                                                                                                                                Import Hash:2eabe9054cad5152567f0699947a2c5b

                                                                                                                                                                Entrypoint Preview

                                                                                                                                                                Instruction
                                                                                                                                                                jmp 00007F6D58CCB11Ah
                                                                                                                                                                setbe byte ptr [00000000h]
                                                                                                                                                                add cl, ch
                                                                                                                                                                add byte ptr [eax], ah
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [edx+ecx], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                xor byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax+00000000h], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add al, 0Ah
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                or dword ptr [eax+00000000h], eax
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                adc byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add al, 0Ah
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                add byte ptr [eax], al

                                                                                                                                                                Data Directories

                                                                                                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0x5f0570x6b.idata
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0x5f1f80x8.idata
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                Sections

                                                                                                                                                                NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                0x10000x5d0000x25e00a31f3846cb03835099b06b47171948d4False0.9995552289603961data7.977275252454008IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                .rsrc 0x5e0000x10000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                .idata 0x5f0000x10000x200fe72def8b74193a84232a780098a7ce0False0.150390625data1.04205214219471IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                tgoperjb0x600000x2b30000x2b22004a81ecbe141f4e7a87467b981233fc51unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                kunybgfa0x3130000x10000x4008bf0f8b6c13bad6682561eb33c7639d1False0.748046875data5.925814228578625IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                .taggant0x3140000x30000x2200e04027a18243348e42b39ff6d36beb56False0.06732536764705882DOS executable (COM)0.8195466241807353IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                                                                Imports

                                                                                                                                                                DLLImport
                                                                                                                                                                kernel32.dlllstrcpy

                                                                                                                                                                Network Behavior

                                                                                                                                                                Suricata IDS Alerts

                                                                                                                                                                TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                2024-10-25T02:18:10.396103+02002056471ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (clearancek .site)1192.168.2.6552661.1.1.153UDP
                                                                                                                                                                2024-10-25T02:18:10.438410+02002056485ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (mobbipenju .store)1192.168.2.6596601.1.1.153UDP
                                                                                                                                                                2024-10-25T02:18:10.454165+02002056483ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (eaglepawnoy .store)1192.168.2.6519661.1.1.153UDP
                                                                                                                                                                2024-10-25T02:18:10.475022+02002056481ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (dissapoiznw .store)1192.168.2.6518481.1.1.153UDP
                                                                                                                                                                2024-10-25T02:18:10.497719+02002056479ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (studennotediw .store)1192.168.2.6645331.1.1.153UDP
                                                                                                                                                                2024-10-25T02:18:10.632721+02002056477ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (bathdoomgaz .store)1192.168.2.6572651.1.1.153UDP
                                                                                                                                                                2024-10-25T02:18:10.648981+02002056475ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (spirittunek .store)1192.168.2.6565531.1.1.153UDP
                                                                                                                                                                2024-10-25T02:18:10.695357+02002056473ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (licendfilteo .site)1192.168.2.6550381.1.1.153UDP
                                                                                                                                                                2024-10-25T02:18:12.338781+02002858666ETPRO MALWARE Win32/Lumma Stealer Steam Profile Lookup1192.168.2.649711104.102.49.254443TCP

                                                                                                                                                                Network Port Distribution

                                                                                                                                                                TCP Packets

                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                Oct 25, 2024 02:18:10.827090979 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:10.827131987 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:10.827689886 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:10.841543913 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:10.841558933 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:11.696649075 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:11.696784973 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:11.699310064 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:11.699323893 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:11.699629068 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:11.751355886 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:11.752516985 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:11.795353889 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.338891029 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.338948965 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.338970900 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.339010954 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.339029074 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.339034081 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.339034081 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.339034081 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.339056969 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.339076996 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.339076996 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.339154005 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.456657887 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.456712961 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.456768036 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.456779003 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.456805944 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.456834078 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.456834078 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.456841946 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.456918001 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.457452059 CEST44349711104.102.49.254192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.457534075 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.458733082 CEST49711443192.168.2.6104.102.49.254
                                                                                                                                                                Oct 25, 2024 02:18:12.458748102 CEST44349711104.102.49.254192.168.2.6

                                                                                                                                                                UDP Packets

                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                Oct 25, 2024 02:18:10.396102905 CEST5526653192.168.2.61.1.1.1
                                                                                                                                                                Oct 25, 2024 02:18:10.405353069 CEST53552661.1.1.1192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:10.438410044 CEST5966053192.168.2.61.1.1.1
                                                                                                                                                                Oct 25, 2024 02:18:10.447966099 CEST53596601.1.1.1192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:10.454164982 CEST5196653192.168.2.61.1.1.1
                                                                                                                                                                Oct 25, 2024 02:18:10.469854116 CEST53519661.1.1.1192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:10.475022078 CEST5184853192.168.2.61.1.1.1
                                                                                                                                                                Oct 25, 2024 02:18:10.484560966 CEST53518481.1.1.1192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:10.497719049 CEST6453353192.168.2.61.1.1.1
                                                                                                                                                                Oct 25, 2024 02:18:10.507447958 CEST53645331.1.1.1192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:10.632720947 CEST5726553192.168.2.61.1.1.1
                                                                                                                                                                Oct 25, 2024 02:18:10.642724991 CEST53572651.1.1.1192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:10.648981094 CEST5655353192.168.2.61.1.1.1
                                                                                                                                                                Oct 25, 2024 02:18:10.667337894 CEST53565531.1.1.1192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:10.695357084 CEST5503853192.168.2.61.1.1.1
                                                                                                                                                                Oct 25, 2024 02:18:10.704464912 CEST53550381.1.1.1192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:10.813594103 CEST5354553192.168.2.61.1.1.1
                                                                                                                                                                Oct 25, 2024 02:18:10.822357893 CEST53535451.1.1.1192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:12.461442947 CEST6396753192.168.2.61.1.1.1
                                                                                                                                                                Oct 25, 2024 02:18:12.470767975 CEST53639671.1.1.1192.168.2.6
                                                                                                                                                                Oct 25, 2024 02:18:27.258740902 CEST53586881.1.1.1192.168.2.6

                                                                                                                                                                DNS Queries

                                                                                                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                Oct 25, 2024 02:18:10.396102905 CEST192.168.2.61.1.1.10xbf6Standard query (0)clearancek.siteA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.438410044 CEST192.168.2.61.1.1.10x61c8Standard query (0)mobbipenju.storeA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.454164982 CEST192.168.2.61.1.1.10xbf4aStandard query (0)eaglepawnoy.storeA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.475022078 CEST192.168.2.61.1.1.10xdb78Standard query (0)dissapoiznw.storeA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.497719049 CEST192.168.2.61.1.1.10xa2e6Standard query (0)studennotediw.storeA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.632720947 CEST192.168.2.61.1.1.10x25b6Standard query (0)bathdoomgaz.storeA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.648981094 CEST192.168.2.61.1.1.10xedc5Standard query (0)spirittunek.storeA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.695357084 CEST192.168.2.61.1.1.10x725aStandard query (0)licendfilteo.siteA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.813594103 CEST192.168.2.61.1.1.10x826bStandard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:12.461442947 CEST192.168.2.61.1.1.10xa76dStandard query (0)sergei-esenin.comA (IP address)IN (0x0001)false

                                                                                                                                                                DNS Answers

                                                                                                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                Oct 25, 2024 02:18:10.405353069 CEST1.1.1.1192.168.2.60xbf6Name error (3)clearancek.sitenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.447966099 CEST1.1.1.1192.168.2.60x61c8Name error (3)mobbipenju.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.469854116 CEST1.1.1.1192.168.2.60xbf4aName error (3)eaglepawnoy.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.484560966 CEST1.1.1.1192.168.2.60xdb78Name error (3)dissapoiznw.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.507447958 CEST1.1.1.1192.168.2.60xa2e6Name error (3)studennotediw.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.642724991 CEST1.1.1.1192.168.2.60x25b6Name error (3)bathdoomgaz.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.667337894 CEST1.1.1.1192.168.2.60xedc5Name error (3)spirittunek.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.704464912 CEST1.1.1.1192.168.2.60x725aName error (3)licendfilteo.sitenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:10.822357893 CEST1.1.1.1192.168.2.60x826bNo error (0)steamcommunity.com104.102.49.254A (IP address)IN (0x0001)false
                                                                                                                                                                Oct 25, 2024 02:18:12.470767975 CEST1.1.1.1192.168.2.60xa76dName error (3)sergei-esenin.comnonenoneA (IP address)IN (0x0001)false

                                                                                                                                                                HTTP Request Dependency Graph

                                                                                                                                                                • steamcommunity.com

                                                                                                                                                                HTTPS Proxied Packets

                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                0192.168.2.649711104.102.49.2544432168C:\Users\user\Desktop\file.exe
                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                2024-10-25 00:18:11 UTC219OUTGET /profiles/76561199724331900 HTTP/1.1
                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                Host: steamcommunity.com
                                                                                                                                                                2024-10-25 00:18:12 UTC1917INHTTP/1.1 200 OK
                                                                                                                                                                Server: nginx
                                                                                                                                                                Content-Type: text/html; charset=UTF-8
                                                                                                                                                                Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                Date: Fri, 25 Oct 2024 00:18:12 GMT
                                                                                                                                                                Content-Length: 35741
                                                                                                                                                                Connection: close
                                                                                                                                                                Set-Cookie: sessionid=ef58e941692ede8c23cc1bcc; Path=/; Secure; SameSite=None
                                                                                                                                                                Set-Cookie: steamCountry=US%7C42cb6563c5fec8103907e3e99aebe27b; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                2024-10-25 00:18:12 UTC14467INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                2024-10-25 00:18:12 UTC16384INData Raw: 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74 65 6d 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 64 69 73 63 75 73 73 69 6f 6e 73 2f 22 3e 0d 0a 09 09 09 09 09 09 44 69 73 63 75 73 73 69 6f 6e 73 09 09 09 09 09 09 09 09 09 09 09 3c 2f 61 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74 65 6d 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 77 6f 72 6b 73 68 6f 70 2f 22 3e 0d 0a 09 09 09 09 09 09 57 6f 72 6b 73 68 6f 70 09 09 09 09 09 09 09 09 09 09 09 3c 2f 61 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74
                                                                                                                                                                Data Ascii: <a class="submenuitem" href="https://steamcommunity.com/discussions/">Discussions</a><a class="submenuitem" href="https://steamcommunity.com/workshop/">Workshop</a><a class="submenuit
                                                                                                                                                                2024-10-25 00:18:12 UTC3768INData Raw: 63 31 63 64 66 65 62 5f 66 75 6c 6c 2e 6a 70 67 22 3e 0d 0a 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 0d 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 66 69 6c 65 5f 68 65 61 64 65 72 5f 62 61 64 67 65 69 6e 66 6f 22 3e 0d 0a 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 66 69 6c 65 5f 68 65 61 64 65 72 5f 62 61 64 67 65 69 6e 66 6f 5f 62 61 64 67 65 5f 61 72 65 61 22 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 64 61 74 61 2d 70 61 6e 65 6c 3d 22 7b 26 71 75 6f 74 3b 66 6f 63 75 73 61 62 6c 65 26 71 75 6f 74 3b 3a 74 72 75 65 2c 26 71 75 6f 74 3b 63 6c 69 63 6b 4f 6e 41 63 74 69 76 61 74 65 26 71 75 6f 74 3b 3a 74 72 75 65 7d 22 20 63 6c 61 73 73 3d 22 70 65
                                                                                                                                                                Data Ascii: c1cdfeb_full.jpg"></div></div><div class="profile_header_badgeinfo"><div class="profile_header_badgeinfo_badge_area"><a data-panel="{&quot;focusable&quot;:true,&quot;clickOnActivate&quot;:true}" class="pe
                                                                                                                                                                2024-10-25 00:18:12 UTC1122INData Raw: 70 72 6f 70 65 72 74 79 20 6f 66 20 74 68 65 69 72 20 72 65 73 70 65 63 74 69 76 65 20 6f 77 6e 65 72 73 20 69 6e 20 74 68 65 20 55 53 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 75 6e 74 72 69 65 73 2e 3c 62 72 2f 3e 53 6f 6d 65 20 67 65 6f 73 70 61 74 69 61 6c 20 64 61 74 61 20 6f 6e 20 74 68 69 73 20 77 65 62 73 69 74 65 20 69 73 20 70 72 6f 76 69 64 65 64 20 62 79 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 6c 69 6e 6b 66 69 6c 74 65 72 2f 3f 75 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 77 77 77 2e 67 65 6f 6e 61 6d 65 73 2e 6f 72 67 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 20 72 65 6c 3d 22 20 6e 6f 6f 70 65 6e 65 72 22 3e 67 65 6f 6e 61 6d 65 73 2e 6f 72 67 3c 2f 61 3e 2e 09 09
                                                                                                                                                                Data Ascii: property of their respective owners in the US and other countries.<br/>Some geospatial data on this website is provided by <a href="https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org" target="_blank" rel=" noopener">geonames.org</a>.


                                                                                                                                                                Statistics

                                                                                                                                                                CPU Usage

                                                                                                                                                                Click to jump to process

                                                                                                                                                                Memory Usage

                                                                                                                                                                Click to jump to process

                                                                                                                                                                High Level Behavior Distribution

                                                                                                                                                                Click to dive into process behavior distribution

                                                                                                                                                                System Behavior

                                                                                                                                                                General

                                                                                                                                                                Target ID:0
                                                                                                                                                                Start time:20:18:07
                                                                                                                                                                Start date:24/10/2024
                                                                                                                                                                Path:C:\Users\user\Desktop\file.exe
                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                                                Imagebase:0xac0000
                                                                                                                                                                File size:2'996'224 bytes
                                                                                                                                                                MD5 hash:31C4DC3C764474D495340D6AA688E639
                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                Reputation:low
                                                                                                                                                                Has exited:true

                                                                                                                                                                Disassembly

                                                                                                                                                                Reset < >

                                                                                                                                                                  Execution Graph

                                                                                                                                                                  Execution Coverage:1%
                                                                                                                                                                  Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                  Signature Coverage:57.8%
                                                                                                                                                                  Total number of Nodes:45
                                                                                                                                                                  Total number of Limit Nodes:5
                                                                                                                                                                  execution_graph 21137 b060d2 21138 b060fa 21137->21138 21139 b0614e 21138->21139 21143 b05bb0 LdrInitializeThunk 21138->21143 21142 b05bb0 LdrInitializeThunk 21139->21142 21142->21139 21143->21139 21144 afd9cb 21146 afd9fb 21144->21146 21145 afda65 21146->21145 21148 b05bb0 LdrInitializeThunk 21146->21148 21148->21146 21149 b064b8 21150 b063f2 21149->21150 21151 b0646e 21150->21151 21153 b05bb0 LdrInitializeThunk 21150->21153 21153->21151 21154 b050fa 21155 b05176 LoadLibraryExW 21154->21155 21156 b0514c 21154->21156 21157 b0518c 21155->21157 21156->21155 21163 acfca0 21166 acfcdc 21163->21166 21164 acffe4 21166->21164 21167 b03220 21166->21167 21168 b03236 21167->21168 21169 b032a2 RtlFreeHeap 21167->21169 21170 b032ac 21167->21170 21168->21169 21169->21170 21170->21164 21171 b0673d 21173 b066aa 21171->21173 21172 b06793 21173->21172 21176 b05bb0 LdrInitializeThunk 21173->21176 21175 b067b3 21176->21175 21177 b03202 RtlAllocateHeap 21178 ad049b 21182 ad0227 21178->21182 21179 ad0455 21185 b05700 RtlFreeHeap 21179->21185 21182->21179 21183 ad0308 21182->21183 21184 b05700 RtlFreeHeap 21182->21184 21184->21179 21185->21183 21186 b0626a 21187 b0628d 21186->21187 21189 b062de 21187->21189 21193 b05bb0 LdrInitializeThunk 21187->21193 21190 b0636e 21189->21190 21192 b05bb0 LdrInitializeThunk 21189->21192 21192->21190 21193->21189 21194 acd110 21196 acd119 21194->21196 21195 acd2ee ExitProcess 21196->21195

                                                                                                                                                                  Executed Functions

                                                                                                                                                                  Function 00B050FA Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 63libraryCOMMON
                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                  • Executed
                                                                                                                                                                  • Not Executed
                                                                                                                                                                  control_flow_graph 25 b050fa-b0514a 26 b05176-b05186 LoadLibraryExW 25->26 27 b0514c-b0514f 25->27 28 b052d8-b05304 26->28 29 b0518c-b051b5 26->29 30 b05150-b05174 call b05a50 27->30 29->28 30->26
                                                                                                                                                                  APIs
                                                                                                                                                                  • LoadLibraryExW.KERNEL32(19A41BB1,00000000,00000800), ref: 00B05182
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID: LibraryLoad
                                                                                                                                                                  • String ID: <I$)$<I$)$@^
                                                                                                                                                                  • API String ID: 1029625771-935358343
                                                                                                                                                                  • Opcode ID: b88a970664c337e5424bda758e8aac7cbbbe0ad61acf9d232b7804f6c2602c39
                                                                                                                                                                  • Instruction ID: 924ab89eb752291dc3da2e521b3d47fabcd3950ba8159a02d6a48772b51ac2b8
                                                                                                                                                                  • Opcode Fuzzy Hash: b88a970664c337e5424bda758e8aac7cbbbe0ad61acf9d232b7804f6c2602c39
                                                                                                                                                                  • Instruction Fuzzy Hash: D121A1355083848FC300DF68E88176ABBF4AB5A300FA9882CE1C5E7391DB35DA15CF5A
                                                                                                                                                                  Function 00ACFCA0 Relevance: 5.4, Strings: 4, Instructions: 373COMMON
                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                  • Executed
                                                                                                                                                                  • Not Executed
                                                                                                                                                                  control_flow_graph 33 acfca0-acfcda 34 acfcdc-acfcdf 33->34 35 acfd0b-acfe22 33->35 36 acfce0-acfd09 call ad2690 34->36 37 acfe5b-acfe8c 35->37 38 acfe24 35->38 36->35 41 acfe8e-acfe8f 37->41 42 acfeb6-acfecf call ad0b50 37->42 40 acfe30-acfe59 call ad2760 38->40 40->37 46 acfe90-acfeb4 call ad2700 41->46 51 acffe4-acffe6 42->51 52 acfed5-acfef8 42->52 46->42 55 ad01b1-ad01bb 51->55 53 acfefa 52->53 54 acff2b-acff2d 52->54 56 acff00-acff29 call ad27e0 53->56 57 acff30-acff3a 54->57 56->54 59 acff3c-acff3f 57->59 60 acff41-acff49 57->60 59->57 59->60 62 acff4f-acff76 60->62 63 ad01a2-ad01a5 call b03220 60->63 65 acff78 62->65 66 acffab-acffb5 62->66 70 ad01aa-ad01ad 63->70 67 acff80-acffa9 call ad2840 65->67 68 acffeb 66->68 69 acffb7-acffbb 66->69 67->66 73 acffed-acffef 68->73 72 acffc7-acffcb 69->72 70->55 75 ad019a 72->75 76 acffd1-acffd8 72->76 73->75 77 acfff5-ad002c 73->77 75->63 78 acffde 76->78 79 acffda-acffdc 76->79 80 ad002e-ad002f 77->80 81 ad005b-ad0065 77->81 85 acffc0-acffc5 78->85 86 acffe0-acffe2 78->86 79->78 82 ad0030-ad0059 call ad28a0 80->82 83 ad00a4 81->83 84 ad0067-ad006f 81->84 82->81 89 ad00a6-ad00a8 83->89 88 ad0087-ad008b 84->88 85->72 85->73 86->85 88->75 91 ad0091-ad0098 88->91 89->75 92 ad00ae-ad00c5 89->92 93 ad009e 91->93 94 ad009a-ad009c 91->94 95 ad00fb-ad0102 92->95 96 ad00c7 92->96 99 ad0080-ad0085 93->99 100 ad00a0-ad00a2 93->100 94->93 97 ad0104-ad010d 95->97 98 ad0130-ad013c 95->98 101 ad00d0-ad00f9 call ad2900 96->101 103 ad0117-ad011b 97->103 104 ad01c2-ad01c7 98->104 99->88 99->89 100->99 101->95 103->75 106 ad011d-ad0124 103->106 104->63 107 ad012a 106->107 108 ad0126-ad0128 106->108 109 ad012c-ad012e 107->109 110 ad0110-ad0115 107->110 108->107 109->110 110->103 111 ad0141-ad0143 110->111 111->75 112 ad0145-ad015b 111->112 112->104 113 ad015d-ad015f 112->113 114 ad0163-ad0166 113->114 115 ad01bc 114->115 116 ad0168-ad0188 call ad2030 114->116 115->104 119 ad018a-ad0190 116->119 120 ad0192-ad0198 116->120 119->114 119->120 120->104
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: J|BJ$V$VY^_$t
                                                                                                                                                                  • API String ID: 0-3701112211
                                                                                                                                                                  • Opcode ID: 5c41d9b41e5f25112e393e6c09f17271bc877fa9f7ba2c35a565e06173369dfe
                                                                                                                                                                  • Instruction ID: 91095eb6f12bc05ad98a7664fbd03d6089122e0cfea9f365aa3365c38f8201dc
                                                                                                                                                                  • Opcode Fuzzy Hash: 5c41d9b41e5f25112e393e6c09f17271bc877fa9f7ba2c35a565e06173369dfe
                                                                                                                                                                  • Instruction Fuzzy Hash: 25D165745083809BD311DF189594B5FBBF2ABA2B44F18892DF4DA8B352C336CD49DB92
                                                                                                                                                                  Function 00ACD110 Relevance: 1.7, APIs: 1, Instructions: 168COMMON
                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                  • Executed
                                                                                                                                                                  • Not Executed
                                                                                                                                                                  control_flow_graph 157 acd110-acd11b call b04cc0 160 acd2ee-acd2f6 ExitProcess 157->160 161 acd121-acd130 call afc8d0 157->161 165 acd2e9 call b056e0 161->165 166 acd136-acd15f 161->166 165->160 170 acd196-acd1bf 166->170 171 acd161 166->171 173 acd1f6-acd20c 170->173 174 acd1c1 170->174 172 acd170-acd194 call acd300 171->172 172->170 175 acd20e-acd20f 173->175 176 acd239-acd23b 173->176 178 acd1d0-acd1f4 call acd370 174->178 180 acd210-acd237 call acd3e0 175->180 181 acd23d-acd25a 176->181 182 acd286-acd2aa 176->182 178->173 180->176 181->182 186 acd25c-acd25f 181->186 187 acd2ac-acd2af 182->187 188 acd2d6 call ace8f0 182->188 191 acd260-acd284 call acd440 186->191 192 acd2b0-acd2d4 call acd490 187->192 194 acd2db-acd2dd 188->194 191->182 192->188 194->165 197 acd2df-acd2e4 call ad2f10 call ad0b40 194->197 197->165
                                                                                                                                                                  APIs
                                                                                                                                                                  • ExitProcess.KERNEL32(00000000), ref: 00ACD2F1
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID: ExitProcess
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID: 621844428-0
                                                                                                                                                                  • Opcode ID: e9c25e489a8b54b9b6557578c226cee58539ae8e2c9ddda61e37e4fefb7c52f1
                                                                                                                                                                  • Instruction ID: 5253556429c097f05605ddf1a186653d262c00ae25e83b8df9aaedb831cfff1f
                                                                                                                                                                  • Opcode Fuzzy Hash: e9c25e489a8b54b9b6557578c226cee58539ae8e2c9ddda61e37e4fefb7c52f1
                                                                                                                                                                  • Instruction Fuzzy Hash: FA41447040D380ABC301BB69D684E2EFBF5AF92745F198C2CE5C49B252C33AD8149B67
                                                                                                                                                                  Function 00B05BB0 Relevance: 1.5, APIs: 1, Instructions: 14libraryCOMMON
                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                  • Executed
                                                                                                                                                                  • Not Executed
                                                                                                                                                                  control_flow_graph 212 b05bb0-b05be2 LdrInitializeThunk
                                                                                                                                                                  APIs
                                                                                                                                                                  • LdrInitializeThunk.NTDLL(00B0973D,005C003F,00000006,?,?,00000018,8C8D8A8B,?,?), ref: 00B05BDE
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                  • Opcode ID: b66ff63dfd389af1bc8afcc0025f999e8b2b47508af02e865142dda64173a8e3
                                                                                                                                                                  • Instruction ID: fb6f357373f259be8b0e83fffc5d2a3912a28e0da7d2036ce94b71e982b3a7e9
                                                                                                                                                                  • Opcode Fuzzy Hash: b66ff63dfd389af1bc8afcc0025f999e8b2b47508af02e865142dda64173a8e3
                                                                                                                                                                  • Instruction Fuzzy Hash: 76E0FE75908316AB9A09CF45C14444EFBE5BFC4714F11CC8DA4D867210D3B0AD46DF82
                                                                                                                                                                  Function 00B0695B Relevance: 1.4, Strings: 1, Instructions: 100COMMON
                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                  • Executed
                                                                                                                                                                  • Not Executed
                                                                                                                                                                  control_flow_graph 241 b0695b-b0696b call b04a20 244 b06981-b06a02 241->244 245 b0696d 241->245 247 b06a04 244->247 248 b06a36-b06a42 244->248 246 b06970-b0697f 245->246 246->244 246->246 249 b06a10-b06a34 call b073e0 247->249 250 b06a44-b06a4f 248->250 251 b06a85-b06a9f 248->251 249->248 253 b06a50-b06a57 250->253 255 b06a60-b06a66 253->255 256 b06a59-b06a5c 253->256 255->251 258 b06a68-b06a7d call b05bb0 255->258 256->253 257 b06a5e 256->257 257->251 260 b06a82 258->260 260->251
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: @
                                                                                                                                                                  • API String ID: 0-2766056989
                                                                                                                                                                  • Opcode ID: abc7c47f0a9d0f9c81a6fc07788f829e98c7afcadff94e76bd712364ea807b20
                                                                                                                                                                  • Instruction ID: ef7d55ee53905ec59dfc0cb201344ac809d7e144b2a82407147fdffb63b1500e
                                                                                                                                                                  • Opcode Fuzzy Hash: abc7c47f0a9d0f9c81a6fc07788f829e98c7afcadff94e76bd712364ea807b20
                                                                                                                                                                  • Instruction Fuzzy Hash: EC31A9B1A083019FD718EF18C8A072BBBF2FF84344F48985CE5C6972A1E7349914CB56
                                                                                                                                                                  Function 00AD049B Relevance: .3, Instructions: 264COMMON
                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                  • Executed
                                                                                                                                                                  • Not Executed
                                                                                                                                                                  control_flow_graph 261 ad049b-ad0515 call acc9f0 265 ad03ec-ad03f4 261->265 266 ad0308-ad030c 261->266 267 ad0227-ad023b 261->267 268 ad0246-ad0260 261->268 269 ad0386-ad038c 261->269 270 ad0440-ad0458 call b05700 261->270 271 ad0480 261->271 272 ad0242-ad0244 261->272 273 ad0482-ad0484 261->273 274 ad051c-ad051e 261->274 275 ad035f-ad0367 261->275 276 ad03be 261->276 277 ad03de-ad03e3 261->277 278 ad0339-ad034f 261->278 279 ad045b-ad0469 call b05700 261->279 280 ad03fb-ad0414 261->280 281 ad0417-ad0430 261->281 282 ad0356 261->282 283 ad0311-ad0332 261->283 284 ad0370-ad037e 261->284 285 ad03d0-ad03d7 261->285 286 ad0393-ad0397 261->286 287 ad0472-ad0477 261->287 265->271 265->273 265->280 265->286 265->287 289 ad048d-ad0496 266->289 267->265 267->266 267->268 267->269 267->270 267->271 267->272 267->273 267->275 267->276 267->277 267->278 267->279 267->280 267->281 267->282 267->283 267->284 267->285 267->286 267->287 293 ad0294 268->293 294 ad0262 268->294 269->271 269->273 269->286 269->287 270->279 292 ad0296-ad02bd 272->292 273->289 291 ad0520-ad0b30 274->291 275->284 276->285 277->265 278->265 278->269 278->270 278->271 278->273 278->275 278->276 278->277 278->279 278->280 278->281 278->282 278->284 278->285 278->286 278->287 279->287 280->281 281->270 282->275 283->265 283->269 283->270 283->271 283->273 283->275 283->276 283->277 283->278 283->279 283->280 283->281 283->282 283->284 283->285 283->286 283->287 284->269 285->265 285->269 285->271 285->273 285->277 285->280 285->281 285->286 285->287 300 ad03a0-ad03b7 286->300 287->271 289->291 302 ad02bf 292->302 303 ad02ea-ad0301 292->303 293->292 301 ad0270-ad0292 call ad2eb0 294->301 300->265 300->269 300->270 300->271 300->273 300->276 300->277 300->279 300->280 300->281 300->285 300->286 300->287 301->293 308 ad02c0-ad02e8 call ad2e70 302->308 303->265 303->266 303->269 303->270 303->271 303->273 303->275 303->276 303->277 303->278 303->279 303->280 303->281 303->282 303->283 303->284 303->285 303->286 303->287 308->303
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: b8ae07fa4a15ac3e36ad3abb660b226bbe1ae2a8f99f5e0ff6ced84d18e912f2
                                                                                                                                                                  • Instruction ID: a58b1d8a1d6595741b333407dfc6e533a0f828478eb6ccdd1ee0d78aef9accba
                                                                                                                                                                  • Opcode Fuzzy Hash: b8ae07fa4a15ac3e36ad3abb660b226bbe1ae2a8f99f5e0ff6ced84d18e912f2
                                                                                                                                                                  • Instruction Fuzzy Hash: CD915875200B01CFD724CF25E894B26B7F6FF89314F118A6DE8568BAA1DB31E815CB90
                                                                                                                                                                  Function 00AD0228 Relevance: .2, Instructions: 218COMMON
                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                  • Executed
                                                                                                                                                                  • Not Executed
                                                                                                                                                                  control_flow_graph 315 ad0228-ad023b 316 ad03ec-ad03f4 315->316 317 ad0308-ad030c 315->317 318 ad0246-ad0260 315->318 319 ad0386-ad038c 315->319 320 ad0440-ad0458 call b05700 315->320 321 ad0480 315->321 322 ad0242-ad0244 315->322 323 ad0482-ad0484 315->323 324 ad035f-ad0367 315->324 325 ad03be 315->325 326 ad03de-ad03e3 315->326 327 ad0339-ad034f 315->327 328 ad045b-ad0469 call b05700 315->328 329 ad03fb-ad0414 315->329 330 ad0417-ad0430 315->330 331 ad0356 315->331 332 ad0311-ad0332 315->332 333 ad0370-ad037e 315->333 334 ad03d0-ad03d7 315->334 335 ad0393-ad0397 315->335 336 ad0472-ad0477 315->336 316->321 316->323 316->329 316->335 316->336 338 ad048d-ad0b30 317->338 341 ad0294 318->341 342 ad0262 318->342 319->321 319->323 319->335 319->336 320->328 340 ad0296-ad02bd 322->340 323->338 324->333 325->334 326->316 327->316 327->319 327->320 327->321 327->323 327->324 327->325 327->326 327->328 327->329 327->330 327->331 327->333 327->334 327->335 327->336 328->336 329->330 330->320 331->324 332->316 332->319 332->320 332->321 332->323 332->324 332->325 332->326 332->327 332->328 332->329 332->330 332->331 332->333 332->334 332->335 332->336 333->319 334->316 334->319 334->321 334->323 334->326 334->329 334->330 334->335 334->336 348 ad03a0-ad03b7 335->348 336->321 350 ad02bf 340->350 351 ad02ea-ad0301 340->351 341->340 349 ad0270-ad0292 call ad2eb0 342->349 348->316 348->319 348->320 348->321 348->323 348->325 348->326 348->328 348->329 348->330 348->334 348->335 348->336 349->341 355 ad02c0-ad02e8 call ad2e70 350->355 351->316 351->317 351->319 351->320 351->321 351->323 351->324 351->325 351->326 351->327 351->328 351->329 351->330 351->331 351->332 351->333 351->334 351->335 351->336 355->351
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 148b3669c9f21b9a0d9a3af82a0ad10957fc78f62c936a4676d22d6cbcfe4e59
                                                                                                                                                                  • Instruction ID: 760db5763e9386b0e8dcd9ee855fb7f9fc8c72843a1e2df81683a1d37bd0754b
                                                                                                                                                                  • Opcode Fuzzy Hash: 148b3669c9f21b9a0d9a3af82a0ad10957fc78f62c936a4676d22d6cbcfe4e59
                                                                                                                                                                  • Instruction Fuzzy Hash: ED715874200701DFE724CF21E894B66B7F6FF89315F10896DE9968BA62DB31A815CB60
                                                                                                                                                                  Function 00B099D0 Relevance: .1, Instructions: 143COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 98f08aaaf8b9af22991f381d6e8a7ded1a59c14efe1d49dff5400c3a3621ea31
                                                                                                                                                                  • Instruction ID: d70b7248b7a334d480bfe6079d3fc8ebc18260270b97ee8ccae341a22625a1c3
                                                                                                                                                                  • Opcode Fuzzy Hash: 98f08aaaf8b9af22991f381d6e8a7ded1a59c14efe1d49dff5400c3a3621ea31
                                                                                                                                                                  • Instruction Fuzzy Hash: DD416F34208300ABD7249E15D991B2BBBE6EB85724F5488ACE5CA972D2D735EC11CB62
                                                                                                                                                                  Function 00B063B8 Relevance: .1, Instructions: 99COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                  • Opcode ID: 120c39b7adbdc5da4d2aa978256971a2a10253a4b9e664eddcc942f30ae2c0dd
                                                                                                                                                                  • Instruction ID: 90f8c108375d61d8f658525bcbe49c824962deca4f4e125eeb6765d96e4f7418
                                                                                                                                                                  • Opcode Fuzzy Hash: 120c39b7adbdc5da4d2aa978256971a2a10253a4b9e664eddcc942f30ae2c0dd
                                                                                                                                                                  • Instruction Fuzzy Hash: 83319370649301BAD624DB08CD82F2FBBE5EB81B51FA48558F1815B2D1D770AC218B56
                                                                                                                                                                  Function 00AD0EEC Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: cb8945648be5288b5e7e59922f0f5247cea752d48f81553378adc07d4b2aad06
                                                                                                                                                                  • Instruction ID: 0c9bb6a3f59ecf4bdd5c45801b403d051459f3c21492b58576f17a6678a754fb
                                                                                                                                                                  • Opcode Fuzzy Hash: cb8945648be5288b5e7e59922f0f5247cea752d48f81553378adc07d4b2aad06
                                                                                                                                                                  • Instruction Fuzzy Hash: 73210CB490021A9FDB15CF94CC90FBEBBB1FB4A304F244859E512BB391C735A911CB64
                                                                                                                                                                  Function 00B03220 Relevance: 1.6, APIs: 1, Instructions: 59memoryCOMMON
                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                  • Executed
                                                                                                                                                                  • Not Executed
                                                                                                                                                                  control_flow_graph 202 b03220-b0322f 203 b032a0 202->203 204 b032a2-b032a6 RtlFreeHeap 202->204 205 b03236-b03252 202->205 206 b032ac-b032b0 202->206 203->204 204->206 207 b03254 205->207 208 b03286-b03296 205->208 209 b03260-b03284 call b05af0 207->209 208->203 209->208
                                                                                                                                                                  APIs
                                                                                                                                                                  • RtlFreeHeap.NTDLL(?,00000000), ref: 00B032A6
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID: FreeHeap
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID: 3298025750-0
                                                                                                                                                                  • Opcode ID: 184ab1cffd328a4f9ed7569e66752e796e05cca06d923401ed1e54caf4317376
                                                                                                                                                                  • Instruction ID: bcd96d9b8c2343f1c6dac7d401baf503206eccb2f8e34a9f275451d0f2ef248b
                                                                                                                                                                  • Opcode Fuzzy Hash: 184ab1cffd328a4f9ed7569e66752e796e05cca06d923401ed1e54caf4317376
                                                                                                                                                                  • Instruction Fuzzy Hash: 5D01693450D2409BC701EF18E889A1ABBE8EF4AB00F45885CE5C58B3A1D735DD60CBA6
                                                                                                                                                                  Function 00B03202 Relevance: 1.5, APIs: 1, Instructions: 6memoryCOMMON
                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                  • Executed
                                                                                                                                                                  • Not Executed
                                                                                                                                                                  control_flow_graph 213 b03202-b03211 RtlAllocateHeap
                                                                                                                                                                  APIs
                                                                                                                                                                  • RtlAllocateHeap.NTDLL(?,00000000), ref: 00B03208
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID: AllocateHeap
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID: 1279760036-0
                                                                                                                                                                  • Opcode ID: b82a391390f88c0438c423a0a2e583736632a40f1654d7bbcf4452ee250b148f
                                                                                                                                                                  • Instruction ID: ae5005786bb0233b9c5d4d2aa252c668af86920b4555a9afb2ba5d170e1ec333
                                                                                                                                                                  • Opcode Fuzzy Hash: b82a391390f88c0438c423a0a2e583736632a40f1654d7bbcf4452ee250b148f
                                                                                                                                                                  • Instruction Fuzzy Hash: F5B012301400006FDA041B00EC0AF003510EB00605FC00050A100050F1D5655D64C554

                                                                                                                                                                  Non-executed Functions

                                                                                                                                                                  Function 00AF23E0 Relevance: 33.0, APIs: 4, Strings: 13, Instructions: 3298COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+($3<$:$Cx$`tii$aenQ$f@~!$fedc$ggxz$mlc@${l`~$|}&C$#v
                                                                                                                                                                  • API String ID: 0-2260822535
                                                                                                                                                                  • Opcode ID: 0a384682f60fe56ee7611e9e1b6decc840d8b8842033e208530b06f4de82ab14
                                                                                                                                                                  • Instruction ID: b4a2761d2a1f5c895b961406a17acc1543cf46895733334c2fc3746f99ed172b
                                                                                                                                                                  • Opcode Fuzzy Hash: 0a384682f60fe56ee7611e9e1b6decc840d8b8842033e208530b06f4de82ab14
                                                                                                                                                                  • Instruction Fuzzy Hash: 4C33CB70104B818FDB258F79C590762BBF1BF16304F58899DE5DA8BB92C735E806CBA1
                                                                                                                                                                  Function 00ADDB6F Relevance: 32.0, Strings: 24, Instructions: 2006COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                  • String ID: %*+($()./$89&'$89>?$:WUE$<=2$<=:;$@ONM$AR$D$DCBA$LKJI$QNOL$T$WP$`Y^_$`onm$dcba$lkji$mjkh$tsrq$tuJK$xgfe$|
                                                                                                                                                                  • API String ID: 2994545307-1418943773
                                                                                                                                                                  • Opcode ID: 4bb906169aa59cfe436aad9729c36a8a8257f23ae6c5c0388329684c824158ff
                                                                                                                                                                  • Instruction ID: f758bd9fa0dd96eb44d5ecdccfef9f9795a0c66ed2f7d163e0bc39438cf8c7a4
                                                                                                                                                                  • Opcode Fuzzy Hash: 4bb906169aa59cfe436aad9729c36a8a8257f23ae6c5c0388329684c824158ff
                                                                                                                                                                  • Instruction Fuzzy Hash: 64F255B05093819FD770DF14C884BABBBE6AFD5344F54482EE4CA8B391DB719984CB92
                                                                                                                                                                  Function 00AE9F62 Relevance: 21.7, Strings: 17, Instructions: 473COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %e6g$(a*c$=]$?m,o$CG$Gt$JG$N[$WH$]{$hi$kW$/)$S]$WQ$_Y$sm
                                                                                                                                                                  • API String ID: 0-1131134755
                                                                                                                                                                  • Opcode ID: 6cf94137cd7488c25dea9c4200c329a6b900abb00a2c29382df5f1d25ed9b8bc
                                                                                                                                                                  • Instruction ID: d7f0be9c34dfa9cf41782b41fcb1260f0ad51a1084995177e6a15f1558b7fdc3
                                                                                                                                                                  • Opcode Fuzzy Hash: 6cf94137cd7488c25dea9c4200c329a6b900abb00a2c29382df5f1d25ed9b8bc
                                                                                                                                                                  • Instruction Fuzzy Hash: 2052B6B444D3858AE270CF26D681B8EBAF1BB92740F608A1DE1ED9B255DB708045CF93
                                                                                                                                                                  Function 00AE9510 Relevance: 20.4, Strings: 16, Instructions: 427COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: !E4G$,A&C$2A"_$8;$;IJK$?M0K$B7U1$B?Q9$G'M!$G+X5$L3Y=$O+f)$T#a-$X/R)$pq$z=Q?
                                                                                                                                                                  • API String ID: 0-655414846
                                                                                                                                                                  • Opcode ID: fa63294a2e3d9c3de60ceb273a72e1147931f49f6576d9d0f2c2068ae9506c39
                                                                                                                                                                  • Instruction ID: b4386076012f5c40e8c8c3a8690c163557d1deee6e83fd71a56cbcb65fa740bf
                                                                                                                                                                  • Opcode Fuzzy Hash: fa63294a2e3d9c3de60ceb273a72e1147931f49f6576d9d0f2c2068ae9506c39
                                                                                                                                                                  • Instruction Fuzzy Hash: 53F14FB0518380ABD310DF16D981A2BBBF4FB86B88F544D1CF4D99B252D374D909CBA6
                                                                                                                                                                  Function 00AEDD29 Relevance: 14.9, Strings: 11, Instructions: 1142COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+($)IgK$,Q?S$-M2O$<Y.[$=]+_$Y9N;$hX]N$n\+H$upH}${E
                                                                                                                                                                  • API String ID: 0-1557708024
                                                                                                                                                                  • Opcode ID: 58f7179f30031ec4a9c60eac55bf9cfb7af63a6b6284d469cbca94f26dbe6345
                                                                                                                                                                  • Instruction ID: fb13378654077cf07a264be0371fcf9c7734820dd4aff5890f61a5d00de35c3b
                                                                                                                                                                  • Opcode Fuzzy Hash: 58f7179f30031ec4a9c60eac55bf9cfb7af63a6b6284d469cbca94f26dbe6345
                                                                                                                                                                  • Instruction Fuzzy Hash: C2921471E00245CFDB14CF69D8917AEBBB2FF49310F298268E556AB391D735AD02CB90
                                                                                                                                                                  Function 00C969C4 Relevance: 11.6, Strings: 8, Instructions: 1600COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %pm=$,[?$3][$[^z|$^Es$hwn$n-Zm$g~
                                                                                                                                                                  • API String ID: 0-432285966
                                                                                                                                                                  • Opcode ID: ac328b5af41210f759cc714adf3bd672decc61632c9afe7319879b49c5740c14
                                                                                                                                                                  • Instruction ID: 022c00b7ccca4d78fe1f6585194537614c323e01f055f547bf170f452b51e228
                                                                                                                                                                  • Opcode Fuzzy Hash: ac328b5af41210f759cc714adf3bd672decc61632c9afe7319879b49c5740c14
                                                                                                                                                                  • Instruction Fuzzy Hash: 4DB2F6F390C2049FE304BE29EC8567ABBE9EF94720F1A493DEAC4C3744E63559058693
                                                                                                                                                                  Function 00AE098B Relevance: 10.8, Strings: 8, Instructions: 836COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+($&> &$,#15$9.5^$cah`$gce/$qrqp${
                                                                                                                                                                  • API String ID: 0-4102007303
                                                                                                                                                                  • Opcode ID: 96648c75832fcecfdec4d0085d4fb5a7e1577d95b900f103c555f4eaa0acd6fa
                                                                                                                                                                  • Instruction ID: 70f23a3fa331b0d02a504e5450d4ed4cf1ded3562ccdde432f0a8b31989326ca
                                                                                                                                                                  • Opcode Fuzzy Hash: 96648c75832fcecfdec4d0085d4fb5a7e1577d95b900f103c555f4eaa0acd6fa
                                                                                                                                                                  • Instruction Fuzzy Hash: 7062A8B16083818BD730DF15D895BAFBBE1FF96314F08492DE49A8B681E7758980CB53
                                                                                                                                                                  Function 00AC1000 Relevance: 10.5, Strings: 7, Instructions: 1785COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: -$0123456789ABCDEFXP$0123456789abcdefxp$@$gfff$gfff$gfff
                                                                                                                                                                  • API String ID: 0-2517803157
                                                                                                                                                                  • Opcode ID: 35787dd278db018460749c1c6f1d448644826883557698da22bcd214dd3e113f
                                                                                                                                                                  • Instruction ID: dda0b30bfa2a50f51e2cf933259688037b0e84f17ea299f99f7b686a0c9365f3
                                                                                                                                                                  • Opcode Fuzzy Hash: 35787dd278db018460749c1c6f1d448644826883557698da22bcd214dd3e113f
                                                                                                                                                                  • Instruction Fuzzy Hash: 60D2F5726083418FD718CF28C494B6ABBE2AFD5314F1ACA2DE4958B391D734DD45CB82
                                                                                                                                                                  Function 00C9D5BF Relevance: 10.3, Strings: 7, Instructions: 1571COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: P#$__V$hw$$n,~{$r43?$0;>$J/
                                                                                                                                                                  • API String ID: 0-1574053673
                                                                                                                                                                  • Opcode ID: ed188811c67634c2f48406612963ae9639201e7a06af3f22298b5b24834c20b9
                                                                                                                                                                  • Instruction ID: 645a6ba384a9f827fcd9f0c19b5e612cddb2845a3fef1025beedf4232b2fb226
                                                                                                                                                                  • Opcode Fuzzy Hash: ed188811c67634c2f48406612963ae9639201e7a06af3f22298b5b24834c20b9
                                                                                                                                                                  • Instruction Fuzzy Hash: 43B2D1F360C6009FE304AF29EC8166AFBE5EF94720F16893DEAC5C3744E63598458697
                                                                                                                                                                  Function 00C8E35A Relevance: 9.0, Strings: 6, Instructions: 1533COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: $~_{$C@|\$[-iU$n.!@$x7_$z>:o
                                                                                                                                                                  • API String ID: 0-869803711
                                                                                                                                                                  • Opcode ID: ed5cb1f75c5d4a8fb5dc72d07e6a06096ed3199793b46350b6b1ca3250d8be25
                                                                                                                                                                  • Instruction ID: 95bef9634fdb05ed4951800324bbaa031fb0d12c1091081a8ee92e6247ced04e
                                                                                                                                                                  • Opcode Fuzzy Hash: ed5cb1f75c5d4a8fb5dc72d07e6a06096ed3199793b46350b6b1ca3250d8be25
                                                                                                                                                                  • Instruction Fuzzy Hash: E9A206F3A082049FE3046E2DEC8567AFBE9EF94720F1A493DE6C4C7744E63598058697
                                                                                                                                                                  Function 00C9187E Relevance: 7.9, Strings: 5, Instructions: 1673COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: *4Ez$66Wn$XZ{o$el;$~f{_
                                                                                                                                                                  • API String ID: 0-1335471841
                                                                                                                                                                  • Opcode ID: 0bd510bf6fbfae0838d2a263572557b2880a99e7aa8d22326fd45bffc7aee720
                                                                                                                                                                  • Instruction ID: 09fb9e27793a12e2898b855b2ea42f68d8703bbb18c70b47f94996ca1f99df42
                                                                                                                                                                  • Opcode Fuzzy Hash: 0bd510bf6fbfae0838d2a263572557b2880a99e7aa8d22326fd45bffc7aee720
                                                                                                                                                                  • Instruction Fuzzy Hash: EEB228F36082049FE704AE3DEC8567ABBE6EBD4320F1A863DE6C5C3744E93558058696
                                                                                                                                                                  Function 00C984B9 Relevance: 7.9, Strings: 5, Instructions: 1669COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: .h;$]V{$`Hm=$pU/>$.z
                                                                                                                                                                  • API String ID: 0-951304034
                                                                                                                                                                  • Opcode ID: 3cba3322afc2fa08f6af3d4155cc8533917bc768e5661037339922feea2ed4bd
                                                                                                                                                                  • Instruction ID: ae228f743850cb05fa34371b7d5ee99562fe798dd6823b1aa124c2f97b4abef1
                                                                                                                                                                  • Opcode Fuzzy Hash: 3cba3322afc2fa08f6af3d4155cc8533917bc768e5661037339922feea2ed4bd
                                                                                                                                                                  • Instruction Fuzzy Hash: 78B228F360C2009FE3046E2DEC8567ABBE9EF94360F1A893DE6C4C7744E67558058697
                                                                                                                                                                  Function 00C934A1 Relevance: 7.9, Strings: 5, Instructions: 1625COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: Q<^$3~o$8g}$\u-$aPr
                                                                                                                                                                  • API String ID: 0-3439627576
                                                                                                                                                                  • Opcode ID: 8b57dadbfc6e5a88ad27ef76b54112dc5829a44c793a259d58529ebb33b63eb5
                                                                                                                                                                  • Instruction ID: 421c59ec6e4a97d98f84f2de5366ebfa7a19a4b61408d4b90c2e04616f464da6
                                                                                                                                                                  • Opcode Fuzzy Hash: 8b57dadbfc6e5a88ad27ef76b54112dc5829a44c793a259d58529ebb33b63eb5
                                                                                                                                                                  • Instruction Fuzzy Hash: BBB236F360C2049FD304AE2DEC4567AFBE9EFD4720F1A492DEAC4C7744EA3598418692
                                                                                                                                                                  Function 00AC12F7 Relevance: 7.2, Strings: 5, Instructions: 922COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: 0$0$0$@$i
                                                                                                                                                                  • API String ID: 0-3124195287
                                                                                                                                                                  • Opcode ID: 043410111222df818736a0977333a9cb5908da7352497e510f80c90383c10f06
                                                                                                                                                                  • Instruction ID: 8b6b1aa46835f74ca7e6749fef0908ee1ce0d42cad8a6fd8e65c362af774c163
                                                                                                                                                                  • Opcode Fuzzy Hash: 043410111222df818736a0977333a9cb5908da7352497e510f80c90383c10f06
                                                                                                                                                                  • Instruction Fuzzy Hash: B562DF7160C3818FD719CF28C590B6ABBE1AFD5304F198A2DE8D987292D774DD49CB82
                                                                                                                                                                  Function 00AC164F Relevance: 6.7, Strings: 5, Instructions: 472COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: +$0123456789ABCDEFXP$0123456789abcdefxp$gfff$gfff
                                                                                                                                                                  • API String ID: 0-1123320326
                                                                                                                                                                  • Opcode ID: 18fb58a4de47e5c57543ea4e517eba5397abf050edc7a45e46b55bf70731a0da
                                                                                                                                                                  • Instruction ID: 58bdca55455f9c9e5c7eee4cc549150aff9d6faea027dc19cbe2cd1458563cf4
                                                                                                                                                                  • Opcode Fuzzy Hash: 18fb58a4de47e5c57543ea4e517eba5397abf050edc7a45e46b55bf70731a0da
                                                                                                                                                                  • Instruction Fuzzy Hash: B1F19F3160C3818FC719CF29C484B6AFBE2ABD9304F198A6EE4D987352D774D945CB92
                                                                                                                                                                  Function 00AC13A3 Relevance: 6.6, Strings: 5, Instructions: 390COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: -$0123456789ABCDEFXP$0123456789abcdefxp$gfff$gfff
                                                                                                                                                                  • API String ID: 0-3620105454
                                                                                                                                                                  • Opcode ID: 3c11beac305553ff0e7fa59861e3fe581f9aefdd9425ab7eeef2d759a2f66b81
                                                                                                                                                                  • Instruction ID: 1f2c4a87d6b6ee54f3ff23413721f224d6dfb883e319307e9576fedbe033eac0
                                                                                                                                                                  • Opcode Fuzzy Hash: 3c11beac305553ff0e7fa59861e3fe581f9aefdd9425ab7eeef2d759a2f66b81
                                                                                                                                                                  • Instruction Fuzzy Hash: 41D18D3160C7818FC719CF29C48476AFBE2ABD9304F09CA6EE4D987356D634D949CB92
                                                                                                                                                                  Function 00C9A0FD Relevance: 6.6, Strings: 4, Instructions: 1592COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: v?~$10.6$BZm}$Y{|w
                                                                                                                                                                  • API String ID: 0-3669587384
                                                                                                                                                                  • Opcode ID: 3343751edce544d444ae9bc2162fc08fa34f5e138cc3bbd4b7e05b51618404ea
                                                                                                                                                                  • Instruction ID: fa7f75b3b772f1547793e45d62c7512bc434d6ace0f52c12f78c8957f59d7ab0
                                                                                                                                                                  • Opcode Fuzzy Hash: 3343751edce544d444ae9bc2162fc08fa34f5e138cc3bbd4b7e05b51618404ea
                                                                                                                                                                  • Instruction Fuzzy Hash: DDB2F4F350C200AFE708AF29EC8567AFBE5EF94320F1A493DE6C583744EA3598458657
                                                                                                                                                                  Function 00AEFD10 Relevance: 5.7, Strings: 4, Instructions: 667COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: :$NA_I$m1s3$uvw
                                                                                                                                                                  • API String ID: 0-3973114637
                                                                                                                                                                  • Opcode ID: b3f2fcab4bfd106115c3d18a5b622936222cc954779ad3ecd31bf5f11b6a0791
                                                                                                                                                                  • Instruction ID: ef57a56b77f76bc16eb469772b19d599bb7e2b091a59f5b570debde7f6bfa4e4
                                                                                                                                                                  • Opcode Fuzzy Hash: b3f2fcab4bfd106115c3d18a5b622936222cc954779ad3ecd31bf5f11b6a0791
                                                                                                                                                                  • Instruction Fuzzy Hash: 1B32A8B0508384DFD310DF69D880B6ABBE1AF8A350F548E6CF6D58B2A2D735D905CB52
                                                                                                                                                                  Function 00C9F01D Relevance: 5.4, Strings: 3, Instructions: 1685COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: ?`u$gllw$k@;
                                                                                                                                                                  • API String ID: 0-2157141777
                                                                                                                                                                  • Opcode ID: 1b6f8f56d0b272a70668b064b1b680ac3f568e324964ba6453ffd74be17f0ea2
                                                                                                                                                                  • Instruction ID: 9b9e92b48bff361495caa90add29046599d7fc492e40a60514aea990d2bfa5c3
                                                                                                                                                                  • Opcode Fuzzy Hash: 1b6f8f56d0b272a70668b064b1b680ac3f568e324964ba6453ffd74be17f0ea2
                                                                                                                                                                  • Instruction Fuzzy Hash: 00B247F3A082049FE304AE2DEC8567AFBE9EFD4720F1A453DEAC4C7744E63558058696
                                                                                                                                                                  Function 00AD3BE2 Relevance: 5.4, Strings: 4, Instructions: 431COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+($;z$p$ss
                                                                                                                                                                  • API String ID: 0-2391135358
                                                                                                                                                                  • Opcode ID: 90fc4e93126ba05af6cb57ac5e80ed65b2b1159ef594b2ba8e6dd5c78020f719
                                                                                                                                                                  • Instruction ID: adeaf10a851dec7e383273ba72d2e36622d9ea28cc55c57943f7e768d9a7f6dd
                                                                                                                                                                  • Opcode Fuzzy Hash: 90fc4e93126ba05af6cb57ac5e80ed65b2b1159ef594b2ba8e6dd5c78020f719
                                                                                                                                                                  • Instruction Fuzzy Hash: C5024AB4810B00EFD7609F25D986756BFF5FB05300F50895DE89A8B796E730A818CBA2
                                                                                                                                                                  Function 00AE2260 Relevance: 5.4, Strings: 4, Instructions: 383COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: a|$hu$lc$sj
                                                                                                                                                                  • API String ID: 0-3748788050
                                                                                                                                                                  • Opcode ID: 8d447bb4e643499e19fe399ad0d264b6cec15e8f87a21a9a130264edfb202a98
                                                                                                                                                                  • Instruction ID: 4f2021d8c27120c96b28206ed39e3ef9f79240e2ff8920704f8b01b7cca7fec7
                                                                                                                                                                  • Opcode Fuzzy Hash: 8d447bb4e643499e19fe399ad0d264b6cec15e8f87a21a9a130264edfb202a98
                                                                                                                                                                  • Instruction Fuzzy Hash: EFA19CB44083818BC720DF19C891B2BB7F4FF95754F588A0CE8D99B291E379D941CBA6
                                                                                                                                                                  Function 00C8ADF7 Relevance: 5.4, Strings: 3, Instructions: 1620COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: )olU$d]$L><
                                                                                                                                                                  • API String ID: 0-2988762515
                                                                                                                                                                  • Opcode ID: 8e4d5610914544abbc9b99b39015b8d83411e2b3f7f88af2c15caf9791d04d1a
                                                                                                                                                                  • Instruction ID: 91a9336518b56c9a09e0246ab63db8c05018010acb8e47c3c967e5e58d39760c
                                                                                                                                                                  • Opcode Fuzzy Hash: 8e4d5610914544abbc9b99b39015b8d83411e2b3f7f88af2c15caf9791d04d1a
                                                                                                                                                                  • Instruction Fuzzy Hash: 55B218F3A08204AFE3046E2DEC8567AFBE9EFD4720F1A853DE6C4C7744E63558058696
                                                                                                                                                                  Function 00C94F86 Relevance: 5.3, Strings: 3, Instructions: 1535COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: !\}W$+=w$ej;g
                                                                                                                                                                  • API String ID: 0-3140140332
                                                                                                                                                                  • Opcode ID: 72dbc88919191e947fe923f0bdf453ec7c983e57a827634affa72b15a39fc815
                                                                                                                                                                  • Instruction ID: 0b092491bce96255829556029ad8ebc5521881c7286faf4f86fc981b87ecd7bd
                                                                                                                                                                  • Opcode Fuzzy Hash: 72dbc88919191e947fe923f0bdf453ec7c983e57a827634affa72b15a39fc815
                                                                                                                                                                  • Instruction Fuzzy Hash: AEB2D4F390C200AFE3046F29EC4567ABBE9EF94720F16492DEAC5C7344E63598458B97
                                                                                                                                                                  Function 00AED7AF Relevance: 5.2, Strings: 4, Instructions: 213COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: #'$CV$KV$T>
                                                                                                                                                                  • API String ID: 0-95592268
                                                                                                                                                                  • Opcode ID: c5df68c766071eec162ad97a747ac9f727dabc9be7665b7468a099d9b602568f
                                                                                                                                                                  • Instruction ID: 7efb0d81ab45c7f900d35ed44aa68e29a2a93f4e4fefe19dad3e053174d32545
                                                                                                                                                                  • Opcode Fuzzy Hash: c5df68c766071eec162ad97a747ac9f727dabc9be7665b7468a099d9b602568f
                                                                                                                                                                  • Instruction Fuzzy Hash: 268146B48017499FDB20DFA6D68556EBFB1FF12300F60560CE486ABA55C330AA55CFE2
                                                                                                                                                                  Function 00AEAC91 Relevance: 5.1, Strings: 4, Instructions: 128COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: (g6e$,{*y$4c2a$lk
                                                                                                                                                                  • API String ID: 0-1327526056
                                                                                                                                                                  • Opcode ID: f2483cec160b40632031d01decbd1da6ec321adccbf519055d9633815038279f
                                                                                                                                                                  • Instruction ID: 34167311111b5f4079dd41f37b961515e8ba3deabe4c416d93d46b427903d9f2
                                                                                                                                                                  • Opcode Fuzzy Hash: f2483cec160b40632031d01decbd1da6ec321adccbf519055d9633815038279f
                                                                                                                                                                  • Instruction Fuzzy Hash: ED4186B4808381CBD7209F25D944BABB7F0FF86305F54995DE6C897260EB31DA44CB96
                                                                                                                                                                  Function 00AEC470 Relevance: 4.2, Strings: 3, Instructions: 419COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+($%*+($~/i!
                                                                                                                                                                  • API String ID: 0-4033100838
                                                                                                                                                                  • Opcode ID: bc3c44eae82a6a4fcf645d6cd90b9fe60d6f7cf29c4fc78decbfcd2f3a06ca48
                                                                                                                                                                  • Instruction ID: ad57be22cd62a06eb7f6cf13527c2d0b71e929a56f8d59b871c614d0199d0f46
                                                                                                                                                                  • Opcode Fuzzy Hash: bc3c44eae82a6a4fcf645d6cd90b9fe60d6f7cf29c4fc78decbfcd2f3a06ca48
                                                                                                                                                                  • Instruction Fuzzy Hash: D5E188B5508384DFE3209F69D881B5BBBF5FB85350F448C2CE69987292DB32D811CB92
                                                                                                                                                                  Function 00AC8590 Relevance: 4.1, Strings: 3, Instructions: 387COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: )$)$IEND
                                                                                                                                                                  • API String ID: 0-588110143
                                                                                                                                                                  • Opcode ID: 0102dde2a7979b4782866d40d3ffb696ce1e7f3cd7de7cea1cbef87c40188d49
                                                                                                                                                                  • Instruction ID: f457ac0afb0bbb2e8e0600eda64f77a400e63b258cd409a797696392815e2563
                                                                                                                                                                  • Opcode Fuzzy Hash: 0102dde2a7979b4782866d40d3ffb696ce1e7f3cd7de7cea1cbef87c40188d49
                                                                                                                                                                  • Instruction Fuzzy Hash: 80E1E0B1A087019FE310CF29C885B2ABBE0FB94354F15492DF59997381DB79E915CBC2
                                                                                                                                                                  Function 00C9BB40 Relevance: 4.1, Strings: 2, Instructions: 1581COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: /Y$U$Rlwu
                                                                                                                                                                  • API String ID: 0-3254789073
                                                                                                                                                                  • Opcode ID: a88d73490862ab34d791a1deaadcb0ebd9bf378e11a7b2d542651a32873d1e53
                                                                                                                                                                  • Instruction ID: 621e35bd862e18eaa14fa53086fe81bfd12f7203dec769edf6d49d026286f28d
                                                                                                                                                                  • Opcode Fuzzy Hash: a88d73490862ab34d791a1deaadcb0ebd9bf378e11a7b2d542651a32873d1e53
                                                                                                                                                                  • Instruction Fuzzy Hash: 88B218F3A0C200AFE7046E2DEC4567AFBE9EF94720F16492DE6C5C3744EA3598008697
                                                                                                                                                                  Function 00B04040 Relevance: 3.1, Strings: 2, Instructions: 577COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+($f
                                                                                                                                                                  • API String ID: 0-2038831151
                                                                                                                                                                  • Opcode ID: ef62ba71a82793e42a446d4b46e23a4eb0edc7322f59953251b7cff3524fa322
                                                                                                                                                                  • Instruction ID: 7e59ea926acab4258d0f712b0dd717907fe05fe0daa9e71791b39449b35abcbf
                                                                                                                                                                  • Opcode Fuzzy Hash: ef62ba71a82793e42a446d4b46e23a4eb0edc7322f59953251b7cff3524fa322
                                                                                                                                                                  • Instruction Fuzzy Hash: A1129CB16083419FC715CF18C880B2FBBE6FBC9314F588AACF69497291D771E9458B92
                                                                                                                                                                  Function 00AFF620 Relevance: 3.0, Strings: 2, Instructions: 461COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: dg$hi
                                                                                                                                                                  • API String ID: 0-2859417413
                                                                                                                                                                  • Opcode ID: 8dccaff7378d978f34d22f6eaad52544d2cec8701feedcae27d4cd5856688d00
                                                                                                                                                                  • Instruction ID: 133e12b45406b5d52fde536bbbf16124197892386c6e710bb49aba7202f9be43
                                                                                                                                                                  • Opcode Fuzzy Hash: 8dccaff7378d978f34d22f6eaad52544d2cec8701feedcae27d4cd5856688d00
                                                                                                                                                                  • Instruction Fuzzy Hash: 60F19171618301EFE704CF64D891B6ABBF6EF86344F64992CF2858B2A1CB34D945CB52
                                                                                                                                                                  Function 00AC35B0 Relevance: 2.9, Strings: 2, Instructions: 411COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: Inf$NaN
                                                                                                                                                                  • API String ID: 0-3500518849
                                                                                                                                                                  • Opcode ID: 8db32cd1fc1ee20e9a9d756040613957ee4ab54a6b676f53597c3a87ab892694
                                                                                                                                                                  • Instruction ID: 16bf881efc471e4815e8678d01c24604c9460edabbd8ae160ab4528d8bb6a443
                                                                                                                                                                  • Opcode Fuzzy Hash: 8db32cd1fc1ee20e9a9d756040613957ee4ab54a6b676f53597c3a87ab892694
                                                                                                                                                                  • Instruction Fuzzy Hash: DBD1C672A083119BCB04CF29C980B5FB7E5EBC8750F15C92DF999973A0E675DD058B82
                                                                                                                                                                  Function 00ADFFDF Relevance: 2.7, Strings: 2, Instructions: 185COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: BaBc$Ye[g
                                                                                                                                                                  • API String ID: 0-286865133
                                                                                                                                                                  • Opcode ID: 5edd52a164d5f4775fd02a47a58c82caad5ebbce8f5f1b9ec5988b9a3f68caa3
                                                                                                                                                                  • Instruction ID: 1e9b9ce52986eb98f85d1df78389baebc281e82c18d4cb5665520a0e52b7d45b
                                                                                                                                                                  • Opcode Fuzzy Hash: 5edd52a164d5f4775fd02a47a58c82caad5ebbce8f5f1b9ec5988b9a3f68caa3
                                                                                                                                                                  • Instruction Fuzzy Hash: 5F51ACB16083818BD731CF56C481BABB7F0FF96360F19491DE49A8B651E3B49980CB57
                                                                                                                                                                  Function 00C87FAE Relevance: 2.1, Strings: 1, Instructions: 846COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: ?Rn
                                                                                                                                                                  • API String ID: 0-3175283865
                                                                                                                                                                  • Opcode ID: 4b0c1f63371da07f7d941e4df5b6f0f77a6d2017c795edf57545f676908ea289
                                                                                                                                                                  • Instruction ID: 00a40d06e98d6a4b4988b9960616d2c19d239dfef30cc930715bbf4c23e39a36
                                                                                                                                                                  • Opcode Fuzzy Hash: 4b0c1f63371da07f7d941e4df5b6f0f77a6d2017c795edf57545f676908ea289
                                                                                                                                                                  • Instruction Fuzzy Hash: 5942D3F3A082009FD318AE2DDC4567ABBE5EF94720F16893DEAC5C3344EA3598158787
                                                                                                                                                                  Function 00AC5160 Relevance: 1.8, Strings: 1, Instructions: 577COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %1.17g
                                                                                                                                                                  • API String ID: 0-1551345525
                                                                                                                                                                  • Opcode ID: d67c433c2aafea8ee7b5470d2c156e9bbea842d7543c41dbde0403c42de30ab8
                                                                                                                                                                  • Instruction ID: 9c83c001bba4939aa43703ac2f7ea10e3fa56e78abdea0f10158cb89f36c4898
                                                                                                                                                                  • Opcode Fuzzy Hash: d67c433c2aafea8ee7b5470d2c156e9bbea842d7543c41dbde0403c42de30ab8
                                                                                                                                                                  • Instruction Fuzzy Hash: AD22A1B6E08B428BE7158F289940B26BBA2AFA1314F1E856DF8594B341E771FCC5C741
                                                                                                                                                                  Function 00AF12D0 Relevance: 1.7, Strings: 1, Instructions: 484COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: "
                                                                                                                                                                  • API String ID: 0-123907689
                                                                                                                                                                  • Opcode ID: 1e36e4a90a5bcd9904d9a2755a98640d2f51fe7f53356f7c076c40d918f289ea
                                                                                                                                                                  • Instruction ID: 4271f092ed29110a52bdf7f711f1d826c5023955ca299aa7cb425812e14bde18
                                                                                                                                                                  • Opcode Fuzzy Hash: 1e36e4a90a5bcd9904d9a2755a98640d2f51fe7f53356f7c076c40d918f289ea
                                                                                                                                                                  • Instruction Fuzzy Hash: EAF13571A083498FC724CF65C490A3BBBE6AFC5350F18C96DF99A8B382D635DD058792
                                                                                                                                                                  Function 00AEAE57 Relevance: 1.7, Strings: 1, Instructions: 455COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 0-3233224373
                                                                                                                                                                  • Opcode ID: 5087a9f85a74570f50e028006c0e457e90dbd0d48fc5615c3b12a82fa72e6042
                                                                                                                                                                  • Instruction ID: 3b1385b5e6aeda6a3fc4e7b6e8bbb12a29f27716b360531d9dc2dd2c4925a1f6
                                                                                                                                                                  • Opcode Fuzzy Hash: 5087a9f85a74570f50e028006c0e457e90dbd0d48fc5615c3b12a82fa72e6042
                                                                                                                                                                  • Instruction Fuzzy Hash: 25E1BA71518346CBC324DF2AC4945AFB3F2FF98791F54891CE5C587260E730AA55CBA2
                                                                                                                                                                  Function 00AD6EBF Relevance: 1.7, Strings: 1, Instructions: 447COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 0-3233224373
                                                                                                                                                                  • Opcode ID: b4db055ea121b3dd21aefdd161e0f7ac1a7ee6b2d9faeaba075d8573d59f1fb3
                                                                                                                                                                  • Instruction ID: 53fb1885ee2bc5bec16cfd78ea8e9945c975535e1c9319a0b00eb5363bb04b7d
                                                                                                                                                                  • Opcode Fuzzy Hash: b4db055ea121b3dd21aefdd161e0f7ac1a7ee6b2d9faeaba075d8573d59f1fb3
                                                                                                                                                                  • Instruction Fuzzy Hash: D9F19BB5A00A01CFD734DF25D981A26B3F6FF58354B148A2EE49787BA1EB35E815CB40
                                                                                                                                                                  Function 00AE7E60 Relevance: 1.7, Strings: 1, Instructions: 425COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 0-3233224373
                                                                                                                                                                  • Opcode ID: 882afb45bdd680188eb4314b340c46cbd15b091394b0df227edd989628a12647
                                                                                                                                                                  • Instruction ID: 055b9345a4ccd0af8c37393e4166fde8b6c4b0027acce2c04a98e18b957947f2
                                                                                                                                                                  • Opcode Fuzzy Hash: 882afb45bdd680188eb4314b340c46cbd15b091394b0df227edd989628a12647
                                                                                                                                                                  • Instruction Fuzzy Hash: 61C1B071508340ABD710EF16C882A2BB7F5EF95754F08891CF8C99B291E739ED15CBA2
                                                                                                                                                                  Function 00AE8D62 Relevance: 1.7, Strings: 1, Instructions: 410COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 0-3233224373
                                                                                                                                                                  • Opcode ID: e12328fa0d2c6a7c5a0bc12c39fdd4bee4a23555a234270fe14f9858b5c696b7
                                                                                                                                                                  • Instruction ID: 0b7876cd4e28ba73330e04f300b4882bd1c1df493f92b55fb0768515cdbe01c3
                                                                                                                                                                  • Opcode Fuzzy Hash: e12328fa0d2c6a7c5a0bc12c39fdd4bee4a23555a234270fe14f9858b5c696b7
                                                                                                                                                                  • Instruction Fuzzy Hash: FAD1E070628342DFD704EF65EC91A6AB7E5FF89304F89887CE88687291DB74E940CB51
                                                                                                                                                                  Function 00B07FC0 Relevance: 1.6, Strings: 1, Instructions: 387COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: P
                                                                                                                                                                  • API String ID: 0-3110715001
                                                                                                                                                                  • Opcode ID: 5cd2ce99535949e2103b79a24bd7e1bc026800b0432d6fd94e24fe39be10ee85
                                                                                                                                                                  • Instruction ID: 2cdcf7b1b3bd32679fb2598582a6f40eb4ea8f940cbdb62cadaa07bae0a0134e
                                                                                                                                                                  • Opcode Fuzzy Hash: 5cd2ce99535949e2103b79a24bd7e1bc026800b0432d6fd94e24fe39be10ee85
                                                                                                                                                                  • Instruction Fuzzy Hash: C7D1D4729082658FC725CE18D89071FBAE1EB85718F15866CE8E5AB3D0DB71DD06C7C1
                                                                                                                                                                  Function 00AECCD0 Relevance: 1.6, Strings: 1, Instructions: 357COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 2994545307-3233224373
                                                                                                                                                                  • Opcode ID: 6d57bc6e77d6704742945464706c20bcaa15d66c0754bbeb84c4d8c065aff148
                                                                                                                                                                  • Instruction ID: d4a543b8b52a5a3f36235774b32f7b15cdd3a5b5f399737d361027c85da75998
                                                                                                                                                                  • Opcode Fuzzy Hash: 6d57bc6e77d6704742945464706c20bcaa15d66c0754bbeb84c4d8c065aff148
                                                                                                                                                                  • Instruction Fuzzy Hash: EEB1FF706083859BD714DF1AD881B3BBBF2EF85360F18492CE5C58B291E335E956CB92
                                                                                                                                                                  Function 00ACA850 Relevance: 1.5, Strings: 1, Instructions: 271COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: ,
                                                                                                                                                                  • API String ID: 0-3772416878
                                                                                                                                                                  • Opcode ID: 6a3fef2072c4110c7e08f213014c8aa891b97c95317c3c670d38149bab24221c
                                                                                                                                                                  • Instruction ID: 71d0d823128a1e5d9bf0bcc638521ceca85be79a0624d2b4264760d55026d241
                                                                                                                                                                  • Opcode Fuzzy Hash: 6a3fef2072c4110c7e08f213014c8aa891b97c95317c3c670d38149bab24221c
                                                                                                                                                                  • Instruction Fuzzy Hash: 0CB129711083859FD324CF68C880B1BBBE1AFA9708F458A2DF5D997342D671EA18CB57
                                                                                                                                                                  Function 00AFFC20 Relevance: 1.5, Strings: 1, Instructions: 265COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 0-3233224373
                                                                                                                                                                  • Opcode ID: 65c5952885989545a614206466e7d9dd6934ca026d497c36776257fc08ce4c2f
                                                                                                                                                                  • Instruction ID: d1d6c6cf108941d8c19ff3b265e431309e13f4521f6750bbc37e964536ac86a8
                                                                                                                                                                  • Opcode Fuzzy Hash: 65c5952885989545a614206466e7d9dd6934ca026d497c36776257fc08ce4c2f
                                                                                                                                                                  • Instruction Fuzzy Hash: 6281AB71608309EFD720DF98D885A2ABBF5FF99705F44882CF68497291DB31D815CB62
                                                                                                                                                                  Function 00ADD457 Relevance: 1.5, Strings: 1, Instructions: 248COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 0-3233224373
                                                                                                                                                                  • Opcode ID: 4392c21b0c2f3d370299d33ef21e550aa5b685f2e6ebb55faffe002c6a3634d2
                                                                                                                                                                  • Instruction ID: ae14694140a530408f76604c6b679685744a1233c4db2544032ea87984712867
                                                                                                                                                                  • Opcode Fuzzy Hash: 4392c21b0c2f3d370299d33ef21e550aa5b685f2e6ebb55faffe002c6a3634d2
                                                                                                                                                                  • Instruction Fuzzy Hash: 83610171918204DBD710EF18EC82A6AB3B1FF94354F48492DF88A9B391E775E910C792
                                                                                                                                                                  Function 00B04A40 Relevance: 1.5, Strings: 1, Instructions: 220COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 0-3233224373
                                                                                                                                                                  • Opcode ID: b805953c3e9ac931d9b9f8339b60d579166592dfbdaf5f057bba7b8692f87ec4
                                                                                                                                                                  • Instruction ID: 6a6bd3cb53210166ce0e8af3bc3152fd0be4033f323328708a1d4cbb9aba414a
                                                                                                                                                                  • Opcode Fuzzy Hash: b805953c3e9ac931d9b9f8339b60d579166592dfbdaf5f057bba7b8692f87ec4
                                                                                                                                                                  • Instruction Fuzzy Hash: F261CFB16083419BE721DF25D880B2ABFE6EBC4314F58899CEAC5872D1D771EC54CB92
                                                                                                                                                                  Function 00ACE1A0 Relevance: 1.4, Strings: 1, Instructions: 175COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  • 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F8081, xrefs: 00ACE333
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F8081
                                                                                                                                                                  • API String ID: 0-2471034898
                                                                                                                                                                  • Opcode ID: 3a36430c5c7bfa30d654478a39d9051229cef2d1b7ae025c5d3430307b399289
                                                                                                                                                                  • Instruction ID: ec50fa74ed801859ff9db04ce9704add950ab97d6c7634892cc830b7ecb458a1
                                                                                                                                                                  • Opcode Fuzzy Hash: 3a36430c5c7bfa30d654478a39d9051229cef2d1b7ae025c5d3430307b399289
                                                                                                                                                                  • Instruction Fuzzy Hash: 07511533A196D04BD728CA3C4C567A96ED70FA2334B2EC76EE9F18B3E1D65588008390
                                                                                                                                                                  Function 00B03920 Relevance: 1.4, Strings: 1, Instructions: 172COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 0-3233224373
                                                                                                                                                                  • Opcode ID: 040694cb97fbba82253010ec2e8a47bd7b2fa339dce0bfb3aded6955ff990569
                                                                                                                                                                  • Instruction ID: 9f301d78e0f7a9e74f3ea57df556be2c636aeef4082cf810a26292bbb2a35261
                                                                                                                                                                  • Opcode Fuzzy Hash: 040694cb97fbba82253010ec2e8a47bd7b2fa339dce0bfb3aded6955ff990569
                                                                                                                                                                  • Instruction Fuzzy Hash: F1519E34609200DBCB24DF55D888A2EBFE9EF85B44F18889CE4C687291D772DE10CB62
                                                                                                                                                                  Function 00AD1BEE Relevance: 1.4, Strings: 1, Instructions: 128COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: L3
                                                                                                                                                                  • API String ID: 0-2730849248
                                                                                                                                                                  • Opcode ID: 7c08ded40fe02705c05235ed3fdcfe90e28c091439013fc0bd41531251adc57a
                                                                                                                                                                  • Instruction ID: 80502d1916eaf76428aac6ddc9c4f66ab65efd38278476203cc4701cc24e4c44
                                                                                                                                                                  • Opcode Fuzzy Hash: 7c08ded40fe02705c05235ed3fdcfe90e28c091439013fc0bd41531251adc57a
                                                                                                                                                                  • Instruction Fuzzy Hash: 4A4172B4018380ABC7149F64D894A2FBBF0FF96714F04891DF5D69B290D73ACA05CB5A
                                                                                                                                                                  Function 00AFFF70 Relevance: 1.4, Strings: 1, Instructions: 124COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 0-3233224373
                                                                                                                                                                  • Opcode ID: 742dbf890cd8c7a02e8db3d188da192e6ea593086d929f51c7076b5252d1f5ff
                                                                                                                                                                  • Instruction ID: 4b2661fe146a8960526ac887365133dbadc10857f366dd2da31eb66b11b8ed9d
                                                                                                                                                                  • Opcode Fuzzy Hash: 742dbf890cd8c7a02e8db3d188da192e6ea593086d929f51c7076b5252d1f5ff
                                                                                                                                                                  • Instruction Fuzzy Hash: 923108B1A18309ABD610FA54DC81F2BBBE9EB85744F544868F885D72D2F632DC14C763
                                                                                                                                                                  Function 00AEE40C Relevance: 1.4, Strings: 1, Instructions: 108COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: 72?1
                                                                                                                                                                  • API String ID: 0-1649870076
                                                                                                                                                                  • Opcode ID: 0be80de73b5e45f8149b4108efad8d8f1ede17e1865fef89f36666bac2ae76ab
                                                                                                                                                                  • Instruction ID: 6706e3a68633bfb115eed354bf3e5ab4a8ae9e064313fdb35adacc2b749c625c
                                                                                                                                                                  • Opcode Fuzzy Hash: 0be80de73b5e45f8149b4108efad8d8f1ede17e1865fef89f36666bac2ae76ab
                                                                                                                                                                  • Instruction Fuzzy Hash: 4D310AB5D00245CFCB20DF9AE9809AFBBB5FB06745F54482CE546A7301D731AD05CBA1
                                                                                                                                                                  Function 00AD6F91 Relevance: 1.4, Strings: 1, Instructions: 108COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: %*+(
                                                                                                                                                                  • API String ID: 0-3233224373
                                                                                                                                                                  • Opcode ID: 1e367a8148d8b3be62245c9e123ca57b240b952ab346cd5e97ac9a2daffb3599
                                                                                                                                                                  • Instruction ID: cdcabc42b115f4c8eaea840b69f50f62e5a82cbbebc2eee83577389cdd87257a
                                                                                                                                                                  • Opcode Fuzzy Hash: 1e367a8148d8b3be62245c9e123ca57b240b952ab346cd5e97ac9a2daffb3599
                                                                                                                                                                  • Instruction Fuzzy Hash: B8414275215B04DBD7398F61C995B2ABBF2FB49700F548819E58B9BBA1E731F8008B20
                                                                                                                                                                  Function 00AEE66A Relevance: 1.4, Strings: 1, Instructions: 100COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID: 72?1
                                                                                                                                                                  • API String ID: 0-1649870076
                                                                                                                                                                  • Opcode ID: cf98d02336aa49b7771c24128c8fcd88ecc963206c9a28ada56833e9216c6e83
                                                                                                                                                                  • Instruction ID: 0f811ccce6f6e874a4a56ef7a1c49a34a3aee7845c2a2cbb9937c14c36dccfc1
                                                                                                                                                                  • Opcode Fuzzy Hash: cf98d02336aa49b7771c24128c8fcd88ecc963206c9a28ada56833e9216c6e83
                                                                                                                                                                  • Instruction Fuzzy Hash: F121F4B1900345CFC720CF9AD980AAFBBB5FB0A780F54481CE546AB301C331AD02CBA1
                                                                                                                                                                  Function 00B09CE0 Relevance: 1.3, Strings: 1, Instructions: 87COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Strings
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                  • String ID: @
                                                                                                                                                                  • API String ID: 2994545307-2766056989
                                                                                                                                                                  • Opcode ID: 4f4436e3c599738f8c24fd121dad336a27f89265236ed64d7a2ae2f9815fa190
                                                                                                                                                                  • Instruction ID: 14400d8afcbda1d9dba906c896cd6a167c8976bf40b4147ee516b84fbaefda02
                                                                                                                                                                  • Opcode Fuzzy Hash: 4f4436e3c599738f8c24fd121dad336a27f89265236ed64d7a2ae2f9815fa190
                                                                                                                                                                  • Instruction Fuzzy Hash: 3D3178705083009BD310EF14D880A2BFBF9EF9A314F548A6CE5C597292D335D904CBA6
                                                                                                                                                                  Function 00AD4E2A Relevance: 1.0, Instructions: 957COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: ba52baaa31fdc69534314777d50646f7861a008300648a53368970b6574220f0
                                                                                                                                                                  • Instruction ID: 273b84d6d18d2f1942c0f0fb4783444406281d2318c990e1315d7e9062aacb38
                                                                                                                                                                  • Opcode Fuzzy Hash: ba52baaa31fdc69534314777d50646f7861a008300648a53368970b6574220f0
                                                                                                                                                                  • Instruction Fuzzy Hash: CC6246B4A00B408FD725CF25D990B26B7F6AF59700F548A2ED49B8BB52E735F804CB91
                                                                                                                                                                  Function 00ACBEB0 Relevance: .9, Instructions: 895COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 30cb9a533554be97e06675d3460cdff0be9d55b2c6c1132c24f0b6137cc6b4a7
                                                                                                                                                                  • Instruction ID: 9e4ff66748365beab1814d3a28425a34338cdad837e05ec1792d6fcad317ffb3
                                                                                                                                                                  • Opcode Fuzzy Hash: 30cb9a533554be97e06675d3460cdff0be9d55b2c6c1132c24f0b6137cc6b4a7
                                                                                                                                                                  • Instruction Fuzzy Hash: EE5209319087118BC7259F18D5407BBF3E1FFD5329F2A8A2DD9DA97280E734A851CB86
                                                                                                                                                                  Function 00B08652 Relevance: .7, Instructions: 710COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 73f8e429e6d756a0d602ffc359dacc3c984972570e05cbcdef8537104d52c3c2
                                                                                                                                                                  • Instruction ID: 886405f662626b3e60e1a7bc93ce263f09bc20a446ff88ee52ac6b761dfcae27
                                                                                                                                                                  • Opcode Fuzzy Hash: 73f8e429e6d756a0d602ffc359dacc3c984972570e05cbcdef8537104d52c3c2
                                                                                                                                                                  • Instruction Fuzzy Hash: BA22EE35608340DFC704DF68E89066ABBF1FF89315F4988ADE58987391DB31D960CB82
                                                                                                                                                                  Function 00B086F0 Relevance: .7, Instructions: 681COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 7c50ef1358137fecc8514da8d451f3cdd86ee1a6b839af2b8188d4856e1e63b6
                                                                                                                                                                  • Instruction ID: e59a852dc705612c1444ddffc699a41f05eff85026d4506781aa4eaee75fbe5d
                                                                                                                                                                  • Opcode Fuzzy Hash: 7c50ef1358137fecc8514da8d451f3cdd86ee1a6b839af2b8188d4856e1e63b6
                                                                                                                                                                  • Instruction Fuzzy Hash: A122AA35608340DFC704DF68E89065ABBF1FB8A305F5989ADE5C987392DB35D960CB82
                                                                                                                                                                  Function 00ACB3A0 Relevance: .7, Instructions: 670COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 7a7954b70b52adbc5bf543b6220140a6bf67160a275d05ba126f3bdf34b3c2b1
                                                                                                                                                                  • Instruction ID: 6e96ea46970d23e3ef95b868e4d331f58609ef4e34d106d03554e863288edbee
                                                                                                                                                                  • Opcode Fuzzy Hash: 7a7954b70b52adbc5bf543b6220140a6bf67160a275d05ba126f3bdf34b3c2b1
                                                                                                                                                                  • Instruction Fuzzy Hash: 8F52FA709187888FE735CB24C086BA7BBE1EF95314F164C2DC5E706B82C77AA885C765
                                                                                                                                                                  Function 00AC71F0 Relevance: .7, Instructions: 657COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 45aa4d49bf88be92cb91d2ff51d3da0fb1aebdc8151a872b857cb953581c7354
                                                                                                                                                                  • Instruction ID: ced2f28fdec48c874a46bd04aa2822e0f2e49059f971b9c84a514a887c0bf542
                                                                                                                                                                  • Opcode Fuzzy Hash: 45aa4d49bf88be92cb91d2ff51d3da0fb1aebdc8151a872b857cb953581c7354
                                                                                                                                                                  • Instruction Fuzzy Hash: 80527D7150C3458BCB15CF29C090BAEBBE1BF88314F1A8A6DE89A5B351D774D989CF81
                                                                                                                                                                  Function 00AC8FD0 Relevance: .6, Instructions: 620COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 9e7988f9eb0f649d4889b6c73bd60765b89fa219d16eb98e14d37f387d4d7dcc
                                                                                                                                                                  • Instruction ID: 67413851235e09781afeaae543f79ccb0867d887be8e3fe25b68a551f1cc6b6c
                                                                                                                                                                  • Opcode Fuzzy Hash: 9e7988f9eb0f649d4889b6c73bd60765b89fa219d16eb98e14d37f387d4d7dcc
                                                                                                                                                                  • Instruction Fuzzy Hash: D5425675608301DFD708CF28D854B9ABBE1BF98315F09886DE4A58B3A1DB35D985CF42
                                                                                                                                                                  Function 00AC7BF0 Relevance: .6, Instructions: 592COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 217e1fc2ec9e550f46012807ae742df811781a1b085bb49d44082822607c24a0
                                                                                                                                                                  • Instruction ID: 4ea0889e8ebfe117571324902e393445ca082b25dfca2efc75d4cb80cd38bbac
                                                                                                                                                                  • Opcode Fuzzy Hash: 217e1fc2ec9e550f46012807ae742df811781a1b085bb49d44082822607c24a0
                                                                                                                                                                  • Instruction Fuzzy Hash: D4321270518B118FC378CF29C590A6ABBF1BF45710B654A2ED6A787B90DB36F845CB10
                                                                                                                                                                  Function 00B089A0 Relevance: .5, Instructions: 545COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 4a22e6a9803b5ed8325a5240a0dee1cdd7f51ef6c41511c09fc5661bca703e09
                                                                                                                                                                  • Instruction ID: 4be58e40d3323e61f79752da20c2788c0fc82c0ca0867b9cf71f0e842a312344
                                                                                                                                                                  • Opcode Fuzzy Hash: 4a22e6a9803b5ed8325a5240a0dee1cdd7f51ef6c41511c09fc5661bca703e09
                                                                                                                                                                  • Instruction Fuzzy Hash: 0A02A935608341DFC704DF68E880A1AFBE1EF8A305F4989ADE4C5873A2D736D954CB92
                                                                                                                                                                  Function 00B08A80 Relevance: .5, Instructions: 524COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: e92566a1c0c2f114d5f1e51a8750bcc20832d69a3276a1608a3e7850198752b0
                                                                                                                                                                  • Instruction ID: 052bf44c0a607ade20959706d176a40dcc0eb6ecb0b1c7998dbce331a4015c7b
                                                                                                                                                                  • Opcode Fuzzy Hash: e92566a1c0c2f114d5f1e51a8750bcc20832d69a3276a1608a3e7850198752b0
                                                                                                                                                                  • Instruction Fuzzy Hash: EFF1883560C341DFC704EF28E88061AFBE1EB8A305F4989ADE4D987292D736D954CB92
                                                                                                                                                                  Function 00B08C02 Relevance: .5, Instructions: 487COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 9f640f76e1f85ddf2c69fdbb7be990364f20b7cd8320be40373b9ed984d51278
                                                                                                                                                                  • Instruction ID: 6f19dfbb49b5555d0d7d7882ddad308813ba1c9c73dbe2637a08f67e201b6b52
                                                                                                                                                                  • Opcode Fuzzy Hash: 9f640f76e1f85ddf2c69fdbb7be990364f20b7cd8320be40373b9ed984d51278
                                                                                                                                                                  • Instruction Fuzzy Hash: 2CE1BE31618341CFC704DF28E88066AFBE1FB8A315F4989ACE5D987392D736D950CB92
                                                                                                                                                                  Function 00ACA300 Relevance: .5, Instructions: 459COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 8dbf8a9190905fd82ba4d34b3568b61c3c587483ba5650872ac470c2db95d517
                                                                                                                                                                  • Instruction ID: 5f4c8de858f2c4d259e627ba8af3f752d0c8ca93129aaee6a87c0dae8f77b3c5
                                                                                                                                                                  • Opcode Fuzzy Hash: 8dbf8a9190905fd82ba4d34b3568b61c3c587483ba5650872ac470c2db95d517
                                                                                                                                                                  • Instruction Fuzzy Hash: 8BF1AE756087458FC724CF29C881B6BFBE2AFE8304F08882DE4D987751E639E945CB52
                                                                                                                                                                  Function 00B08E70 Relevance: .4, Instructions: 420COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: ae98e2df1ecca6409beef7b501ccb3d06e532e495622afe1743941ae6d25e71f
                                                                                                                                                                  • Instruction ID: 90afcec1d72b6124eb14fbcb228f961e376ed4d1d451397ddbbad08a4cae2e3d
                                                                                                                                                                  • Opcode Fuzzy Hash: ae98e2df1ecca6409beef7b501ccb3d06e532e495622afe1743941ae6d25e71f
                                                                                                                                                                  • Instruction Fuzzy Hash: 7FD19C3461C340DFD704EF28E89062AFBF5EB8A305F4989ADE4D587292D736D950CB92
                                                                                                                                                                  Function 00AD4487 Relevance: .4, Instructions: 389COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: d91ea7491d1f3185b46e9a34c124ebebb9593caab5819ea7b49363ce9ccf0008
                                                                                                                                                                  • Instruction ID: c151f0ef2935b0cc248c089af82ccb78ab7445129fcd6967d55f6eaf48c1637b
                                                                                                                                                                  • Opcode Fuzzy Hash: d91ea7491d1f3185b46e9a34c124ebebb9593caab5819ea7b49363ce9ccf0008
                                                                                                                                                                  • Instruction Fuzzy Hash: EEE1D0B5601B008FD365CF28D992B97B7E1FF0A705F04886DE4AA87B52EB35B814CB54
                                                                                                                                                                  Function 00B06CBF Relevance: .4, Instructions: 384COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 92f0d18ea163a6394abd62462b47fc95225ba9a4d8a5348e5bec6d2de1bffa31
                                                                                                                                                                  • Instruction ID: 80ec23552a689dfea8d856aac1be12e9283755c67e8bc13ba9c23ae2c3f790a9
                                                                                                                                                                  • Opcode Fuzzy Hash: 92f0d18ea163a6394abd62462b47fc95225ba9a4d8a5348e5bec6d2de1bffa31
                                                                                                                                                                  • Instruction Fuzzy Hash: 86D1E236618355CFC724CF38D8C056ABBE2EB89314F498A6CD495C7391EB34DA45CB91
                                                                                                                                                                  Function 00B07AB0 Relevance: .4, Instructions: 354COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: b78c90a54fa58ef2f3fa141098aa3cb10c82c0e7090698d3b4cb65b6a601f60c
                                                                                                                                                                  • Instruction ID: 9808bf8344d73001124c99f89fb21bdde1585cc2bcd17a83c606868f26ff76f3
                                                                                                                                                                  • Opcode Fuzzy Hash: b78c90a54fa58ef2f3fa141098aa3cb10c82c0e7090698d3b4cb65b6a601f60c
                                                                                                                                                                  • Instruction Fuzzy Hash: BDB11572E483504BE724DA28CC45B6BFBE9EBC5314F0449ACE999973C1EE35EC058792
                                                                                                                                                                  Function 00ACAF10 Relevance: .3, Instructions: 303COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 9c6117061885288c1b39a5b943f8482e52345fd8b1a48c2f17ef7dcb0cf10c7c
                                                                                                                                                                  • Instruction ID: 80cd9042451162d88daa3db7912d7661a1a6184314888f7807763e97e4a69e99
                                                                                                                                                                  • Opcode Fuzzy Hash: 9c6117061885288c1b39a5b943f8482e52345fd8b1a48c2f17ef7dcb0cf10c7c
                                                                                                                                                                  • Instruction Fuzzy Hash: 18C19AB2A187418FC320CF68DC96BABB7E1BF85318F09492CD1D9C6242E738A155CB16
                                                                                                                                                                  Function 00AD6536 Relevance: .3, Instructions: 295COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 3792b6c0dc4b4c956c764d46c360a71a317b4fe0d82a1568e542642380d12ba9
                                                                                                                                                                  • Instruction ID: 78155eb565df7e0699a0a225cacb279c874b0f5e528bc9210c2e51a070105fe8
                                                                                                                                                                  • Opcode Fuzzy Hash: 3792b6c0dc4b4c956c764d46c360a71a317b4fe0d82a1568e542642380d12ba9
                                                                                                                                                                  • Instruction Fuzzy Hash: F6B111B4600B408BD3258F24DA91B67BBF1AF4A704F14885DE8AB8BB52E735F805CB54
                                                                                                                                                                  Function 00B07710 Relevance: .3, Instructions: 287COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                  • Opcode ID: 7e5fa8c712a146726750ebdddfee1c8c1d940a11cc985d7311b338970634a9ea
                                                                                                                                                                  • Instruction ID: 624dd0df001e748e8bccb91b9b6346bd48965fea8e3273545b9aa8beed96b6a5
                                                                                                                                                                  • Opcode Fuzzy Hash: 7e5fa8c712a146726750ebdddfee1c8c1d940a11cc985d7311b338970634a9ea
                                                                                                                                                                  • Instruction Fuzzy Hash: E5917C71A48301ABE720DA15DC81BAFFBE5EB85350F54889CF584973D1EB30E940CB92
                                                                                                                                                                  Function 00C7F9CC Relevance: .3, Instructions: 284COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 32309b37fca9cf8d342be1eea6e8c2f7dc7b9323920f0b6c409fe36a11bf8612
                                                                                                                                                                  • Instruction ID: 064cd5272d8a3bf4c6efc2875f87beae46c996f4f2a0eafa3d0aa836851d1673
                                                                                                                                                                  • Opcode Fuzzy Hash: 32309b37fca9cf8d342be1eea6e8c2f7dc7b9323920f0b6c409fe36a11bf8612
                                                                                                                                                                  • Instruction Fuzzy Hash: CBA18DB3F1122547F3544979CDA83A26683DBD4321F2F82788F496BBCAD97E5C0A5384
                                                                                                                                                                  Function 00B0A0D0 Relevance: .3, Instructions: 282COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: d07197c108abc97fffc3594bdc72ac9ba02576f455ad3f805302e59175c31dc9
                                                                                                                                                                  • Instruction ID: 6ac82bac930e669ee1b8daf648f09fabfd233208ccfc3b709846ad2a2da2b2ba
                                                                                                                                                                  • Opcode Fuzzy Hash: d07197c108abc97fffc3594bdc72ac9ba02576f455ad3f805302e59175c31dc9
                                                                                                                                                                  • Instruction Fuzzy Hash: 46818B342087018BD724DF28D890A2EBBF5FF89740F5589ACE5869B291E731EC10CB92
                                                                                                                                                                  Function 00AF64F0 Relevance: .2, Instructions: 246COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: c8b5d9b8937786436eec36fa209a3ef86c47ea6daa1e49ea510afd17c6e6fc2c
                                                                                                                                                                  • Instruction ID: 6455a45689a82abab8f1c5d54ca8841aeaee34c18c0de5dbb17be6612b576138
                                                                                                                                                                  • Opcode Fuzzy Hash: c8b5d9b8937786436eec36fa209a3ef86c47ea6daa1e49ea510afd17c6e6fc2c
                                                                                                                                                                  • Instruction Fuzzy Hash: 2171C633B69A944BC3149DBC4C823A5AA535BE6334B3DC379FAB4DB3E5D6294C064350
                                                                                                                                                                  Function 00AE28E9 Relevance: .2, Instructions: 244COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: cfb3754543e91d19e7f4ee9db5b5f3c8712f7a1ea653f034d943abbb35f9f727
                                                                                                                                                                  • Instruction ID: bf3f5cb09ba49592a2c2820907d015dbb9d72d9e392d2625ecc655de388712ea
                                                                                                                                                                  • Opcode Fuzzy Hash: cfb3754543e91d19e7f4ee9db5b5f3c8712f7a1ea653f034d943abbb35f9f727
                                                                                                                                                                  • Instruction Fuzzy Hash: 1E6175B44183808BD310AF1AD851B2ABBF5EFA6760F08891CE4C59B261E379D910CB66
                                                                                                                                                                  Function 00AE7C00 Relevance: .2, Instructions: 243COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 3aa2d6e86f148246b9fb3f78475b3bf8d4c81328ad507248cc1f1864cab7e597
                                                                                                                                                                  • Instruction ID: 3f0d123186fc2272a95dbbeaba88d4973b3731b91a9cacc5a63f1b591433ba5d
                                                                                                                                                                  • Opcode Fuzzy Hash: 3aa2d6e86f148246b9fb3f78475b3bf8d4c81328ad507248cc1f1864cab7e597
                                                                                                                                                                  • Instruction Fuzzy Hash: CE51AFB1608244ABDB209B29CC96F7B33B8EF85764F144958F9868B291F375DC05C762
                                                                                                                                                                  Function 00C2A81E Relevance: .2, Instructions: 235COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 78eb7a4b5dccd3d52c1f2f80874951690179e4d90db9bed434383fa8c386549d
                                                                                                                                                                  • Instruction ID: 8cdaf433f58c4dac870f82f458d09b7e20f127813344cda07434e52b699ff057
                                                                                                                                                                  • Opcode Fuzzy Hash: 78eb7a4b5dccd3d52c1f2f80874951690179e4d90db9bed434383fa8c386549d
                                                                                                                                                                  • Instruction Fuzzy Hash: 1B7146F39087149FE304AE29EC8177BB7E5EB48320F1A493DEAC4D3740E97958408687
                                                                                                                                                                  Function 00AF1860 Relevance: .2, Instructions: 217COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 6d108e008403b3c92b59985e25fae4eb0cb21936506a5ffd7efe5999b9cc5533
                                                                                                                                                                  • Instruction ID: 71b235e03637fd6fc28b1f05c9b96c18429200b4d5d185a3ba5edb431982f3d2
                                                                                                                                                                  • Opcode Fuzzy Hash: 6d108e008403b3c92b59985e25fae4eb0cb21936506a5ffd7efe5999b9cc5533
                                                                                                                                                                  • Instruction Fuzzy Hash: 7E61BC31609309EBD714DFA9C5C073EBBE2ABC5390F64C92DF6898B255D2B0DD819781
                                                                                                                                                                  Function 00AF82D0 Relevance: .2, Instructions: 215COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 1fee5667e864d496b18bec56bc46ee8c0a937ff67174a6e43c9308cb12140956
                                                                                                                                                                  • Instruction ID: 02a9ca7983d87e4f8a34a552087790597b724491228b97bb8d6f21ec6cadf83c
                                                                                                                                                                  • Opcode Fuzzy Hash: 1fee5667e864d496b18bec56bc46ee8c0a937ff67174a6e43c9308cb12140956
                                                                                                                                                                  • Instruction Fuzzy Hash: E7613633B5AA954BC32446BC5C553B66A931BE2730F3EC366AAB18F3F4CE6D48014341
                                                                                                                                                                  Function 00AD42FC Relevance: .2, Instructions: 206COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 7b84310460e9f98668bfa31571302a51247411d2897b912664de3a9965f0b734
                                                                                                                                                                  • Instruction ID: a468e85a35cbe7a274afb24e965eeca197d8c6bce60a2ae40e7795f6002b3749
                                                                                                                                                                  • Opcode Fuzzy Hash: 7b84310460e9f98668bfa31571302a51247411d2897b912664de3a9965f0b734
                                                                                                                                                                  • Instruction Fuzzy Hash: 6681C2B4810B00AFD360EF39DA47757BEF4AB06601F404A2DE4EA97695E7306459CBE3
                                                                                                                                                                  Function 00AFE8A0 Relevance: .2, Instructions: 189COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 53adb1b22930f8a695f789fdc3f4b943ccd6ac5fb5c634955e3c1cdf4e3fec6a
                                                                                                                                                                  • Instruction ID: dad549f72840f8610a2f0629e7b410d8bbbea172093cf942121bd26af8c7bac8
                                                                                                                                                                  • Opcode Fuzzy Hash: 53adb1b22930f8a695f789fdc3f4b943ccd6ac5fb5c634955e3c1cdf4e3fec6a
                                                                                                                                                                  • Instruction Fuzzy Hash: 56516CB15083548FE314DF69D49436BBBE1BB85358F044E2DE5E983390E379D6088F92
                                                                                                                                                                  Function 00B07520 Relevance: .2, Instructions: 176COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 34e76049f4dd138fb83d72f3c1b3c0fbccfad26cabbabe9a9278f04b1becb638
                                                                                                                                                                  • Instruction ID: 287564f5563f60b3f5b6b5a04b9fd8115ad39c543bbe2fd763f1cb6ad3a85921
                                                                                                                                                                  • Opcode Fuzzy Hash: 34e76049f4dd138fb83d72f3c1b3c0fbccfad26cabbabe9a9278f04b1becb638
                                                                                                                                                                  • Instruction Fuzzy Hash: D1510531A4C204ABC7159E18CC91B2EFBE6FB85354F688A6CE8D6573D1DA32FC108791
                                                                                                                                                                  Function 00AC5A50 Relevance: .2, Instructions: 163COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 8261f6d7cc0ec8e0377d017ba7ec090f19167aea36b686e6f93e5d6f09f71920
                                                                                                                                                                  • Instruction ID: b20f904340973909506c80cd027208cb7af6d641c380e6e1a089b518d3f1ec86
                                                                                                                                                                  • Opcode Fuzzy Hash: 8261f6d7cc0ec8e0377d017ba7ec090f19167aea36b686e6f93e5d6f09f71920
                                                                                                                                                                  • Instruction Fuzzy Hash: C4519075E047049FC714DF28C890E26B7A1FF85364F56466CF8999B352D631EC82CB92
                                                                                                                                                                  Function 00AEEC48 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 9ebd19746e7ba9557e2ab18a950e8fe88efe2c02533c68d8a64f3dcdeeb5247c
                                                                                                                                                                  • Instruction ID: 4f879093d2a6f15c423f64646f141d9db45ac8fb0827a61f0c7b7e2367f30c78
                                                                                                                                                                  • Opcode Fuzzy Hash: 9ebd19746e7ba9557e2ab18a950e8fe88efe2c02533c68d8a64f3dcdeeb5247c
                                                                                                                                                                  • Instruction Fuzzy Hash: E741CE7890035ADBDF20CF99DC91BADB7B0FF0A340F144548E945AB3A1EB38A951CB91
                                                                                                                                                                  Function 00B09B60 Relevance: .1, Instructions: 140COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 25cc7e3416de2f5e7fa3fc61754a21fab57599afa0e57b35d676f9c060817094
                                                                                                                                                                  • Instruction ID: e6410678fe5385fc49b422c69dbe70431dc2bd67f59b35776778dcdae4fb0bab
                                                                                                                                                                  • Opcode Fuzzy Hash: 25cc7e3416de2f5e7fa3fc61754a21fab57599afa0e57b35d676f9c060817094
                                                                                                                                                                  • Instruction Fuzzy Hash: D8419D34608300EBE720DF14D991B2BBBE6EB85750F5488ACF58997292D331EC00CB62
                                                                                                                                                                  Function 00C90C90 Relevance: .1, Instructions: 139COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 49e2a65594a42b9eb67ac131e5d2589fc9e82a7778e18e9baa32c4a7d86e1af8
                                                                                                                                                                  • Instruction ID: eebd8109d6989462ed1dee2a0ab697a9a730a971a686affd3cdb1d1f9d592b57
                                                                                                                                                                  • Opcode Fuzzy Hash: 49e2a65594a42b9eb67ac131e5d2589fc9e82a7778e18e9baa32c4a7d86e1af8
                                                                                                                                                                  • Instruction Fuzzy Hash: D24158F3D181305BE3182929EC86BABB799DF94230F1B062DEB95E7744D531580082D2
                                                                                                                                                                  Function 00AD2030 Relevance: .1, Instructions: 136COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 8722d34f42f6d3bd5c457f9f6ced0a1c1ac716a493039458ef4512fa0b620303
                                                                                                                                                                  • Instruction ID: 203e7d49beea04059ad5a768158588436791b9fbb7da37dbff03096a599222cd
                                                                                                                                                                  • Opcode Fuzzy Hash: 8722d34f42f6d3bd5c457f9f6ced0a1c1ac716a493039458ef4512fa0b620303
                                                                                                                                                                  • Instruction Fuzzy Hash: CC41E432A083654FD35CCF2A849433ABBE2ABD5300F09C62EE4E687394DA748D45DB81
                                                                                                                                                                  Function 00AD1E93 Relevance: .1, Instructions: 131COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 25ece949e74140e7b3af476476729df154b42682db74f7a029ce3152c4fa4c79
                                                                                                                                                                  • Instruction ID: ca5c6e54885ffbb545c6d87d21d93ae966c39ecd7104cfa1a64d7a39bf2d0c4a
                                                                                                                                                                  • Opcode Fuzzy Hash: 25ece949e74140e7b3af476476729df154b42682db74f7a029ce3152c4fa4c79
                                                                                                                                                                  • Instruction Fuzzy Hash: E0410F74508380ABD320AB59C884B2EFBF5FB9A344F14491EF6C597392C376E814CB66
                                                                                                                                                                  Function 00B08D8A Relevance: .1, Instructions: 124COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: ffc1b7469f649993ff11f842abe19da3a33683998748685ff5dc2b68e15ce3e5
                                                                                                                                                                  • Instruction ID: 4fbac1c5afed0392b22758c82e83704396d506ee8a883f19591f9222aa2866c0
                                                                                                                                                                  • Opcode Fuzzy Hash: ffc1b7469f649993ff11f842abe19da3a33683998748685ff5dc2b68e15ce3e5
                                                                                                                                                                  • Instruction Fuzzy Hash: 7341AB316083508FD714AF68C49052EFFE6EF99300F098BADE4D59B2A1DB74DE058B82
                                                                                                                                                                  Function 00ADD961 Relevance: .1, Instructions: 121COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 67ef718125666ef90c52c62e7a665097653c982d9cd5ba867fec8443fa6d4b21
                                                                                                                                                                  • Instruction ID: 2de826dbf207714c94262eb4e5cc79210be8fd5730da94cd1e86d650092e9b0d
                                                                                                                                                                  • Opcode Fuzzy Hash: 67ef718125666ef90c52c62e7a665097653c982d9cd5ba867fec8443fa6d4b21
                                                                                                                                                                  • Instruction Fuzzy Hash: 9D41ABB5648381CBD7309F14C885BABB7B0FF963A0F04495DE48A8BBA2E7754941CB53
                                                                                                                                                                  Function 00AFF030 Relevance: .1, Instructions: 104COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: c5be6113664422e96713363ec41851647c31506b086c17a8b3ff98e201e465e1
                                                                                                                                                                  • Instruction ID: a0e0c0f8a47cc91883eb794e84fdda60164e1cdd85c07dcec8ec45e08faea17a
                                                                                                                                                                  • Opcode Fuzzy Hash: c5be6113664422e96713363ec41851647c31506b086c17a8b3ff98e201e465e1
                                                                                                                                                                  • Instruction Fuzzy Hash: 772107329082284BC3249B99C48153BF7E4EF99704F06863EEAC4A7295E7359C14C7E5
                                                                                                                                                                  Function 00B067EF Relevance: .1, Instructions: 101COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 67b24d1ab3be3241325ba9d461ad0fee7800a7282178f94f61b5c0b003cb46e7
                                                                                                                                                                  • Instruction ID: 3efa5aec480f4595a91ce4d3a697c2b8726c9fe4bbca3e0f38cac3a697c320f4
                                                                                                                                                                  • Opcode Fuzzy Hash: 67b24d1ab3be3241325ba9d461ad0fee7800a7282178f94f61b5c0b003cb46e7
                                                                                                                                                                  • Instruction Fuzzy Hash: 413133705183829AE714CF14C490A2FBFF0EF96784F54984DF4C8AB2A1D738D995CB9A
                                                                                                                                                                  Function 00AE5E70 Relevance: .1, Instructions: 99COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: f07fe8a1cbe7bf3fa7a067b94b434ccd38088ab68cc7338da17e7626e2c1289a
                                                                                                                                                                  • Instruction ID: 6fe5d425bcd3ea5d64346720c9b0ed614bd8b09f5ba2a91f7495fe16adbcf792
                                                                                                                                                                  • Opcode Fuzzy Hash: f07fe8a1cbe7bf3fa7a067b94b434ccd38088ab68cc7338da17e7626e2c1289a
                                                                                                                                                                  • Instruction Fuzzy Hash: 0821B071908241DBC310AF29D95192BBBF4EF92768F44890CF4D99B292E334CE00CBA3
                                                                                                                                                                  Function 00AC49A0 Relevance: .1, Instructions: 95COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: cbe2eee255ce80e2df90ed4850d7395439c2c852be5922ee4a7cea5853ec6c97
                                                                                                                                                                  • Instruction ID: 7418fced3c09fb6bb24f220b93f6969ece2340df506590285632c8dd153d7c4d
                                                                                                                                                                  • Opcode Fuzzy Hash: cbe2eee255ce80e2df90ed4850d7395439c2c852be5922ee4a7cea5853ec6c97
                                                                                                                                                                  • Instruction Fuzzy Hash: E431CA316482109FD7149F59D890F2BB7F1EF8C359F1A892DE89A9B241D231DC52CB4A
                                                                                                                                                                  Function 00B064B8 Relevance: .1, Instructions: 83COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 4c0270035ff5268b0436d2f7c54fba1f003674f8512fc3290d524c18701976c7
                                                                                                                                                                  • Instruction ID: 0603e7896e2deea5e0f279a61bae6c94483646d49c0e8cbd2e8d5a9285e3d05c
                                                                                                                                                                  • Opcode Fuzzy Hash: 4c0270035ff5268b0436d2f7c54fba1f003674f8512fc3290d524c18701976c7
                                                                                                                                                                  • Instruction Fuzzy Hash: 6021737060C200DBD718EF19D880A2EFBE2FB95740F68889CE4C5933A1C730AC61CB62
                                                                                                                                                                  Function 00B05700 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: a2294397516307f9b8c76f9f9a70888ece9d152448f7a5564133ff0b5c1fa7b2
                                                                                                                                                                  • Instruction ID: 51bd82eed10e939f3871633c5909c0a484eb3589695e9b462795017bf91396f4
                                                                                                                                                                  • Opcode Fuzzy Hash: a2294397516307f9b8c76f9f9a70888ece9d152448f7a5564133ff0b5c1fa7b2
                                                                                                                                                                  • Instruction Fuzzy Hash: 2A11A07191C240EBD311AF28E844A1BBFF9EF8AB10F458868E4C49B291D735D910CB93
                                                                                                                                                                  Function 00AFB650 Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
                                                                                                                                                                  • Instruction ID: b57bb84466f8f07d7cf349578063a5a3f9b848e233cc54e33c20acd9a09f1d79
                                                                                                                                                                  • Opcode Fuzzy Hash: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
                                                                                                                                                                  • Instruction Fuzzy Hash: 4111C233A151D90EC3168E7CC840575BFB31AA7234B698399F4B8DB2D2D7328D8A9364
                                                                                                                                                                  Function 00AF0B80 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 90022ddfb32469098a8610d4b68e70bc315f5b0e8987f5b71d64abe4c0da561b
                                                                                                                                                                  • Instruction ID: 2238115f1c4c3d912dba5d23239ad1a54738c5499154c2ba1887405c4a9eabca
                                                                                                                                                                  • Opcode Fuzzy Hash: 90022ddfb32469098a8610d4b68e70bc315f5b0e8987f5b71d64abe4c0da561b
                                                                                                                                                                  • Instruction Fuzzy Hash: A501D4F1A0030647E720DF9199D0F3BB2A96F80B28F09452CFA4A57303DB71EC06C691
                                                                                                                                                                  Function 00AED1E1 Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 42051cbcbc362b3fa80ee0872b35bf8a751c6d66cc9827cb784f41823f63c069
                                                                                                                                                                  • Instruction ID: 02804ace146f7479e1a8d69db5589dca6b8932de5ba0f43e9fad1c5be35e8540
                                                                                                                                                                  • Opcode Fuzzy Hash: 42051cbcbc362b3fa80ee0872b35bf8a751c6d66cc9827cb784f41823f63c069
                                                                                                                                                                  • Instruction Fuzzy Hash: 7E11ECB0408380AFD3109F618584A2FFBE5EBA6754F148C0DF6A49B251C379E819CF56
                                                                                                                                                                  Function 00AC6EA0 Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: b03447301ec48570b4bf1ed14dfffc259364b8d0346e3ad3b858c5ae03b32f63
                                                                                                                                                                  • Instruction ID: d1177f0288c163bd9d48737b99010268ce851cea293945851b20a6cd6e86fe1e
                                                                                                                                                                  • Opcode Fuzzy Hash: b03447301ec48570b4bf1ed14dfffc259364b8d0346e3ad3b858c5ae03b32f63
                                                                                                                                                                  • Instruction Fuzzy Hash: BDF0B43A71921A0BA220CEAAA8C4D3BB3A6D7D9355B15553DEA41D3201DDB2E80691D0
                                                                                                                                                                  Function 00AFB8C0 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: dad40b8a8b0cf0c680be38028a9801f4e1e9da1297b4f3b9e1d9df466e9bee7e
                                                                                                                                                                  • Instruction ID: 6506d07c58c905065930edc77b6421f51c28c54387ea28b09faa2761b04cb969
                                                                                                                                                                  • Opcode Fuzzy Hash: dad40b8a8b0cf0c680be38028a9801f4e1e9da1297b4f3b9e1d9df466e9bee7e
                                                                                                                                                                  • Instruction Fuzzy Hash: 1E0162B3A199610B8348CE3DDC1156BBAD15BD5770F19872DBEF5CB3E0D230C8118695
                                                                                                                                                                  Function 00ADC5F0 Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: d8ebd7708255391ffa87ed53dd5dbf97c7cff7b52fcdad9dabb06971c835301f
                                                                                                                                                                  • Instruction ID: afd6f86e1ed7dc578beff9a6215ab27dc393fb41cabbec3b70aacfa27007612f
                                                                                                                                                                  • Opcode Fuzzy Hash: d8ebd7708255391ffa87ed53dd5dbf97c7cff7b52fcdad9dabb06971c835301f
                                                                                                                                                                  • Instruction Fuzzy Hash: EB014B72A196204B8308CE3C9C1112ABEE19B86330F158B2EBCFAD73E0D664CD548696
                                                                                                                                                                  Function 00ADB410 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 809ee23363f840c811a801533be2b64f834fb93f4c5a4ab9cc37b5a2fd812bb4
                                                                                                                                                                  • Instruction ID: 959b34a8e888b1c680245eed854272159688eedb7dff0890f3e40181517a0e2d
                                                                                                                                                                  • Opcode Fuzzy Hash: 809ee23363f840c811a801533be2b64f834fb93f4c5a4ab9cc37b5a2fd812bb4
                                                                                                                                                                  • Instruction Fuzzy Hash: BDF0A7F161451097DB22CA559C80B3BBBDCCB96354F1A0427E84657343D2615845C3F5
                                                                                                                                                                  Function 00AF8220 Relevance: .0, Instructions: 32COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 17970000033d2a7b39ddad8dae9a24528c50240c5b5a284bc964cf7576b2c3c5
                                                                                                                                                                  • Instruction ID: 139f3e34a903ab20305f2a8bd453e453b886d120189a354ced12a495062810c6
                                                                                                                                                                  • Opcode Fuzzy Hash: 17970000033d2a7b39ddad8dae9a24528c50240c5b5a284bc964cf7576b2c3c5
                                                                                                                                                                  • Instruction Fuzzy Hash: 0201E4B04107009FD360EF29C445757BFE8EB08714F004A1DE8AECB680D770A5448B82
                                                                                                                                                                  Function 00B01440 Relevance: .0, Instructions: 21COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: a4b5204e339133bf84330416a5308528dd9e98d6cb7a6fcb91640552a86da4e7
                                                                                                                                                                  • Instruction ID: 48a6b1441e06665e76daff333e88fc8009403ae50ebb5f1148150cdb63ee8d4b
                                                                                                                                                                  • Opcode Fuzzy Hash: a4b5204e339133bf84330416a5308528dd9e98d6cb7a6fcb91640552a86da4e7
                                                                                                                                                                  • Instruction Fuzzy Hash: 2ED0A7316083214ADF788E1DA40097BFBF0EAC7B11F49999EF586E3298D230DC41C6A9
                                                                                                                                                                  Function 00AD1ACD Relevance: .0, Instructions: 14COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: dc7078ae648d9df255172b88fc30b33188e714e5f7112c8976de8d0ff4a83c0b
                                                                                                                                                                  • Instruction ID: 22089d0534cee3762cfd32c032de5cf9a746957cba5920c401e4a80f259234c8
                                                                                                                                                                  • Opcode Fuzzy Hash: dc7078ae648d9df255172b88fc30b33188e714e5f7112c8976de8d0ff4a83c0b
                                                                                                                                                                  • Instruction Fuzzy Hash: 1BC01234A190028BC204CF00A8A557AB2B8A316308740A02AEA03F3B21CE20D4028909
                                                                                                                                                                  Function 00B06094 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 5ccf80f1df26fcb0b03638be42acd644e47baef41472f81f75475ce200af0baa
                                                                                                                                                                  • Instruction ID: 2062a3eea6dd958247d080e66ed5ad28d352a784c338b733617281ff308f8c4c
                                                                                                                                                                  • Opcode Fuzzy Hash: 5ccf80f1df26fcb0b03638be42acd644e47baef41472f81f75475ce200af0baa
                                                                                                                                                                  • Instruction Fuzzy Hash: 27C04C3465C040869548CE0499514B6E6E69A97A54664F059C80723695E528D512991C
                                                                                                                                                                  Function 00AD1A3C Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 4fd6b0dd89d2cf673fbbb937c60f5809aa5ffce3681448bf5883741fa1f65f10
                                                                                                                                                                  • Instruction ID: 0dbacd97c3a43c9fe873bb6b50024ec34269139c9ba339925c6c2718977be134
                                                                                                                                                                  • Opcode Fuzzy Hash: 4fd6b0dd89d2cf673fbbb937c60f5809aa5ffce3681448bf5883741fa1f65f10
                                                                                                                                                                  • Instruction Fuzzy Hash: AEC04C34B590418AC254CE85A8E1535B2B85316208710303A9A03F7761C960D4058509
                                                                                                                                                                  Function 00B05FD6 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                  • Source File: 00000000.00000002.2205303096.0000000000AC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00AC0000, based on PE: true
                                                                                                                                                                  • Associated: 00000000.00000002.2205139525.0000000000AC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2205815331.0000000000B20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206212196.0000000000B2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206281772.0000000000B2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2206828526.0000000000B2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209658796.0000000000C85000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209720481.0000000000C88000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209754407.0000000000CA2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209776525.0000000000CA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209800980.0000000000CA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209819367.0000000000CA6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209840369.0000000000CAD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209886380.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209909054.0000000000CC9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209947270.0000000000CDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209973259.0000000000CF1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2209998635.0000000000D06000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210016161.0000000000D0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210038953.0000000000D1B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210063858.0000000000D21000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210086224.0000000000D22000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210110290.0000000000D24000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210130421.0000000000D2B000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210155566.0000000000D2F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210175933.0000000000D37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210202594.0000000000D3B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210222919.0000000000D43000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210245726.0000000000D45000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210275285.0000000000D4C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210294958.0000000000D4E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210340268.0000000000D64000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D65000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210364508.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210446604.0000000000DA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210465720.0000000000DA7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210506037.0000000000DBA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210531869.0000000000DBD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DBE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210557905.0000000000DC5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210596615.0000000000DD3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  • Associated: 00000000.00000002.2210615536.0000000000DD4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                  • Snapshot File: hcaresult_0_2_ac0000_file.jbxd
                                                                                                                                                                  Similarity
                                                                                                                                                                  • API ID:
                                                                                                                                                                  • String ID:
                                                                                                                                                                  • API String ID:
                                                                                                                                                                  • Opcode ID: 59486144cd05a344b4fd44c09284d71e7f15c8a59bb98538cdd9ee6cab542b65
                                                                                                                                                                  • Instruction ID: 320523c2949902ea58f87fc483c223a88ada531723144fc7c17245755089cce0
                                                                                                                                                                  • Opcode Fuzzy Hash: 59486144cd05a344b4fd44c09284d71e7f15c8a59bb98538cdd9ee6cab542b65
                                                                                                                                                                  • Instruction Fuzzy Hash: 5FC09224B6C0008BA68CCF18DD519B6F2FA9B8BE18B54F02DC807B3256F938D512860C